Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.6.1069

Software Defined Perimeter(SDP) Authentication Mechanism for Zero Trust and Implementation of ECC Cryptoraphy  

Lee, Yun-kyung (Electronics and Telecommunications Research Institute)
Kim, Jeong-nyeo (Electronics and Telecommunications Research Institute)
Abstract
Zero trust, which means never trust anything before verifying it, is emerging as a hot issue in security field. After authenticating users, zero trust establishes network boundaries so that only networks in the trusted range can be accessed. This concept is also consistent with the concept of SDP, which performs pre-verification and creates a network boundary with a dynamic firewall so that clients can access only as many as they have permission to connect. Therefore, we recommend the SDP model as an example of how zero trust can be achieved in a zero trust architecture. In this paper, we point out the areas where SDP needs to be modified for zero trust and suggest ways to overcome them. In addition, we propose an onboarding method, which is one of the processes for becoming an SDP entity, and present performance measurement results.
Keywords
Software Defined Perimeter; Authentication; ECC; Digital Signature;
Citations & Related Records
연도 인용수 순위
  • Reference
1 CISA Cybersecurity division, "Zero trust maturity level," Pre-decisional Draft, version1.0, June 2021.
2 Juanita Koilpillai, "Software Defined Perimeter-A New Paradigm for Securing Digital Infrastructures/Systems," GTSC 2017, Aug.
3 Brent Bilger, Alan Boehme, et al., "SDP Specification 1.0," CSA, April, 2014
4 Jason Garbis, Juanita Koilpillai, "Software-Defined Perimeter Architecture Guide," CSA, 2019.
5 Yoon Hong, "A method for detecing phishing/pharming attacks using SSL/TLS protocols," Journal of Defense and Security, vol.1, no.2, pp. 118-134, Dec. 2019.
6 Scott Rose, O.Borchert, S. Mitchell, and S. Connelly, "Zero Trust Architecture," NIST.SP.800-207, Aug. 2020.
7 Ji Yeon Yang, Hyoung Kee Choi, "A Study on the Certificate Verification Testing in SSL/TLS Implementations," KICS Summer Conference 2017.pp.138-139, 2017.
8 Jason Garbis, Juanita Koilpillai, "Software Defined Perimeter(SDP) Specification v2.0," CSA, Mar. 2022