m o g h ti b u c . 5 m o c . 5 b u h t i g Software-Defined Perimeter Working Group Software-Defined Perimeter (SDP) Specification 2.0 June TBD The permanent and official location for Software Defined Perimeter Working Group is https://cloudsecurityalliance.org/research/working-groups/software-defined-perimeter m o c . 5 b u h t i g © 2021 Cloud Security Alliance – All Rights Reserved. You may download, store, display on your computer, view, print, and link to the Cloud Security Alliance at https://cloudsecurityalliance.org subject to the following: (a) the draft may be used solely for your personal, informational, non-commercial use; (b) the draft may not be modified or altered in any way; (c) the draft may not be redistributed; and (d) the trademark, copyright or other notices may not be removed. You may quote portions of the draft as permitted by the Fair Use provisions of the United States Copyright Act, provided that you attribute the portions to the Cloud Security Alliance © Copyright 2021, Cloud Security Alliance. All rights reserved. Page 2 of 33 0.1 Document Project Plan Start Date End Date Feb 15, 2019 Start Agree Outline /Assign Sections Revised Outlines /Assign Sections and Writing Writing Writing/Review - Extension Writing/Review - Extension External Peer Review Marketing Publishing 0.1.5 To Do’s / Assignments 0.2 Team / Contributor Composition Contributors Juanita Koilpillai [email protected] Jason Garbis [email protected] Michael Roza [email protected] Entire Initial v2 - Initial review and reorganization of entire v1 document to start v2 SDP Component descriptions, SDP Protocol section updates, Updated diagrams, JSON edits, Onboarding example. Entire document - Made and accepted edits and minor rewrites throughout. b u SDP Deployment models and Workflow table changes. SPA - broader usage section rework mTLS and IKE section h t i g Entire Initial v2 - Initial review and reorganization of entire v1 document to start v2, SDP Protocol section - Identification of errors, inconsistencies, and recommendations for improvement and changes to sequencing images and message text. Summary section - outline. SDP Deployment models and Workflow table changes Entire document - Made and accepted edits and minor rewrites throughout. Bob Flores [email protected] Initial review and reorganization to start v2 Junaid Islam [email protected] Initial review and reorganization to start v2 Daniel Bailey [email protected] Benfeng Chen [email protected] Eitan Bremler [email protected] Ahmed Refaey Hussein [email protected] m o c . 5 Areas of Contribution SDP Component descriptions. SDP Protocol section and workflow. SPA clarification. Onboarding example. SDP Protocol and SPA section update. Updated the SDP protocol workflow for network invisibility, as well as the cryptographic algorithms in SPA messages for security. Review of SDP architecture and components, Controller, Initiating Hosts, Accepting Hosts, Gateways, Deployment Models SDP - SDN - NFV and cloud deployments © Copyright 2021, Cloud Security Alliance. All rights reserved. Page 3 of 33 Acknowledgments Version 2.0 Lead Authors Juanita Koilpillai Jason Garbis Contributors Junaid Islam Bob Flores Daniel Bailey Benfeng Chen Eitan Bremler Michael Roza m o CSA Analysts b u Shamun Mahmud Version 1.0 Contributors c . 5 h t i g Brent Bilger, Alan Boehme, Bob Flores, Zvi Guterman, Mark Hoover, Michaela Iorga, Junaid Islam, Marc Kolenko, Juanita Koilpillai, Gabor Lengyel, Gram Ludlow, Ted Schroeder and Jeff Schweitzer CSA Analysts Shamun Mahmud The Software-Defined Perimeter (SDP) and Zero Trust Working Group is a Cloud Security Alliance (CSA) a research working group will advocate for and promote the adoption of Zero Trust security principles, providing practical and technically sound guidance on how organizations can and should approach this for their cloud and non-cloud environments. This group will build on and leverage the NIST Zero Trust research and approach. The group will also promote SDP as a recommended architecture for achieving Zero Trust benefits and principles. It will revise and expand the SDP specification, to capture and codify the knowledge gained from experience. While promoting and recommending SDP, the group will take an inclusive approach to alternative security architectures and objectively support them as long as they’re aligned with the

pdf文档 CSA 软件定义边界(SDP)标准规范2.0(试读本)

文档预览
中文文档 34 页 50 下载 1000 浏览 0 评论 0 收藏 3.0分
温馨提示:本文档共34页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
CSA 软件定义边界(SDP)标准规范2.0(试读本) 第 1 页 CSA 软件定义边界(SDP)标准规范2.0(试读本) 第 2 页 CSA 软件定义边界(SDP)标准规范2.0(试读本) 第 3 页
下载文档到电脑,方便使用
本文档由 路人甲 于 2022-07-06 02:53:56上传分享
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们微信(点击查看客服),我们将及时删除相关资源。