MCP Governance Overview
| Field | Value |
|---|---|
| Document ID | ASCEND-MCP-001 |
| Version | 1.0.0 |
| Last Updated | December 19, 2025 |
| Author | Ascend Engineering Team |
| Publisher | OW-KAI Technologies Inc. |
| Classification | Enterprise Client Documentation |
| Compliance | SOC 2 CC6.1/CC6.2, PCI-DSS 7.1/8.3, HIPAA 164.312, NIST 800-53 AC-2/SI-4 |
Reading Time: 8 minutes | Skill Level: Advanced
Overview
ASCEND provides comprehensive governance for Model Context Protocol (MCP) servers, extending the same enterprise-grade security controls used for AI agents to MCP tool use. Every MCP server action is evaluated, approved, and audited using unified governance policies.
What is MCP?
Model Context Protocol (MCP) is a standard for AI models to interact with external tools and data sources. MCP servers provide capabilities like:
- File System Access - Read/write files
- Database Queries - Execute SQL queries
- API Calls - Interact with external services
- Code Execution - Run code in sandboxes
Why MCP Governance?
Without governance, MCP servers present significant security risks:
| Risk | Without Governance | With ASCEND |
|---|---|---|
| Unauthorized file access | Unrestricted | Risk-assessed + approved |
| Database manipulation | Open access | Policy-controlled |
| Sensitive data exposure | No protection | PII detection + masking |
| Compliance violations | Unknown | Audit trail + evidence |
MCP Governance Architecture
+---------------------------------------------------------------------------------+
| MCP GOVERNANCE SYSTEM |
+---------------------------------------------------------------------------------+
| |
| MCP CLIENT (Claude, etc.) |
| +-------------------------------------------------------------------------+ |
| | | |
| | Tool Request: filesystem.read_file("/etc/passwd") | |
| | | |
| +-------------------------------------------------------------------------+ |
| | |
| v |
| +-------------------------------------------------------------------------+ |
| | ASCEND MCP GATEWAY | |
| | | |
| | 1. Intercept MCP request | |
| | 2. Evaluate against policies | |
| | 3. Calculate risk score | |
| | 4. Route to approval workflow (if needed) | |
| | 5. Execute or deny | |
| | 6. Log to audit trail | |
| | | |
| +-------------------------------------------------------------------------+ |
| | |
| +-------------------+-------------------+ |
| | | |
| v v |
| +------------------+ +------------------+ |
| | AUTO-APPROVED | | PENDING APPROVAL | |
| | Risk < threshold | | Risk >= threshold| |
| | -> Execute | | -> Human review | |
| +------------------+ +------------------+ |
| | | |
| +-------------------+-------------------+ |
| | |
| v |
| +-------------------------------------------------------------------------+ |
| | MCP SERVER | |
| | - Filesystem - Database - API - Code Execution | |
| +-------------------------------------------------------------------------+ |
| |
+---------------------------------------------------------------------------------+
Unified Governance
ASCEND provides a unified governance model for both AI agents and MCP servers:
| Feature | AI Agents | MCP Servers |
|---|---|---|
| Risk Assessment | 0-100 score | 0-100 score |
| Policy Engine | Smart Rules | Smart Rules |
| Approval Workflow | Multi-level | Multi-level |
| Audit Trail | Immutable | Immutable |
| Kill Switch | Supported | Supported |
Unified Authorization Center
# Get all AI actions (agents + MCP) in unified view
curl "https://pilot.owkai.app/api/mcp-governance/actions/all?action_type_filter=all" \
-H "Authorization: Bearer <admin_jwt>"
Response:
{
"total": 25,
"actions": [
{
"id": "act_agent_001",
"action_type": "agent_action",
"title": "Agent trading-bot: trade_execution",
"risk_score": 65,
"status": "pending_approval"
},
{
"id": "act_mcp_001",
"action_type": "mcp_server_action",
"title": "Filesystem: read_file",
"server_id": "filesystem-server",
"namespace": "filesystem",
"verb": "read_file",
"risk_score": 45,
"status": "auto_approved"
}
]
}
MCP Action Evaluation
Evaluate MCP Action
curl -X POST "https://pilot.owkai.app/api/mcp-governance/evaluate" \
-H "Authorization: Bearer <jwt_token>" \
-H "Content-Type: application/json" \
-d '{
"server_id": "filesystem-server",
"namespace": "filesystem",
"verb": "read_file",
"resource": "/data/reports/financial.csv",
"parameters": {
"encoding": "utf-8"
},
"session_id": "session_abc123",
"client_id": "claude-desktop"
}'
Response:
{
"action_id": "mcp_act_xyz789",
"decision": "EVALUATE",
