software-defined perimeter (SDP)

Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance. All endpoints attempting to access a given infrastructure must be authenticated and authorized prior to entrance.

Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance.

The framework is based on the Department of Defense's "need-to-know" model; all endpoints attempting to access a given infrastructure must be authenticated and authorized prior to entrance. Once authorization -- which takes place in the cloud -- is complete, trusted devices are given a unique, temporary cryptographic connection to the target infrastructure.  Until then, the infrastructure being protected by an SDP is "black."  This means that IP addresses for the target infrastructure are only revealed to authorized devices. 

The five layers of the SDP framework's security controls are:

SDPs lower the chances of successful network-based attacks such as denial-of-serviceattacks, man-in-the-middle attacks, server vulnerabilities and lateral movement attacks such as SQL injection or cross-site scripting. SDP does not have any new protocols, rather it incorporates standards from NIST and OASIS (including PKI, TLS, IPsec and SAML).

 

 

This was first published in July 2014

Continue Reading About software-defined perimeter (SDP)

Glossary

'software-defined perimeter (SDP)' is part of the:

View All Definitions

Dig deeper on Cloud Computing Frameworks and Standards

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close