Zero Trust Policy Engine
Status
Prototype
Maturity
Static policy model with decision table
Evidence
Decision logic documented · Interactive simulator planned
Next
Wire up interactive policy toggle UI
Architecture
Problem Statement
Traditional perimeter-based access control assumes internal network location implies trust. Modern enterprise environments — remote work, SaaS, multi-cloud, contractor access, service-to-service calls — have no meaningful perimeter. Every access request, regardless of origin, must be evaluated against explicit policy conditions.
Policy Model
Access is granted only when all applicable conditions evaluate to true. Any single condition failure results in an explicit deny with a logged reason. The model covers both human and service account actors, with scope enforcement applying only to non-human identities.
Condition 1
Identity active
Account exists, is not disabled, and is not suspended in the directory
Condition 2
MFA satisfied
A valid second factor was presented and verified within the session
Condition 3
Role valid
The actor holds a role that grants access to the requested resource
Condition 4
Token valid
Presented access token is not expired, not revoked, and signature is valid
Condition 5
Risk acceptable
Risk score for this access context is below the configured threshold
Condition 6
Scope assigned
For service accounts: requested resource is within the assigned OAuth2 scope set
Decision Logic
// Policy evaluation (pseudocode)
ALLOW if:
identity_active == true
AND mfa_satisfied == true (humans only)
AND role_valid == true
AND token_valid == true
AND risk_score < threshold
AND scope_assigned == true (service accounts only)
DENY otherwise — log reason explicitly
Decision Table
| Actor | Role | Resource | MFA | Token | Scope | Risk | Decision | Reason |
|---|---|---|---|---|---|---|---|---|
| Alice | Engineer | Admin API | No | Valid | N/A | Low | Denied | MFA not satisfied |
| Bob | Operator | Tenant Dashboard | Yes | Valid | N/A | Low | Allowed | All conditions met |
| Carol | Admin | User Directory | Yes | Valid | N/A | Low | Allowed | Full policy pass |
| ServiceBot | Service Account | Billing API | N/A | Valid | Missing | Low | Denied | Required scope not assigned |
| Legacy App | Service Account | SCIM API | N/A | Expired | Assigned | Low | Denied | Token expired |
| Contractor | External | Audit Logs | Yes | Valid | N/A | High | Denied | Risk score too high |
Employer Value
Risk reduced
Excessive access, undetected anomalies
Operational value
Consistent, auditable access decisions across all identity types
IAM domain
Zero Trust architecture, policy enforcement, adaptive access
Seniority signal
Thinks in policies, not permissions
Evidence
Policy model documentation
[ Documented above ]
Decision table
[ Documented above ]
Interactive simulator
[ Demo pending ]
GitHub repository
[ Repo pending ]