The Cloud Security Alliance (CSA) announced the release of the Software Defined Perimeter Report, a new white paper report that explains the Software Defined Perimeter (SDP) security framework and how it can be deployed to protect application infrastructures from network-based attacks.
The Software Defined Perimeter (SDP) Initiative is a new CSA project aimed at developing an architecture for securing the “Internet of Things” by using the cloud to create highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks.
By incorporating security standards from organizations such as NIST as well as security concepts from organizations such as the U.S. Department of Defense (DoD), the SDP works to mitigate network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized.
The initiative is being led by Flores, former CTO of the CIA and President & CEO at Applicology Incorporated and Junaid Islam, founder and CTO of Vidder Technology.
“This paper is the first step in providing enterprises with a high-level approach to understanding how to best protect their application infrastructure from network-based attacks,” said Islam. “The traditional perimeter model has rapidly become obsolete and the growth of devices moving inside the perimeter along with the migration of application resources to outside the perimeter has stretched the traditional security model. A new approach is needed that enables application owners to protect infrastructure wherever it may be.”
The white paper includes details on the Software Defined Perimeter (SDP) architecture, its implementation and applications, and its relationship to certain industry standards and protocols. The report also addresses the working group’s scope, purpose and deliverables.
The Software Defined Perimeter (SDP) is a collaboration between some of the world’s largest users of cloud computing within CSA’s Enterprise User Council. It is being designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks.