Policy Enforcement Point (PEP)

A component in security framework that enforces access control policies by intercepting access requests to resources and by keeping control on whether to grant or deny those requests, based on predefined security and compliance rules.

PEP in security frameworks acts as a gatekeeper ensuring that only authorized users or systems can access sensitive data or services, while enforcing principles such as least privilege, user authentication and policy-driven authorization.

Though PEP can function on its own in a framework, its functionality would be significantly limited in such set-up (e.g. pre-defined, static rules or ACLs to determine whether the access is granted or not). To ensure a high level of security, compliance and operational efficiency, PEP typically works in conjuction with PDP (Policy Decision Point).