[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-ping-identity-runtime-identity-ai-agents-zh":3,"article-related-ping-identity-runtime-identity-ai-agents-zh":31,"series-industry-1d631d43-4e7c-4915-bb30-15deb81a8695":76},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":23,"views":27,"created_at":28,"published_at":29,"topic_cluster_id":30},"1d631d43-4e7c-4915-bb30-15deb81a8695","ping-identity-runtime-identity-ai-agents-zh","Ping Identity 說對了：AI agents 需要 runtime …","\u003Cp data-speakable=\"summary\">\u003Ca href=\"\u002Ftag\u002Fai-agents\">AI agents\u003C\u002Fa> 的\u003Ca href=\"\u002Fnews\u002Fcloudflare-design-partner-program-security-wedge-zh\">安全\u003C\u002Fa>重點不是登入，而是執行當下是否仍被允許做這件事。\u003C\u002Fp>\u003Cp>Ping Identity 這次把 AWS、\u003Ca href=\"\u002Ftag\u002Fgoogle-cloud\">Google Cloud\u003C\u002Fa>、\u003Ca href=\"\u002Ftag\u002Fcloudflare\">Cloudflare\u003C\u002Fa> 串在一起，講的其實是一個很直接的事實：AI agents 會呼叫 API、操作工具、跨帳號、碰 MCP server，也會跑到 edge 上執行，所以一次登入根本不夠。若權限只在登入時檢查，後面的每一步都會出現「人是誰」和「現在能做什麼」之間的空窗。\u003C\u002Fp>\u003Ch2>第一個論點\u003C\u002Fh2>\u003Cp>傳統 IAM 是為使用者、服務帳號和相對穩定的應用程式設計的，不是為會自己串流程的 agents。agent 的行為是動態的：同一個 session 裡，它可以先查資料，再叫工具，接著寫回另一個系統。只要它在中途切換上下文，權限就必須在行動發生的當下重新判斷，而不是沿用幾分鐘前的登入結果。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781729275355-n3ag.png\" alt=\"Ping Identity 說對了：AI agents 需要 runtime …\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>市場也已經在往這個方向走。\u003Ca href=\"\u002Ftag\u002Fgoogle\">Google\u003C\u002Fa> Cloud 的 Agent Gateway、各種 MCP server、以及代理流量閘道的出現，都是因為企業知道「先驗證一次」不足以保護 agentic workflow。這些控制層的共同點很明確：把 policy 放到流量路徑上，在工具呼叫發生前做決策。這不是加分項，而是能否上線的最低門檻。\u003C\u002Fp>\u003Ch2>第二個論點\u003C\u002Fh2>\u003Cp>Ping 特別把 Cloudflare 拉進來，理由很充分，因為 edge 讓治理邊界變得更模糊。Cloudflare 宣稱其全球網路覆蓋 220 個城市，並支援 GPU \u003Ca href=\"\u002Ftag\u002Finference\">inference\u003C\u002Fa>，這代表 AI 推理和 agent 活動不再鎖在單一雲端帳戶或固定區域。當執行環境本身就是分散式的，靜態政策就會在工作流離開原平台的那一刻失明。\u003C\u002Fp>\u003Cp>AWS、Google Cloud、Cloudflare 這三者放在一起，正好說明 runtime identity 不是某一家雲的專屬功能，而是跨執行面的一致控管。AWS 管多帳號與工作負載，Google Cloud 管 agent 與工具流量，Cloudflare 管 edge 與稽核。這種組合比「先記錄、再追查」更接近真實世界的風險\u003Ca href=\"\u002Fnews\u002Fclaude-5-two-models-code-science-lead-zh\">模型\u003C\u002Fa>，因為它把 least privilege 放在真正發生動作的地方。\u003C\u002Fp>\u003Ch2>反方可能怎麼說\u003C\u002Fh2>\u003Cp>最強的反對意見不是說 runtime identity 沒價值，而是說企業已經有太多控制層了。IAM、PAM、CASB、policy engine、gateway、service mesh、雲端原生安全工具，全都在搶同一塊責任。對很多團隊來說，問題不是少了一個 identity 產品，而是整個授權鏈太複雜，新增一層只會讓 policy 重複、整合更脆弱、排障更痛苦。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781729269242-ipqk.png\" alt=\"Ping Identity 說對了：AI agents 需要 runtime …\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>另一個合理擔憂是，agent 專用控制可能過早過度設計。若每一次 tool call 都要即時做權限判斷，延遲和治理成本可能侵蝕 AI 自動化本來要帶來的效率。