Gatekeepers of Trust: Exploring PEP & PDP in the TANGO Architecture

In this technical video, Natalia Borgoños Garcia from the University of Murcia provides a comprehensive overview of two key components in the TANGO architecture: the Policy Enforcement Point (PEP) and the Policy Decision Point (PDP). These components are essential for managing access control in decentralized data sharing environments.

Natalia explains how the PEP and PDP work together to ensure that only authorized users can access specific resources. She walks through the access control flow – from user authentication using verifiable credentials to the issuance and validation of access and capability tokens. The video also explores the internal logic of these components, the technologies used (Java and Spring Boot), their deployment in Kubernetes, and real-life test cases involving policy-based access to IoT data.

Whether you're interested in secure data exchange, identity-based access control, or the technical foundations of TANGO, this video offers valuable insights into how trust and governance are enforced at runtime.