Execution Flow
FR EN

Zero-Trust · Distributed PEPs → Central PDP

The execution flow

A zero-trust request’s journey, from ingress to response, across the planes.

Control plane · PDP Observability 1 Request Ingress 2 Trust Establishment 3 Authentication 4 Authorization 5 Input Validation 6 Policy Enforcement 7 Action Execution 8 Audit Logging 9 Continuous Monitoring 10 Incident Response
Request flow (North-South) Control / policy flow (East-West) Telemetry / response flow
  1. 1

    Request Ingress

    Request enters (user, app, or AI agent).

  2. 2

    Trust Establishment

    Establish the trust channel (mTLS, posture).

  3. 3

    Authentication

    Authenticate the human or non-human identity.

  4. 4

    Authorization

    Authorization decision by the PDP (policy + risk).

  5. 5

    Input Validation

    Input validated by guardrails (prompt, intent).

  6. 6

    Policy Enforcement

    Policies enforced by the PEPs (tool scope).

  7. 7

    Action Execution

    Execution (model, tools) at least privilege.

  8. 8

    Audit Logging

    Immutable logging of the request and decision.

  9. 9

    Continuous Monitoring

    Continuous anomaly and abuse detection.

  10. 10

    Incident Response

    Response and remediation (continuous revocation, CAE).