policy enforcement point (PEP)

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

We are building a provable archive!
A lock ( Dot gov ) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

PEP

Definition(s):

A system entity that requests and subsequently enforces authorization decisions.
Source(s):
CNSSI 4009-2015 NISTIR 7657

Mechanism (e.g., access control mechanism of a file system or Web server) that actually protects (in terms of controlling access to) the resources exposed by Web services.
Source(s):
NIST SP 800-95 under Policy Enforcement Point (PEP) OASIS: A Brief Introduction to XACML

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

policy enforcement point (PEP)

Glossary Comments