Term · 25. Access Control — Additional Terms
Policy Information Point PIP
Definition
A Policy Information Point (PIP) is an access control component that acts as the retrieval source for attributes and other contextual data required for policy evaluation by a Policy Decision Point (PDP). It typically exposes repositories, directories, resource adapters, or telemetry feeds that supply subject, resource, action, and environment attributes at decision time. In products such as midPoint, PIP functionality is implemented by the identity repository and connected resources that provide attribute data to the authorization engine rather than by a separate standalone component.
Related terms
-
Access Object
Access Object — a unit of an information resource for which access is regulated by access control rules. May be a file, …
-
Access Subject
Access Subject — a person or process whose actions are regulated by access control rules to information system objects. …
-
AuthZEN
OpenID Foundation working group standardising a uniform API for authorization decisions across heterogeneous Policy Deci …
-
Forrester Zero Trust (originator framework) (ZTX)
Originated by Forrester analyst John Kindervag in 2010 as «No more chewy centers — abolish the trusted network», Zero Tr …
-
NIST RBAC
NIST RBAC Standard — INCITS 359-2012 (Role-Based Access Control). Defines four RBAC variants: Flat RBAC (basic roles+use …
-
Policy Administration Point (PAP)
A Policy Administration Point (PAP) is the system entity in XACML/ABAC architectures that creates and manages authorizat …