Policy Decision Point (PDP)

Definition

The PDP, Policy Decision Point, is in charge of evaluating the defined rules. The Policy Decision Point is essentially a policy compiler. The PDP must verify that the specified rules are within the scope of the rule authors authority. The PDP provides the authorization to the PEP.

XACML Policy Management

The policy language is used to describe general access control requirements, and has standard extension points for defining new functions, data types, combining logic, etc. The request/response language lets you form a query to ask whether or not a given action should be allowed, and interpret the result.

It is possible to import an existing PolicySet into the system. The file to import must be a well-formed XML.

To know more about XACML, read XACML 2.0 Standard Specification

Policy set
Policy
Policy set reference
Policy reference

https://www.oasis-open.org/committees/download.php/2713/Brief_Introduction_to_XACML.html

XACML Editor

Policy set

Policy

Policy reference

Policy set reference

Target

Rules

Variables

Obligations

Conditions

Expressions

Example Web PEP

Example Role centric PEP

Example Dynamic role PEP

Example Password Vault PEP

Policy Decision Point (PDP)

Definition

XACML Policy Management

XACML Editor

Policy set

Policy

Policy reference

Policy set reference

Target

Rules

Variables

Obligations

Conditions

Expressions

Example Web PEP

Example Role centric PEP

Example Dynamic role PEP

Example Password Vault PEP

Policy Decision Point (PDP)

Definition

XACML Policy Management

Related objects