某些團隊會認為，先縮小 agent scope、加強 logging、限制高風險動作，就已經足夠，不必急著把所有呼叫都\u003Ca href=\"\u002Fnews\u002Fzvec-turns-local-vector-search-into-a-library-zh\">變成\u003C\u002Fa>即時授權問題。\u003C\u002Fp>\u003Cp>這些批評成立，但只適用於低風險場景，不能推翻 Ping 的核心主張。runtime identity 不需要一開始就覆蓋所有玩具型 agent；它應該先落在高權限、高敏感、高 blast radius 的工作流，例如能碰客戶資料、能花錢、能改 production 的 agents。對這些系統來說，先登入、後放行的舊模式已經不夠用，因為風險不是來自登入本身，而是來自登入之後的每一次動作。\u003C\u002Fp>\u003Ch2>你能做什麼\u003C\u002Fh2>\u003Cp>如果你是工程師或平台負責人，先把 agent identity 當成 runtime 設計問題，而不是產品簡報上的功能名詞。把每一個 agent action 對應到一個決策點，並在 gateway、tool layer 或 API boundary 上做 least privilege 控制；如果你是 PM 或創辦人，別再只賣「AI 可以接入」這種空泛能力，改成明確定義權限邊界、稽核軌跡和即時 policy check。真正能進 production 的，不是 agent 數量最多的團隊，而是能即時證明 agents 被允許做什麼的團隊。\u003C\u002Fp>","Ping Identity 的方向是對的：AI agents 不能只靠一次登入授權，必須在執行過程中持續做身份與權限判斷，才能跨雲端與邊緣維持安全。","press.pingidentity.com","https:\u002F\u002Fpress.pingidentity.com\u002F2026-06-16-Ping-Identity-Extends-Runtime-Identity-TM-for-AI-Agents-Across-AWS,-Google-Cloud,-and-Cloudflare",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781729275355-n3ag.png","industry","zh","7d929181-7ecd-492d-b2b6-ffaacf771cad",[17,18,19,20,21,22],"Ping Identity","runtime identity","AI agents","continuous authorization","cloud security","edge security",[24,25,26],"AI agents 不能只靠登入授權，必須在執行當下持續驗證權限。","跨雲端與 edge 的工作流，要求把 policy 放到流量與工具呼叫路徑上。","runtime identity 應優先用在高風險、高權限、高 blast radius 的 agents。",0,"2026-06-17T20:47:19.551771+00:00","2026-06-17T20:47:19.549+00:00","fe20f6f6-432b-47bf-a410-a5f516d885ed",{"tags":32,"relatedLang":35,"relatedPosts":39},[33],{"name":19,"slug":34},"ai-agents",{"id":15,"slug":36,"title":37,"language":38},"ping-identity-runtime-identity-ai-agents-en","Ping Identity is right: AI agents need runtime identity, not just log…","en",[40,46,52,58,64,70],{"id":41,"slug":42,"title":43,"cover_image":44,"image_url":44,"created_at":45,"category":13},"2455fdb3-eaa3-475a-a1e7-1cd98a1c6128","5-ai-agent-papers-worth-tracking-zh","5 個值得追蹤的 AI agent 論文主題","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781744565308-wtdy.png","2026-06-18T01:02:21.448394+00:00",{"id":47,"slug":48,"title":49,"cover_image":50,"image_url":50,"created_at":51,"category":13},"8156f591-efd9-45f5-b89e-4f06dcf971dc","openai-partner-network-delivery-strategy-zh","OpenAI 的合作夥伴網路不是 Logo 計畫，而是交付策略","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781741882570-0cji.png","2026-06-18T00:17:18.861629+00:00",{"id":53,"slug":54,"title":55,"cover_image":56,"image_url":56,"created_at":57,"category":13},"7d031983-0a6b-468c-a9f1-ba6c4fca3e4a","anthropic-ban-congress-regulate-frontier-ai-now-zh","Anthropic 禁令證明國會現在就該管制前沿 AI","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781740986023-pmch.png","2026-06-18T00:02:39.543846+00:00",{"id":59,"slug":60,"title":61,"cover_image":62,"image_url":62,"created_at":63,"category":13},"8254d2f3-59ce-44d6-a740-93e54aba463f","anthropic-safe-claude-mythos-5-access-tiers-zh","Claude