A component in security framework that evaluates access requests against predefined security or privacy policies and returns an authorization decision.
PDP ensures all activities within a system are compliant with established policies (even with very complex ones) and provides a centralized point for decision-making.
In the access control context, PDP cannot effectively function without PEP in a framework since their roles are complementary. PDP receives an access request from PEP; performs an evaluation against the predefined policies; makes a decision (usually permix X deny); sends the decision back to PEP which then enforces the decision.