The Cloud
Security Alliance (CSA), a not-for-profit organization which promotes the
use of best practices for providing security assurance within cloud computing,
today announced the launch of the Software Defined Perimeter (SDP) Initiative,
a project to develop an architecture for creating highly secure and trusted
end-to-end networks between any IP addressable entities, allowing for systems
that are highly resilient to network attacks.
Technology consumerization has resulted in the proliferation
of new computer systems in use by enterprises, such as mobile devices in Bring
Your Own Device (BYOD) configurations, and non-traditional computers comprising
the Internet of Things (IoT). Cloud computing infrastructure is
supplanting internal IT backend systems as these employee-owned devices are
becoming the primary computer of choice at the endpoint. Innovation must
provide more granular and elegant solutions to mitigate security risks and
enforce organizational policies across any combination of corporate-owned,
public and consumer information technology.
The Software Defined Perimeter (SDP) is a collaboration
between some of the world¹s largest users of cloud computing within CSA¹s
Enterprise User Council. SDP is a framework of security controls that
mitigates network-based attacks on Internet-accessible applications by
eliminating connectivity to them until devices and users are authenticated and
authorized. SDP is being designed to be highly complementary to Software
Defined Networks (SDN), the popular network layer construct which decouples
routing and architectural decisions from the underlying equipment to create
virtual networks. SDP traverses several OSI layers to tie applications
and users with trusted networks, using vetted security models.
"It is critical to the future of cloud technology that it is
demonstrably more secure than legacy IT systems," said Bob Flores, former CTO
of the CIA and Chief Executive Officer of Applicology Incorporated. "SDP is an
important component to allow both cloud providers and customers to secure
applications all the way from the back end to the consumer device, and we look
forward to working with some of the worlds largest enterprises on its
development."
"CSA is making this royalty-free research publicly available
in order to catalyze the development of more secure clouds and BYOD
deployments," said Jim Reavis, Executive Director of Cloud Security Alliance. "Some of the largest brands and companies have agreed to participate in this
initiative, and will be disclosed in the course of this initiative."
The Software Defined Perimeter (SDP) research working groups
are now open for participation, collaboration and peer review. CSA is
announcing the following initial roadmap for delivery of SDP:
- Software Defined
Perimeter Whitepaper. The SDP whitepaper and an overview of the SDP
framework will presented at the CSA Congress, December 4-5, 2013 in Orlando,
Florida.
- Software Defined
Perimeter Deep Dive. Detailed information about SDP and a prototype
demonstration will be delivered at the CSA Congress Architecture Workshop,
December 6, 2013 in Orlando, Florida.
- Software Defined
Perimeter Enterprise Implementation. An implementation case study
of SDP will be presented at the CSA Summit at the RSA Conference, February 24,
2014 in San Francisco.
- Software Defined
Perimeter Hacker Contest. An educational contest will be held to
test SDP in a secured cloud configuration. Live reports will be displayed
at the CSA booth at the RSA Conference, February 25, 2014 in San Francisco.
- Software Defined
Perimeter Developer¹s Workshop. Case studies of SDP will be
reviewed and a workshop to help organizations seeking to implement SDP will be
held at the SecureCloud Conference, April 1-2, 2014 in Amsterdam.
A more complete one-year roadmap of SDP activities will be
published at the CSA
Congress. For conference and registration information for the upcoming CSA
Congress please visit http://www.cloudsecuritycongress.com/us/index.