SID-ACCESS-04 — SPOCP Policy-Based Query Authorization

Property	Value
Owner	platform
Category	technical
CSF Function	protect
Group	Access Control

Description

AuthZEN proxy queries authorized via SPOCP S-expression policy engine before forwarding to PDP. Prevents arbitrary trust evaluation requests from clients.

Components

Wallet Backend (Go)
Trust Service (AuthZEN)

Source References

go-wallet-backend/authz/spocp_authorizer.go

Framework Requirements

ISO 27001 Annex A: A.5.18, A.8.3

OWASP ASVS 4.0.3 Level 3: V1.4, V4.1, V13.1

STRIDE Threat Model: WB-E-3, VC-E-1, SP-T-1, SP-E-1

Description​

Components​

Source References​

Framework Requirements​

Description

Components

Source References

Framework Requirements