🔧 Abbreviations Reference
Quick reference for common PBAC and Control Core abbreviations used across product UI, APIs, and documentation.
🛡️ Core Authorization Terms
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| PBAC | Policy-Based Access Control | Access model where decisions are driven by policies and runtime context. |
| ABAC | Attribute-Based Access Control | Access control based on user/resource/environment attributes. |
| RBAC | Role-Based Access Control | Access control based on user roles. Often combined with PBAC. |
| ReBAC | Relationship-Based Access Control | Access based on graph/relationship context. |
| PAP | Policy Administration Point | Control Plane authoring and management layer for policies. |
| PDP | Policy Decision Point | Decision engine that evaluates policy requests. |
| PEP | Policy Enforcement Point | Runtime enforcement component (Control Core Bouncer). |
| PIP | Policy Information Point | Source of external/contextual attributes used during decisions. |
| OPA | Open Policy Agent | Policy engine used for policy evaluation. |
| Rego | Rego Policy Language | Policy language used to define authorization rules. |
📌 Control Core Platform Terms
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| UI | User Interface | Control Plane web console. |
| API | Application Programming Interface | Programmatic interfaces exposed by control-plane-api. |
| SDK | Software Development Kit | Generated/custom client libraries using OpenAPI schema. |
| CP | Control Plane | Hosted/self-hosted management plane for policies and governance. |
| CC | Control Core | Product shorthand used in code and docs. |
| MVP | Minimum Viable Product | Baseline production-ready feature set. |
| IDE | Integrated Development Environment | VS Code, JetBrains, Cursor workflows via APIs. |
| CI/CD | Continuous Integration / Continuous Delivery | Automation pipelines for policy/test/deploy workflows. |
| SSO | Single Sign-On | Identity provider login integration for users. |
| MFA | Multi-Factor Authentication | Additional verification factors for authentication and approvals. |
| JIT | Just-In-Time (Access) | Time-bound privilege elevation/approval pattern. |
📌 Bouncer and Runtime Terms
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| Bouncer | Control Core PEP | Request interception and authorization enforcement service. |
| Policy Bridge | Open Policy Administration Layer | Policy distribution/synchronization layer for runtime updates. |
| WSS | WebSocket Secure | Transport protocol used for secure policy/runtime event streams. |
| TTL | Time To Live | Cache/data expiration setting. |
| QoS | Quality of Service | Throughput/latency/reliability behavior targets. |
| RPS | Requests Per Second | Throughput measure for runtime APIs and bouncers. |
| SLO | Service Level Objective | Reliability/performance target for operations. |
| SLA | Service Level Agreement | Contractual service availability/reliability commitment. |
🤖 AI / Context / Advanced Features
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| LLM | Large Language Model | AI model used in AI Gateway/AI Pilot and policy assistant workflows. |
| RAG | Retrieval-Augmented Generation | Pattern using indexed context data with LLM prompts. |
| AI | Artificial Intelligence | General AI feature group in Control Core. |
| SIEM | Security Information and Event Management | External logging/alert destination for action workflows. |
| DLP | Data Loss Prevention | Policy and response modification pattern to prevent data leakage. |
| PII | Personally Identifiable Information | Sensitive personal data frequently used in masking/redaction policies. |
| PHI | Protected Health Information | Healthcare-sensitive data class for compliance policies. |
| DPIA | Data Protection Impact Assessment | Compliance assessment context for data controls. |
🚀 Deployment / Infrastructure Terms
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| K8s | Kubernetes | Container orchestration target for Enterprise deployment. |
| HA | High Availability | Multi-instance resilient deployment configuration. |
| LB | Load Balancer | Traffic distribution across services/bouncers. |
| DNS | Domain Name System | Domain routing for Control Plane and docs hosts. |
| TLS | Transport Layer Security | HTTPS/WSS encryption standard for runtime/control traffic. |
| JWT | JSON Web Token | Bearer token format for authenticated API access. |
| CRUD | Create, Read, Update, Delete | Basic resource lifecycle operation pattern. |
🔒 Compliance and Governance Terms
| Abbreviation | Expansion | Meaning in Control Core |
|---|---|---|
| SOC 2 | Service Organization Control 2 | Security/compliance framework supported by audit controls. |
| GDPR | General Data Protection Regulation | EU data protection regulation addressed by policies/auditing. |
| HIPAA | Health Insurance Portability and Accountability Act | Healthcare compliance context for policy controls. |
| PCI DSS | Payment Card Industry Data Security Standard | Payment security controls and compliance use cases. |
| ISO 27001 | Information Security Management Standard | Security governance framework relevant to deployment controls. |
| NIST | National Institute of Standards and Technology | Security framework references used in policy baselines. |
If you want, next we can split this into:
- Platform Abbreviations
- Security/Compliance Abbreviations
- API/Developer Abbreviations
to make this reference even faster to scan.