Mythos 5 把存取變分級","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781734700812-p6zi.png","2026-06-17T22:17:53.175828+00:00",{"id":65,"slug":66,"title":67,"cover_image":68,"image_url":68,"created_at":69,"category":13},"8f52977f-de25-467a-a70b-bb02c0a02155","g7-should-treat-ai-ceos-as-power-brokers-not-guests-zh","G7 應把 AI 執行長當權力中介，而不是座上賓","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781733773410-fkdg.png","2026-06-17T22:02:20.879323+00:00",{"id":71,"slug":72,"title":73,"cover_image":74,"image_url":74,"created_at":75,"category":13},"dddfea90-03da-4038-8c51-22d2143f7b22","kucoin-ai-stack-blockchain-plumbing-zh","KuCoin 把 AI 變成區塊鏈管線","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1781730202032-k7a4.png","2026-06-17T21:02:56.987739+00:00",[77,82,87,92,97,102,107,112,117,122],{"id":78,"slug":79,"title":80,"created_at":81},"ee073da7-28b3-4752-a319-5a501459fb87","ai-in-2026-what-actually-matters-now-zh","2026 AI 真正重要的事","2026-03-26T07:09:12.008134+00:00",{"id":83,"slug":84,"title":85,"created_at":86},"83bd1795-8548-44c9-9a7e-de50a0923f71","trump-ai-framework-power-speech-state-preemption-zh","川普 AI 框架瞄準電力、言論與州權","2026-03-26T07:12:18.695466+00:00",{"id":88,"slug":89,"title":90,"created_at":91},"ea6be18b-c903-4e54-97b7-5f7447a612e0","nvidia-gtc-2026-big-ai-announcements-zh","NVIDIA GTC 2026 重點拆解","2026-03-26T07:14:26.62638+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"4bcec76f-4c36-4daa-909f-54cd702f7c93","claude-users-spreading-out-and-getting-better-zh","Claude 用戶更分散，也更會用","2026-03-26T07:22:52.325888+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"bd903b15-2473-4178-9789-b7557816e535","openclaw-raises-hard-question-for-ai-models-zh","OpenClaw 逼問 AI 模型價值","2026-03-26T07:24:54.707486+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"eeac6b9e-ad9d-4831-8eec-8bba3f9bca6a","gap-google-gemini-checkout-fashion-search-zh","Gap 把結帳搬進 Gemini","2026-03-26T07:28:23.937768+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"0740e53f-605d-4d57-8601-c10beb126f3c","google-pushes-gemini-transition-to-march-2026-zh","Google 把 Gemini 轉換延到 2026 年 3…","2026-03-26T07:30:12.825269+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"e660d801-2421-4529-8fa9-86b82b066990","metas-llama-4-benchmark-scandal-gets-worse-zh","Meta Llama 4 分數風波又擴大","2026-03-26T07:34:21.156421+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"183f9e7c-e143-40bb-a6d5-67ba84a3a8bc","accenture-mistral-ai-sovereign-enterprise-deal-zh","Accenture 攜手 Mistral AI 賣主權 AI","2026-03-26T07:38:14.818906+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"191d9b1b-768a-478c-978c-dd7431a38149","mistral-ai-faces-its-hardest-year-yet-zh","Mistral AI 迎來最硬的一年","2026-03-26T07:40:23.716374+00:00"]