De-perimeterised Security and the Collaboration Oriented Architecture

Publish date:

The Jericho Forum has been pointing out the flaws in a perimeter-based approach to security for some years now. The message is gaining acceptance, with many products and companies claiming to be ‘Jericho compliant’, whatever that means. But what does it mean? Jericho has proposed the ‘collaboration oriented architecture’ to replace perimeterised security. Up to […]

The Jericho Forum has been pointing out the flaws in a perimeter-based approach to security for some years now. The message is gaining acceptance, with many products and companies claiming to be ‘Jericho compliant’, whatever that means.
But what does it mean? Jericho has proposed the ‘collaboration oriented architecture’ to replace perimeterised security. Up to now, however, the collaboration oriented architecture has been defined at a very high level, so it’s still not clear how the collaboration can replace the perimeter as the basic unit of security.
The linked document is my attempt to answer this question. It defines a number of interrelated terms, such as ‘collaboration’, ‘reputation’, ‘identity’ and ‘trust’. It then describes some new insights that come from these definitions.
The first is that ‘identity’ equals ‘collaborations’ plus ‘reputation’.
The second is that there are 3 types of security decisions that can be made:

  • whether to enter into a collaboration, on the basis of reputation
  • once a collaboration is in place, whether to give access to resources where permitted by collaborations
  • as collaborations proceed, whether to update their counterparty’s reputation

The attached document explains these terms and insights in more detail.

Related Posts

Cybersecurity

Cybersecurity: the linchpin of sustainable infrastructure

Geert van der Linden
Date icon July 7, 2021

It’s critical that infrastructure organizations mitigate these risks by placing cybersecurity...

Cybersecurity

Malware: Bad for business and the environment

Geert van der Linden
Date icon June 28, 2021

Ensure your business is secure and quick to respond in the event of a breach.

Cybersecurity

Is your cybersecurity insurance dynamic enough for today’s threat landscape?

Geert van der Linden
Date icon May 3, 2021

To provide effective insurance, and claim their stake within this growing market, insurance...