Components and Services

Authorization, Policy, Entity Resolution, Key Access, and a comprehensive command line are the key elements that make up the OpenTDF platform. These components work together to enforce attribute-based access control, manage cryptographic keys, and support secure data sharing through the use of the Trusted Data Format (TDF).

📄️ Authorization Service

The Authorization service makes access decisions based on Attribute-Based Access Control (ABAC) policies and evaluates subject mappings and attribute definition rules to determine allowed actions on attribute values for specified entities.

🗃️ Core Components

1 item

🗃️ Policy

8 items

🗃️ CLI - otdfctl

8 items

📄️ Entity Resolution Service

The entity resolution service is an IdP-specific service that interacts with the Identity Provider (IdP) to retrieve information about entities required by the Authorization service.

📄️ Key Access Service

The Key Access Server (KAS) manages the lifecycle of cryptographic keys and provides access to these keys for the encryption and decryption of TDFs. KAS serves as an out-of-the-box Policy Enforcement Point (PEP) for the OpenTDF platform.