diff --git a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DescriptionCensor.java b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DescriptionCensor.java
index 3b1bb2a92..15ee3aae7 100644
--- a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DescriptionCensor.java
+++ b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DescriptionCensor.java
@@ -2,7 +2,9 @@ package eu.eudat.model.censorship;
 
 import eu.eudat.authorization.Permission;
 import eu.eudat.convention.ConventionService;
+import eu.eudat.model.Description;
 import gr.cite.commons.web.authz.service.AuthorizationService;
+import gr.cite.tools.data.censor.CensorFactory;
 import gr.cite.tools.fieldset.FieldSet;
 import gr.cite.tools.logging.DataLogEntry;
 import gr.cite.tools.logging.LoggerService;
@@ -21,9 +23,12 @@ public class DescriptionCensor extends BaseCensor {
 
     protected final AuthorizationService authService;
 
-    public DescriptionCensor(ConventionService conventionService, AuthorizationService authService) {
+    protected final CensorFactory censorFactory;
+
+    public DescriptionCensor(ConventionService conventionService, AuthorizationService authService, CensorFactory censorFactory) {
         super(conventionService);
         this.authService = authService;
+        this.censorFactory = censorFactory;
     }
 
     public void censor(FieldSet fields, UUID userId) {
@@ -32,6 +37,9 @@ public class DescriptionCensor extends BaseCensor {
             return;
 
         this.authService.authorizeForce(Permission.BrowseDescription);
+
+        FieldSet dmpFields = fields.extractPrefixed(this.asIndexerPrefix(Description._dmp));
+        this.censorFactory.censor(DmpCensor.class).censor(dmpFields, userId);
     }
 
 }
diff --git a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpCensor.java b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpCensor.java
index 11b50eb24..216572666 100644
--- a/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpCensor.java
+++ b/dmp-backend/core/src/main/java/eu/eudat/model/censorship/DmpCensor.java
@@ -2,6 +2,7 @@ package eu.eudat.model.censorship;
 
 import eu.eudat.authorization.Permission;
 import eu.eudat.convention.ConventionService;
+import eu.eudat.model.Dmp;
 import gr.cite.commons.web.authz.service.AuthorizationService;
 import gr.cite.tools.data.censor.CensorFactory;
 import gr.cite.tools.fieldset.FieldSet;
@@ -21,6 +22,7 @@ public class DmpCensor extends BaseCensor {
     private static final LoggerService logger = new LoggerService(LoggerFactory.getLogger(DmpCensor.class));
 
     protected final AuthorizationService authService;
+
     protected final CensorFactory censorFactory;
 
     public DmpCensor(ConventionService conventionService,
@@ -37,6 +39,9 @@ public class DmpCensor extends BaseCensor {
             return;
 
         this.authService.authorizeForce(Permission.BrowseDmp);
+
+        FieldSet dmpDescriptionsFields = fields.extractPrefixed(this.asIndexerPrefix(Dmp._dmpDescriptions));
+        this.censorFactory.censor(DescriptionCensor.class).censor(dmpDescriptionsFields, userId);
     }
 
 }
diff --git a/dmp-backend/web/src/main/resources/config/permissions.yml b/dmp-backend/web/src/main/resources/config/permissions.yml
index 5d5428d03..de2ec5149 100644
--- a/dmp-backend/web/src/main/resources/config/permissions.yml
+++ b/dmp-backend/web/src/main/resources/config/permissions.yml
@@ -68,6 +68,26 @@ permissions:
       clients: [ ]
       allowAnonymous: true
       allowAuthenticated: true
+    # Description
+    BrowseDescription:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    EditDescription:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    DeleteDescription:
+      roles:
+        - Admin
+      claims: [ ]
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
     # DescriptionTemplateType
     BrowseDescriptionTemplateType:
       roles:
@@ -88,6 +108,26 @@ permissions:
       clients: [ ]
       allowAnonymous: false
       allowAuthenticated: false
+    # Dmp
+    BrowseDmp:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    EditDmp:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    DeleteDmp:
+      roles:
+        - Admin
+      claims: [ ]
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
     # DmpBlueprint
     BrowseDmpBlueprint:
       roles:
@@ -127,6 +167,26 @@ permissions:
       clients: [ ]
       allowAnonymous: false
       allowAuthenticated: false
+    # EntityDoi
+    BrowseEntityDoi:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    EditEntityDoi:
+      roles:
+        - Admin
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
+    DeleteEntityDoi:
+      roles:
+        - Admin
+      claims: [ ]
+      clients: [ ]
+      allowAnonymous: false
+      allowAuthenticated: false
 
     # ViewPage Permissions
     ViewDescriptionTemplateTypePage: