Identity & Policy / Policy Decision Point (PDP)
FR EN

Identity & Policy

Policy Decision Point (PDP)

The heart of Zero-Trust: it renders the authorization decision (permit / deny / permit-with-obligations) that the distributed PEPs enforce.

Plane
Identity & Policy
Flow steps
4 · 6 · 10
Frameworks
NIST 800-53 · 800-207 · XACML 3.0 · OWASP LLM06 · NIST AI 600-1 · MITRE ATLAS

Technology

Why use it

Centralize and externalize authorization logic out of applications and agents, to decide consistently 'who can do what, in which context'.

Why it matters to security

It is the single place where least privilege and risk evaluation apply. Without a PDP, each application re-implements — often poorly — authorization: the root cause of excessive agency.

Implementations Open Policy Agent (OPA / Rego)AWS Cedar / Verified PermissionsOpenFGAXACML 3.0 engines

Deny by default. A valid session is not standing authorization: every sensitive action is re-evaluated.

Recommendations by maturity tier

Hover a recommendation for its explanation · each one carries its control number

Foundation

Minimum viable baseline
  • Externalize the authorization decision out of code and agents.
    NIST 800-53 AC-3 · AC-24NIST 800-207 §3.1OWASP LLM06:2025
    No access rules in a prompt, tool or service: the decision is made in one governed place.
  • Distinct identity per caller, roles evaluated on every call (RBAC).
    NIST 800-53 AC-2 · AC-3 · IA-2
    Authorization is checked on every request, not once at session start.
  • Deny by default, with an immutably logged verdict.
    NIST 800-53 AC-3 · AU-9 · AU-12
    Any request without an explicit match is rejected, and every decision stays traceable.

Enterprise

Enterprise standard
  • Context-aware ABAC consuming the PIP's attributes.
    NIST 800-53 AC-16 · AC-3XACML 3.0 §5
    Posture, risk, sensitivity and agent scope all enter the decision.
  • Policy-as-code, versioned and reviewed before publishing.
    NIST 800-53 CM-3 · AC-5NIST AI 600-1 GV-1.3-001
    The decision follows a governed policy, not opaque application code.
  • Obligation-bearing decisions: 'permit-with-obligations'.
    XACML 3.0 ObligationsOWASP LLM06:2025
    Redaction, rate/cost caps, human approval: richer than a bare yes/no.

Advanced

High-assurance / regulated
  • Continuous authorization with near real-time revocation (CAE / CAEP).
    NIST 800-53 AC-12NIST 800-207 §2.1
    A risk signal invalidates a live session without waiting for token expiry.
  • Risk-adaptive access (verdict and obligations by score).
    NIST 800-53 SI-4NIST 800-207 §3.3
    The decision hardens automatically as aggregate risk rises.
  • Explainable decisions, retained for investigation and evidence.
    NIST 800-53 AU-3 · AU-12MITRE ATLAS AML.T0051
    Retain the attributes and triggering rule: 'why this decision'.

Architecture notes

  • Start with clear RBAC before ABAC.details ▸
    A simple model enforced well beats a rich model enforced poorly.
    ABAC multiplies decision paths; without a clean role inventory it hides over-broad access.
  • Measure the gap between declared and enforced policy.details ▸
    A PDP that not every PEP enforces is not a control — it is the illusion of one.
    Compare the PAP's policy against what each PEP enforces: local opt-outs, stale versions, uninstrumented PEP.

References

NIST SP 800-207 §3.1
Policy Engine / Policy Administrator: the logical PDP and the trust algorithm.
XACML 3.0
PDP/PEP/PIP/PAP architecture and the Obligations / Advice mechanism.
OWASP LLM06:2025
Excessive Agency: authorization is the first-line countermeasure.
NIST AI 600-1
GV-1.3 (risk tiers), GV-3.2 (oversight), MS-2.7 (security & resilience).
NIST SP 800-53 Rev5
AC-3, AC-6, AC-16, AC-24 (Access Control Decisions), AC-25 (Reference Monitor), AU-2/9/12, AC-12, SI-4.
MITRE ATLAS — AML.T0051
Prompt injection → privilege escalation: the unauthorized-action vector that authorization must contain.

Abbreviations

PDP
Policy Decision Point
PEP
Policy Enforcement Point
PIP
Policy Information Point
PAP
Policy Administration Point
IdP
Identity Provider
TSS
Token Service
NHI
Non-Human Identity
RBAC
Role-Based Access Control
ABAC
Attribute-Based Access Control
MFA
Multi-Factor Authentication
HITL
Human-in-the-loop
JIT
Just-In-Time
CAE
Continuous Access Evaluation
CAEP
Continuous Access Evaluation Profile
DPoP
Demonstrating Proof-of-Possession
mTLS
mutual TLS
PII
Personally Identifiable Information
KMS
Key Management Service
CI/CD
Continuous Integration / Continuous Delivery
SIEM
Security Information and Event Management
SOAR
Security Orchestration, Automation and Response
SCIM
System for Cross-domain Identity Management
XACML
eXtensible Access Control Markup Language
OPA
Open Policy Agent
OWASP
Open Worldwide Application Security Project
NIST
National Institute of Standards and Technology
ATLAS
Adversarial Threat Landscape for Artificial-Intelligence Systems
LLM
Large Language Model
WAF
Web Application Firewall
CDN
Content Delivery Network
DDoS
Distributed Denial of Service
DLP
Data Loss Prevention
JWT
JSON Web Token
API
Application Programming Interface
CRS
Core Rule Set (OWASP)
RAG
Retrieval-Augmented Generation
MCP
Model Context Protocol
PBAC
Permission-Based Access Control
HSM
Hardware Security Module
UEBA
User and Entity Behavior Analytics
SBOM
Software Bill of Materials
SLSA
Supply-chain Levels for Software Artifacts
WORM
Write Once, Read Many
SPIFFE
Secure Production Identity Framework For Everyone