The Cloud Security Alliance (CSA) will hold its third Hackathon at the RSA Conference 2015 in San Francisco, to continue to test the CSA Software Defined Perimeter Specification V.1. A top prize of $10,000 is available to the first participant to gain access to a password provided account.
The CSA’s Software Defined Perimeter (SDP) research project represents a breakthrough approach to security, and is a collaboration among more than 100 companies and U.S. government organizations. In the previous two Hackathons, conducted last year, no one was able to circumvent even the first of the five SDP security controls layers (single packet authorization protocol), despite more than 5 billion packets being fired at the SDP.
The third SDP Hackathon will focus on credential theft, and aims to validate the device authentication capabilities of SDP to stop password-based attacks. Participants will be provided the name and password to an account, which includes instructions to claim a $10,000 award. The name and password will be announced at the conclusion of the CSA Summit on Monday, April 20, at noon Pacific Daylight Time. Hackathon participants must bypass SDP’s device authentication capabilities to gain access to the server with the account.
“Stolen credentials and unauthorized access should no longer be synonymous,” said Junaid Islam, CTO of Vidder, Inc., and co-chair of the SDP Working Group. “We have seen that paradigm fail enterprises time and again. At the end of this Hackathon, we intend to demonstrate that organizations can and should be applying a different approach to authorization, leveraging device authentication, to reduce the ability for these types of attacks to be effective.”
The SDP specification uses a framework of security controls that mitigates network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized, creating dynamically provisioned perimeters for clouds, demilitarized zones, and data center infrastructures.
The SDP has been designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks. SDP traverses several OSI layers to tie applications and users with trusted networks, using vetted security models.