The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, has released a new white paper report that explains the Software Defined Perimeter (SDP) security framework and how it can be deployed to protect application infrastructures from network-based attacks.
According to the CSA, the Software Defined Perimeter (SDP) Initiative is a new project aimed at developing an architecture for securing the “Internet of Things” by using the cloud to create secure and trusted end-to-end networks between any IP addressable entities.
“By incorporating security standards from organizations such as NIST as well as security concepts from organizations such as the U.S. Department of Defense (DoD), the SDP works to mitigate network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized,” the CSA explained. “
The initiative is being led by Flores, former CTO of the CIA and President & CEO at Applicology Incorporated and Junaid Islam, founder and CTO of Vidder Technology.
“This paper is the first step in providing enterprises with a high-level approach to understanding how to best protect their application infrastructure from network-based attacks,” said Islam. “The traditional perimeter model has rapidly become obsolete and the growth of devices moving inside the perimeter along with the migration of application resources to outside the perimeter has stretched the traditional security model. A new approach is needed that enables application owners to protect infrastructure wherever it may be.”
The white paper includes details on the Software Defined Perimeter (SDP) architecture, its implementation and applications, and its relationship to certain industry standards and protocols. The report also addresses the working group’s scope, purpose and deliverables. The Software Defined Perimeter (SDP) is a collaboration between some of the world’s largest users of cloud computing within CSA’s Enterprise User Council. It is being designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks.
The full report can be downloaded here in PDF format.
Detailed information about CSA’s Software Defined Perimeter (SDP) initiative and a prototype demonstration will also be delivered at the CSA Congress Architecture Workshop being held today from 9:00 am – 5:00 pm in Orlando, Florida.
