Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

CSA Official Press Release

Published 12/05/2013

Cloud Security Alliance Releases Software Defined Perimeter (SDP) Framework Details

Cloud Security Alliance Releases Software Defined Perimeter (SDP) Framework Details

New White Paper Outlines Best Practices to Deploy an SDP to Protect Application Infrastructure from Network-based Attacks

Orlando, FL – CSA Congress 2013 – December 5, 2013 – The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today announced the release of the Software Defined Perimeter Report, a new white paper report that explains the Software Defined Perimeter (SDP) security framework and how it can be deployed to protect application infrastructures from network-based attacks. Bob Flores, former CTO of the Central Intelligence Agency (CIA), will unveil further details of the SDP initiative at a fireside chat keynote this afternoon, at 4:00 pm ET, hosted by CSA Executive Director Jim Reavis. The Software Defined Perimeter (SDP) Initiative is a new CSA project aimed at developing an architecture for securing the “Internet of Things” by using the cloud to create highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks. By incorporating security standards from organizations such as NIST as well as security concepts from organizations such as the U.S. Department of Defense (DoD), the SDP works to mitigate network-based attacks on Internet-accessible applications by eliminating connectivity to them until devices and users are authenticated and authorized. The initiative is being led by Flores, former CTO of the CIA and President & CEO at Applicology Incorporated and Junaid Islam, founder and CTO of Vidder Technology. “This paper is the first step in providing enterprises with a high-level approach to understanding how to best protect their application infrastructure from network-based attacks,” said Islam. “The traditional perimeter model has rapidly become obsolete and the growth of devices moving inside the perimeter along with the migration of application resources to outside the perimeter has stretched the traditional security model. A new approach is needed that enables application owners to protect infrastructure wherever it may be.” The white paper includes details on the Software Defined Perimeter (SDP) architecture, its implementation and applications, and its relationship to certain industry standards and protocols. The report also addresses the working group’s scope, purpose and deliverables. The Software Defined Perimeter (SDP) is a collaboration between some of the world’s largest users of cloud computing within CSA’s Enterprise User Council. It is being designed to be highly complementary to Software Defined Networks (SDN), the popular network layer construct which decouples routing and architectural decisions from the underlying equipment to create virtual networks. Detailed information about CSA’s Software Defined Perimeter (SDP) initiative and a prototype demonstration will also be delivered at the CSA Congress Architecture Workshop being held on December 6, 2013 from 9:00 am – 5:00 pm in Orlando, Florida. About Cloud Security Alliance The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa. Contact Kari Walker for the CSA ZAG Communications 703.928.9996 [email protected]

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.