Deployment and operational models
Responsibilities and interfaces
Policy Enforcement Point (PEP) — Secure Agent Gateway
- Input interface: HTTP/HTTPS requests with MCP protocol payload
- Authentication: Bearer tokens, client certificates, or OAuth flows
- Authorization: Policy evaluation request to PDP
- Output interface: Tool responses or structured denial messages
PEP locations and integrations:
- MCP Proxy Integration: pre-dispatch hook calls the Policy Engine; on allow=false, return structured 403 { message, deny, conditions }; on allow=true, route to local tools or upstream MCP servers.
- A2A Collaboration Integration: Collaboration Orchestrator consults the engine before initiating/forwarding inter-agent messages to enforce collaboration policies.
- Authentication Layer Integration: After credential validation, the auth layer can call the engine for fine-grained authorization based on roles/trust.
Policy Decision Point (PDP) — Policy Plane
- Input interface: Structured policy evaluation requests
- Processing: Policy evaluation with context (e.g., OPA/Rego)
- Caching: Redis-based decision caching for performance
- Output interface: Allow/deny decisions with reasoning
Policy Information Point (PIP) — Context Assembly
- Agent context: Identity, capabilities, trust level, metadata
- Tool context: Tool type, operation, data classification
- Environmental context: Time, location, business rules
- Intent signals and risk: Behavioral signals, risk dimensions, analyzer confidence, drift indicators
- Historical context: Previous interactions and violations