"status": "PENDING_APPROVAL",
"risk_score": 72,
"risk_level": "HIGH",
"requires_approval": true,
"approval_level": 3,
"reason": "Financial data access requires manager approval",
"estimated_review_time_minutes": 15
}
Decision Types
| Decision | Description | Action |
|---|---|---|
ALLOW | Auto-approved | Execute immediately |
DENY | Policy blocked | Return error |
EVALUATE | Human review needed | Queue for approval |
Risk Assessment
Risk Factors
# MCP-specific risk factors
MCP_RISK_FACTORS = {
"sensitive_path": {
"patterns": ["/etc/", "/var/secrets/", "*.pem", "*.key"],
"weight": 30
},
"write_operation": {
"verbs": ["write_file", "delete_file", "create_directory"],
"weight": 25
},
"database_mutation": {
"verbs": ["execute_query", "insert", "update", "delete"],
"weight": 35
},
"external_api": {
"namespaces": ["http", "api", "webhook"],
"weight": 20
},
"pii_detected": {
"data_types": ["ssn", "credit_card", "health_data"],
"weight": 40
}
}
Risk Score Calculation
Risk Score = Base Score + Sum(Applicable Risk Factors)
Example:
- Base Score: 20
- sensitive_path (/etc/): +30
- read_operation: +0
- Total: 50 (MEDIUM risk)
MCP Server Registration
Register Server
curl -X POST "https://pilot.owkai.app/api/mcp-governance/servers/register" \
-H "Authorization: Bearer <admin_jwt>" \
-H "Content-Type: application/json" \
-d '{
"server_id": "filesystem-server",
"server_name": "Filesystem Access Server",
"endpoint_url": "stdio://filesystem-server",
"trust_level": "restricted",
"capabilities": {
"namespaces": ["filesystem"],
"verbs": ["read_file", "write_file", "list_directory"]
}
}'
Trust Levels
| Level | Description | Default Approval |
|---|---|---|
trusted | Verified internal server | Auto-approve low risk |
restricted | Standard server | Evaluate medium+ risk |
sandbox | Untrusted/testing | Require approval for all |
List Servers
curl "https://pilot.owkai.app/api/mcp-governance/servers?active_only=true" \
-H "Authorization: Bearer <admin_jwt>"
Response:
{
"total": 3,
"servers": [
{
"server_id": "filesystem-server",
"server_name": "Filesystem Access Server",
"trust_level": "restricted",
"is_active": true,
"total_actions": 1250,
"failed_actions": 5,
"last_seen": "2025-12-15T10:30:00Z",
"capabilities": {
"namespaces": ["filesystem"],
"verbs": ["read_file", "write_file", "list_directory"]
}
}
]
}
Approval Workflow
Get Pending Actions
curl "https://pilot.owkai.app/api/mcp-governance/actions/pending?risk_level=HIGH" \
-H "Authorization: Bearer <admin_jwt>"
Approve/Deny Action
curl -X POST "https://pilot.owkai.app/api/mcp-governance/actions/mcp_act_xyz789/approve" \
-H "Authorization: Bearer <admin_jwt>" \
-H "Content-Type: application/json" \
-d '{
"action_id": "mcp_act_xyz789",
"approval_decision": "APPROVE",
"approval_reason": "Verified business need for financial report access"
}'
Analytics Dashboard
curl "https://pilot.owkai.app/api/mcp-governance/analytics/dashboard?time_range_hours=24" \
-H "Authorization: Bearer <admin_jwt>"
Response:
{
"time_range_hours": 24,
"summary": {
"total_actions": 1250,
"pending_approvals": 12,
"auto_approved": 1180,
"denied": 58
},
"risk_distribution": [
{"risk_level": "LOW", "count": 850},
{"risk_level": "MEDIUM", "count": 320},
{"risk_level": "HIGH", "count": 70},
{"risk_level": "CRITICAL", "count": 10}
],
"server_activity": [
{
"server_id": "filesystem-server",
"server_name": "Filesystem Access",
"total_actions": 800,
"avg_risk_score": 35.5
}
]
}
Real-Time Monitoring
WebSocket Connection
const ws = new WebSocket('wss://pilot.owkai.app/api/mcp-governance/ws/realtime');
ws.onmessage = (event) => {
const update = JSON.parse(event.data);
console.log('MCP Governance Update:', update);
// {
// type: 'mcp_governance_update',
// pending_actions: 12,
// high_risk_actions: 3,
// system_status: 'operational'
// }
};
Best Practices
1. Defense in Depth
# Layer multiple controls
{
"trust_level": "restricted",
"require_approval_by_default": True,
"path_allowlist": ["/data/public/", "/tmp/"],
"path_denylist": ["/etc/", "/var/secrets/"]
}
2. Least Privilege
# Grant minimum necessary capabilities
{
"capabilities": {
"verbs": ["read_file"], # No write access
"path_patterns": ["/data/reports/*"] # Specific paths only
}
}
3. Monitor and Alert
# Set up anomaly detection
{
"alerts": {
"high_risk_spike": True,
"new_path_access": True,
"unusual_hours": True
}
}
Next Steps
- MCP Policies - Configure governance policies
- Server Registration - Register MCP servers
- Unified Governance - Agents + MCP
Document Version: 1.0.0 | Last Updated: December 2025