Technology consumerization has resulted in the proliferation of new computer systems in use by enterprises, such as mobile devices in Bring Your Own Device
(BYOD) configurations, and non-traditional computers comprising the Internet of Things (IoT). Cloud computing infrastructure is supplanting internal IT backend systems as these employee-owned devices are becoming the primary computer of choice at the endpoint. Innovation must provide more granular and elegant solutions to mitigate security risks and enforce organizational policies across any combination of corporate-owned, public and consumer information technology.
The Software Defined Perimeter (SDP) is a collaboration between some of the world's largest users of cloud computing within CSA's Enterprise User Council.
SDP is a framework of security controls that mitigates network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized. SDP is being designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks. SDP traverses several OSI layers to tie applications and users with trusted networks, using vetted security models.
"It is critical to the future of cloud technology that it is demonstrably more secure than legacy IT systems," said Bob Flores, former CTO of the CIA and Chief Executive Officer of Applicology Incorporated. "SDP is an important component to allow both cloud providers and customers to secure applications all the way from the back end to the consumer device, and we look forward to working with some of the worlds largest enterprises on its development."
"CSA is making this royalty-free research publicly available in order to catalyze the development of more secure clouds and BYOD deployments," said Jim Reavis, Executive Director of Cloud Security Alliance. "Some of the largest brands and companies have agreed to participate in this initiative, and will be disclosed in the course of this initiative."
The Software Defined Perimeter (SDP) research working groups are now open for participation, collaboration and peer review. More information can be obtained from the SDP site at www.cloudsecurityalliance.org/SDP. CSA is announcing the following initial roadmap for delivery of SDP:
-- Software Defined Perimeter Whitepaper. The SDP whitepaper and an
overview of the SDP framework will be presented at the CSA Congress,
December 4-5, 2013 in Orlando, Florida.
-- Software Defined Perimeter "Deep Dive". Detailed information about SDP
and a prototype demonstration will be delivered at the CSA Congress
Architecture Workshop, December 6, 2013 in Orlando, Florida.
-- Software Defined Perimeter "Enterprise Implementation". An
implementation case study of SDP will be presented at the CSA Summit at
the RSA Conference, February 24, 2014 in San Francisco.
-- Software Defined Perimeter "Hacker Contest". An educational contest will
be held to test SDP in a secured cloud configuration. Live reports will
be displayed at the CSA booth at the RSA Conference, February 25, 2014
in San Francisco.
-- Software Defined Perimeter "Developer's Workshop". Case studies of SDP
will be reviewed and a workshop to help organizations seeking to
implement SDP will be held at the SecureCloud Conference, April 1-2,