查看文章

Traditional perimeter defense is typically being performed through dedicated firewall-based devices. However, it becomes necessary to decrease the surface and exposure to cyber attacks by hiding the infrastructure, applications and access controls, as well as increasing security levels. Software Defined Perimeter (SDP) brings new perimeter functionality and Single Packet Authorization (SPA) is the first step. Through the analysis of the SDP protocol there were security issues that need to be improved or addressed. This work proposes adaptations in the SDP architecture and definition of a new pattern of creation and sending of the SPA. It was designed under modular aspects that are incorporated into the model. A secure way to establish mutual TLS for initial user authentication has also been developed. The results demonstrate that building security solutions in modules greatly increases the degree of difficulty in …