Operation Management Method of Software Defined Perimeter for Promoting Zero-Trust Model

Abstract

Telework has been on the rise since the advent of COVID-19, and concerns have arisen about issues such as information leakage due to internal fraud. The zero-trust model is attracting attention as a countermeasure. This model reduces risk by constantly performing authentication and authorization, thus leading to improved security levels and safer operation. However, currently less than 40% of the companies in Japan have introduced zero trust into their security policies, mainly due to the lack of specific guidelines for operational management. We have therefore developed a security policy (service authorization conditions) for the software defined perimeter (SDP) zero-trust model as a universal operational management method to promote zero-trust implementation. Specifically, we simplify the time/place/occasion (TPO) conditions of users as T (inside/outside working hours), P (inside/outside the company, telework), and O (with/without visitors), resulting in 12 patterns, and for each of these TPO conditions, we propose detailed new service authorization conditions for SDP. The results of qualitative evaluation demonstrated the effectiveness of the proposed method. Our findings will contribute to the introduction of the zero-trust model and pave the way for safer and more secure corporate networks.