Axiomatics Policy Enforcement Points
A Policy Enforcement Point (PEP) is the trusted component in the XACML architecture that enforces the decisions made by a Policy Decision Point. A PEP is located and run closely to the application that hosts the protected resource. A PEP can be as simple as an IF statement in the application, or as advanced as an agent running on an application server or a filter in an XML-gateway that intercepts access requests, gathers necessary data (attributes) for access decisions, collects access decisions and implements these decisions.
Axiomatics develops and provides a range of PEPs. Currently, there are a number of ready to use PEPs for application servers such as J2EE and .NET ASP. Axiomatics .NET ASP also has a support for Microsoft Active Directory Federation Services 2.0 (earlier called Geneva) claims. The Geneva modules gather claims and translate them into XACML attributes which are then, together with access requests, submitted to Axiomatics Policy Server for access decisions.
Axiomatics also provides PEPs for a number of XML-gateways. For more information and inquiries regarding our PEPs contact .