Protecting Application Infrastructure with Software Defined Perimeter

No ratings

Presented at IAPP 2014 by

Brent Bilger

Junaid Islam

Software Defined Perimeter (SDP) is a research project by the CSA to define a multi-layer security model to mitigate network-based threats. The goal of the SDP initiative is to provide enterprises a more effective security solution by integrating proven concepts such as network access control, one-time passwords and digital certificates with newer ideas such as identity federation into one framework. SDPs mitigate network attacks such as DDoS, man-in-the-middle, SQL Server and APT hash theft by allowing only authenticated access to application infrastructure—whether in public or private clouds or traditional data centers. The SDP security model enables enterprises to control access from any device to any type of infrastructure. SDPs are designed to leverage the compute and connectivity power of public clouds to lower the cost and complexity of perimeter security. The SDP security model has value in a wide range of applications, from enabling low-cost BYOD access to simplifying IoT sensor connectivity to facilitating secure SaaS services. For developers creating new products and services, SDP provides a public domain framework that can be leveraged without license fees or any usage restrictions. You’ll be presented with a tutorial on the SDP architecture and the 1.0 specification. We’ll also give you an application framework that will allow developers to incorporate SDP concepts into their products. Additionally, we’ll watch a live demo of the SDP Hackathon taking during the conference.