Be the first to like this
Access control in CESP is performed by CESP-Access. Once the user
has been uniquely identified his/her ability to access data or application
is checked. The PEP (policy Enforcement Point) is the gatekeeper that
collects data about the caller and the request. This data is the sent to
the Authorization Engine that performs this check. The Authorization
Engine uses the Axiomatic Policy Server to evaluate the policies.