Introduction#
Policies are the decision-making framework within Privicore that determines when operations require authorization, which voting configurations to apply, and how different workflows should be controlled. Policies enable automated, rule-based governance of system operations based on context, user attributes, and security requirements.What Are Policies?#
A Policy is a set of rules that:Evaluates operations as they occur in the system
Determines whether an operation requires additional authorization
Triggers voting workflows when authorization is needed
Applies specific voting configurations to different operation types
Enables automated decision-making based on predefined criteria
Policy Architecture#
Policy Evaluation Flow#
Operation Initiated (e.g., login, data upload, account change)
↓
Policy Engine Evaluates Active Policies
↓
Does Policy Match Operation? → No → Operation Proceeds
↓ Yes
Policy Requires Voting? → No → Operation Proceeds
↓ Yes
Create Poll with Configured Voting Parameters
↓
Distribute Ballots to Authenticators
↓
Collect Votes
↓
Resolve Poll According to Strategy
↓
Operation Proceeds or Fails Based on Outcome
Policy Components#
Policy Template#
A policy template is a predefined policy structure provided by Privicore that addresses common authorization scenarios. Templates include:Preconfigured rules and conditions
Recommended voting configurations
Registered Policy#
A registered policy is a policy created from a template (or custom-built) and configured with specific parameters for your profile. Registered policies can be:Active: Currently evaluating operations and triggering workflows
Inactive: Registered but not currently enforcing rules
Policy Conditions#
Policies evaluate conditions to determine if they should trigger:Operation type: What action is being performed (login, data exchange, account modification)
User attributes: Profile characteristics, security classifications, roles
Context: Location, time, device, network conditions
Data attributes: Classification, size, sensitivity level
Policy Lifecycle#
Browse Policy Templates → Select Template
↓
Register Policy → Configure Parameters
↓
Policy Created (Inactive by Default)
↓
Activate Policy → Begins Evaluating Operations
↓
Policy Triggers Voting When Conditions Match
↓
Deactivate Policy (optional) → Stops Evaluation
↓
Delete Policy (optional) → Permanent Removal
Policy Use Cases#
Multi-Factor Authentication#
Scenario: Require additional authentication when logging in from new locations.Trigger: Login operation from unrecognized location
Voting Configuration: Affirmative strategy (single approval)
Authenticators: User's registered phone and laptop
1.
User attempts login from new location
2.
Policy detects unrecognized location
3.
Ballots sent to user's Authenticators
High-Security Data Operations#
Scenario: Require unanimous approval for data classified as "top-secret".Trigger: Data token exchange with "top-secret" classification
Voting Configuration: Unanimous strategy
Authenticators: All registered Authenticators
1.
Application attempts to exchange top-secret data for token
2.
Policy detects security classification
3.
Ballots sent to all Authenticators
4.
All devices must approve within 5 minutes
5.
Data exchange proceeds only if all approve
Account Modification Protection#
Scenario: Require majority approval for critical account changes.Trigger: Password change, email change, or account deletion
Voting Configuration: Consensus strategy (majority)
Authenticators: All registered Authenticators
1.
User initiates account modification
2.
Policy detects critical operation
3.
Ballots sent to all Authenticators
4.
Majority must approve within 3 minutes
5.
Account change proceeds if majority approves
Time-Based Access Control#
Scenario: Require approval for data access outside business hours.Trigger: Data token request outside 9am-5pm
Voting Configuration: Affirmative strategy
Authenticators: Manager's Authenticator devices
1.
User requests data at 8pm
2.
Policy detects out-of-hours access
3.
Ballots sent to manager's devices
4.
Manager approves or rejects
5.
Data access proceeds based on manager's decision
Automated Approval Based on Context#
Scenario: Automatically approve low-risk operations, require voting for high-risk.Trigger: Data token exchange
Condition: If data size < 1MB and classification = "internal"
Action: Auto-approve (no voting)
Else: Trigger voting with consensus strategy
1.
Application exchanges data for token
2.
Policy evaluates data size and classification
3.
If low-risk: operation proceeds automatically
4.
If high-risk: voting workflow triggered
Policy Management Operations#
List Policy Templates#
Browse available policy templates provided by Privicore to find suitable starting points for your authorization requirements.Register Policy#
Create a new policy from a template or custom configuration, defining the rules and voting configurations for specific operations.List Active Policies#
View all policies currently enforcing authorization rules and triggering voting workflows.List Inactive Policies#
View registered policies that are not currently active but can be activated when needed.Activate Policy#
Enable a registered policy to begin evaluating operations and triggering voting workflows.Deactivate Policy#
Disable an active policy, preventing it from evaluating operations without deleting the policy configuration.Delete Policy#
Permanently remove a registered policy from your profile.List Registered Policies#
View all policies (both active and inactive) registered under your profile.Retrieve Registered Policy#
Get detailed configuration for a specific policy, including rules, conditions, and associated voting configurations.Policy State Management#
Policies exist in one of three states:Template State#
Available policy templates that can be instantiated. Templates are read-only and provided by Privicore.Inactive State#
Registered policies that are configured but not currently evaluating operations. Inactive policies:Do not trigger voting workflows
Can be activated at any time
Are useful for temporarily suspending policies without losing configuration
Active State#
Registered policies that are currently enforcing rules. Active policies:Evaluate all matching operations
Trigger voting workflows when conditions are met
Apply configured voting parameters
Can be deactivated to suspend enforcement
Policy Priority and Conflicts#
When multiple active policies match the same operation:Priority Ordering: Policies may have priority levels determining evaluation order
First Match: First matching policy triggers (default behavior)
Multiple Triggers: Multiple policies can trigger for the same operation (advanced configuration)
Conflict Resolution: System-defined rules resolve conflicts between policies
Integration with Voting Configurations#
Policies reference voting configurations to determine authorization parameters:Policy Matches Operation
↓
Policy References Voting Configuration
↓
Voting Configuration Provides:
- Strategy (unanimous, consensus, etc.)
- Time Limit
- Quorum Size
- Authenticator Selection
↓
Poll Created with These Parameters
Reusable Configurations: One voting configuration used by multiple policies
Centralized Management: Update voting parameters in one place
Flexible Authorization: Different operations use different approval requirements
Security Considerations#
Policies enable fine-grained access control based on operation context
Active policies automatically enforce authorization without manual intervention
Deactivate policies to temporarily suspend rules without losing configuration
Test policies in inactive state before activation
Multiple policies can create complex authorization requirements - design carefully
Policies with overly restrictive conditions may block legitimate operations
Balance security (strict policies) with usability (flexible policies)
Monitor policy triggers and voting outcomes for security auditing
Policy Best Practices#
Start with Templates#
Use provided policy templates as starting points rather than creating policies from scratch. Templates incorporate security best practices and common patterns.Test Before Activating#
Register policies in inactive state, verify configuration, then activate when ready.Use Descriptive Names#
Name policies clearly to indicate their purpose (e.g., "login-mfa-policy", "top-secret-data-policy").Monitor Policy Impact#
Track how often policies trigger and voting outcomes to ensure policies achieve intended security goals without excessive friction.Layer Security#
Use multiple policies for defense in depth - different policies for different operation types and security levels.Document Policy Intent#
Maintain documentation explaining why policies exist and what threats they address.