Software Defined Perimeter Arrow to Content

Introduction to the Software Defined Perimeter Working Group (SDP)

The Software Defined Perimeter (SDP) is a research initiative launched in December 2013 with the goal to develop a solution to stop network attacks against application infrastructure. With the adoption of cloud services the threat of network attacks against application infrastructure increases since servers can not be protected with traditional perimeter defense techniques. Cloud Security Alliance (CSA) will make this research freely available for use without license fees or restrictions.

Security Model

To solve the problem of stopping network attacks on application infrastructure the SDP Workgroup developed a clean sheet approach that combines on device authentication, identity-based access and dynamically provisioned connectivity. While the security components in SDP are common place, the integration of the three components is fairly novel. More importantly, the SDP security model has been shown to stop all forms of network attacks including DDoS, Man-in-the-Middle, Server Query (OWASP10) as well as Advanced Persistent Threat (APT).

Organizational Structure & Goals

The SDP Workgroup is a volunteer team that has two meetings per year usually scheduled around the RSA security conference and CSA Congress. During the calendar year, the SDP volunteers form teams to focus on specific tasks. In 2014 the SDP volunteers published a 1.0 Specification as well as hosted two Hackathon's to verify its security model. For 2015, the SDP volunteers plan to develop an open source code base focused on DDoS (conceptually a SDP 0.25).

To join the SDP mailing list or contact the project leads, please send an email to [email protected].

Software Defined Perimeter Working Group Leadership

Bob Flores, former CTO Central Intelligence Agency, Partner Cognitio
Junaid Islam, CTO, Vidder

Join the Software Defined Perimeter Working Group

Software Defined Perimeter Working Group Calendar | Events are PST

Download Software Defined Perimeter Working Group Related Documents

SDP Specification v1.0

SDP Specification v1.0

This document outlines a Cloud Security Alliance (CSA) initiated protocol for the Software Defined Perimeter specification, and requests discussion and suggestions for improvements.

Release Date: April 30, 2014

SDP Hackathon Whitepaper

SDP Hackathon Whitepaper

The CSA SDP Hackathon challenged hackers to attack a server defended by a software defined perimeter. Of the billions of packets fired at the server, not one attacker penetrated even the first layer of security. The whitepaper outlines how this is possible.

Release Date: April 17, 2014

Software Defined Perimeter

Software Defined Perimeter

This document explains the software defined perimeter (SDP) security framework and how it can be deployed to protect application infrastructure from network-based attacks. The SDP incorporates security standards from organizations such as the National Institute of Standards and Technology (NIST) as well as security concepts from organizations such as the U.S. Department of Defense (DoD) into an integrated framework.

Release Date: December 01, 2013

Software Defined Perimeter Working Group News

August 27, 2014

Hackathon On! Cloud Security Alliance Challenges Hackers to Break its Software Defined Perimeter (SDP) at CSA Congress 2014

Successful breach of SDP Protected Public Cloud will earn a prize of $10,000!

May 01, 2014

Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP)

The SDP Version 1.0 Implementation Specification and SDP Hackathon Results Report provide important updates on the SDP security framework and are now available for download.

December 05, 2013

Cloud Security Alliance Releases Software Defined Perimeter (SDP) Framework Details

New white paper outlines best practices to deploy an SDP to protect application infrastructure from network-based attacks.

November 13, 2013

Cloud Security Alliance Announces Software Defined Perimeter (SDP) Initiative

A project to develop an architecture for creating highly secure and trusted end-to-end networks between any IP addressable entities, allowing for systems that are highly resilient to network attacks.

Software Defined Perimeter Press Coverage

November 13, 2013 SearchCloudApplications

Industry group announces plans to address cloud security challenges

November 13, 2013 Business Cloud

CSA says Software Defined Perimeter will use cloud against hackers

November 13, 2013 SearchCloudSecurity

CSA’s software-defined perimeter to secure BYOD, ‘Internet of Things’

Page Dividing Line
This website uses cookies to improve functionality and performance. If you continue browsing the site, you are giving implied consent to the use of cookies on this website. See our Cookie Policy for details.