Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

A component in security framework that evaluates access requests against predefined security or privacy policies and returns an authorization decision.

PDP ensures all activities within a system are compliant with established policies (even with very complex ones) and provides a centralized point for decision-making.

In the access control context, PDP cannot effectively function without PEP (Policy Enforcement Point) in a framework since their roles are complementary. PDP receives an access request from PEP; performs an evaluation against the predefined policies; makes a decision (usually permix X deny); sends the decision back to PEP which then enforces the decision.

  • No labels