Suitable Scalability Management Model for Software-Defined Perimeter Based on Zero-Trust Model

Shigeaki Tanimoto; Palmo Yangchen; Hiroyuki  Sato; Atsushi  Kanai

doi:10.52731/ijskm.v7.i1.702

Shigeaki Tanimoto Chiba Institute of Technology
Palmo Yangchen Chiba Institute of Technology
Hiroyuki Sato The University of Tokyo
Atsushi Kanai Hosei University

DOI: https://doi.org/10.52731/ijskm.v7.i1.702

Keywords: Software-defined perimeter, Digital transformation, Zero-trust model, Scalability

Abstract

The software-defined perimeter (SDP), a zero-trust model developed by the Cloud Security Alliance, has been attracting attention in the technological industry since its introduction to a world adapting to digital transformation. Many trust models have been introduced to meet the growing demands for cyber security, such as the public key infrastructure, soft-ware-defined network, and virtual private network. SDP has particularly gained importance as a zero-trust model because no one in the digital world can be trusted. With the introduction of new models and technical devices, there is now a need to improve newly introduced technology on various grounds when customers adapt to devices. In this work, we discuss how to overcome the current issues of SDP relating to scalability, reliability, usability, etc. As the number of organizations that share information online continues to expand, there is a need for scalable and reliable SDP models that are both easy to maintain and cost efficient for evolving organizations. To meet this need, we proposed several scalable SDP models that enable easier installation management of real networks of organizations with different organizational structures. Specifically, we propose hierarchical, bridge, hybrid, and mesh models. The results of qualitative and quantitative evaluations showed that the bridge model is the most suitable of the four as an extension of SDP.

Author Biography

Shigeaki Tanimoto, Chiba Institute of Technology

Professor Faculty of Social Systems Science

References

Leo Taddeo, Why Security needs a Software Def ined Perimeter Perimeter, [Online] https://www.darkreading.com/why-securitysecurity-needsneeds-a-softwaresoftware-defineddefined-perimeter/a/d-id/133 1332666

A. Moubayed, et al., SoftwareSoftware-Defined Perimeter (SDP): State of the Art Secure Solution for Modern Networks Networks, [Online] Available: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8863736&tag=1

A. Froehlich, Let's have a look at the top 7 networking technologies and architecture trends you should expect to see as we enter the New Year Year, [Online] Available: https://www.networkcomputing.com/networking/7-networknetwork-trendstrends-youyou-can-expectexpect-2020

CSA Software Defined Perimeter Working Group, SDP Specification 1.0, 2014, [Online] Available: https://cloudsecurityalliance.org/artifacts/sdp-specificationspecification-v1-0/

M. Henderson, et al. al., Modelling Trust Structures for Public Key Infrastructures Infrastructures, [Online]

Available: http://www.math.udel.edu/~coulter/papers/acisp.pdf

S. Tanimoto, et al. al., Proposal of a perimeter line management method for fog and edge computing with SDP concept, The 23rd International Conference on Network Network-Based Information Systems (NBiS NBiS-2020), AISC 1264, pp.290 290-302, Springer, DOI: 10.1007/978 978-3-030 -5781157811-4_27, 2020

E.L. Lucion, et al., Software Defined Perimeter: improvements in the security of Single Packet Authorization and user a uthentication, 2018 XLIV Latin American Computer Conference (CLEI), 2018

A. Sallam , et al., Securing Smart Home Networks with Software Software-Defined Perimeter, 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), pp.1989 1989- 1993, 2019

F. D. Tsokos, Development of a Software Defined Security Perimeter, University of the Thessaly, 2018, https://core.ac.uk/download/pdf/159408436.pdf

A. Sallam , et al., On the Security of SDN: A Completed Secure and Scalable Framework Using the Softwar Software-Defined Perimeter, IEEE Access (Volume : 7), pp.146577 146577-146587, 2020

Cisco, Cisco Software Software-Defined Access: Introducing an Entirely New Era in networking Solution overview overview, [Online] https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/software-defineddefined-access/solution-overviewoverview-c22c22-739012.html

Perimeter 81, Securing a Digital Work Space Space, [Online] Available: https://www.com/solutions/software-defineddefined-perimeter

Twingate, Twingate provides a simple, modern approach to secure online work work, [Online] Available: https://www.twingate.com/

Cato Networks, Software Defined Perimeter Perimeter, [Online] https://www.catonetworks.com/sdp/

A. Welekwe, Six best software defined perimeter perimeter, [Online] Available: https://www.comparitech.com/net-admin/software-defineddefined-perimeterperimeter-software/

Y. Miyakawa, et al. al., Current Status of Japanese Government PKI Systems, [Online] Available: https://link.springer.com/chapter/10.1007/978-3-540-6948569485-4_8

IPA, PKI Related Technical Information, 5 Trus t Model, (Japanese Edition), [Online] Available: https://www.ipa.go.jp/security/pki/051.html

Y. Palmo, et al., A Consideration of Scalability for Software Defined Perimeter Based on the ZeroZero-trust Model, 2021 10th International Congress on Advanced Applie d Informatics (IIAI IIAI-AAI), pp.717 717-724, 2021