Istio is a service mesh implementation developed by Google, Lyft, and IBM. It’s open source, and the most popular service mesh implementation. Istio offers service components that can control the communication to and between services. More precisely, which pods running service A can reach pods running service B.
This by itself is not enough, authorization policies should also consider the identities that are operating within those services and what they are trying to do. So while Istio supports enforcement of access control policies, the question still remains how and where they are managed and deployed.