O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

CSA Presentation - Software Defined Perimeter

1.124 visualizações

Publicada em

CSA SDP Software Defined perimeter talk by Junaid Islam

Publicada em: Tecnologia
  • Entre para ver os comentários

CSA Presentation - Software Defined Perimeter

  1. 1. © Cloud Security Alliance, 2016 Junaid Islam Co Chair
  2. 2. Agenda © Cloud Security Alliance, 2016 •Architecture •Achievements •Action Plan
  3. 3. Security Challenge © Cloud Security Alliance, 2014. Connect to Application Denial of Service Provide Credentials Credential Theft Server Exploitation Multifactor Token Connection Hijacking APT/Lateral Movement
  4. 4. Security Challenge © Cloud Security Alliance, 2014. Connect to Application Provide Credentials Multifactor Token
  5. 5. SDP Security Model © Cloud Security Alliance, 2014. Connect to Application Provide Credentials Multifactor Token
  6. 6. SDP Security Architecture © Cloud Security Alliance, 2014. SDP Controller SDP Gateways 2. User Authentication & Authorization Enterprise identity: separation of trust SAML IdP integrated with LDAP groups 0. One time on-boarding Client root of trust Digital artifacts & thin client 3. Dynamically Provisioned Connections Applications isolated and protected Usability: portal page of applications Hosting & IaaS DMZ & Data Center SD P Client Crypto Client Crypto Gatewa y IP’s 1. Device Authentication & Authorization SPA: anti DDoS, defeats SSL attacks mTLS & fingerprint: anti credential theft SAML IdP Issuing CA
  7. 7. Achievements (last 2 years) © Cloud Security Alliance, 2014. • Version 1 specification • 3 SDP Hackathons (4th in progress) • Gartner endorsement as “next big thing” • 4 Workgroups • Enterprise • FISMA Moderate • Auto/IoT • DDoS
  8. 8. Action Plan © Cloud Security Alliance, 2014. • 2 new workgroups • IaaS • IoT • Version 2 specification • Content challenge • Increased outreach • The future is looks good!
  9. 9. ? ? ? © Cloud Security Alliance, 2016

×