SID-ACCESS-04 — SPOCP Policy-Based Query Authorization
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Access Control |
Description
AuthZEN proxy queries authorized via SPOCP S-expression policy engine before forwarding to PDP. Prevents arbitrary trust evaluation requests from clients.
Components
- Wallet Backend (Go)
- Trust Service (AuthZEN)
Source References
Audit Findings
| Finding | Severity | Status |
|---|---|---|
| ISO-O-11 — Partial access rights management | low | open |