Jump to content

Main menu Navigation ●Main page ●Contents ●Current events ●Random article ●About Wikipedia ●Contact us ●Donate Contribute ●Help ●Learn to edit ●Community portal ●Recent changes ●Upload file

●Create account ●Log in ●Create account ● Log in Pages for logged out editors learn more ●Contributions ●Talk

(Top) 1 Potential benefits 2 Relevance to other computing areas 3 Variations 4 Notes 5 References

De-perimeterisation

Add links ●Article ●Talk ●Read ●Edit ●View history Tools Actions ●Read ●Edit ●View history General ●What links here ●Related changes ●Upload file ●Special pages ●Permanent link ●Page information ●Cite this page ●Get shortened URL ●Download QR code ●Wikidata item Print/export ●Download as PDF ●Printable version Appearance From Wikipedia, the free encyclopedia

Ininformation security, de-perimeterisation^[a] is the removal of a boundary between an organisation and the outside world.^[1] De-perimeterisation is protecting an organization's systems and data on multiple levels by using a mixture of encryption, secure computer protocols, secure computer systems and data-level authentication, rather than the reliance of an organization on its network boundary to the Internet. Successful implementation of a de-perimeterised strategy within an organization implies that the perimeter, or outer security boundary, was removed.

Metaphorically, de-perimeterisation is similar to the historic dismantling of city walls to allow the free flow of goods and information. To achieve this there was a shift from city states to nation states and the creation of standing armies, so that city boundaries were extended to surround multiple cities.

De-perimeterisation was coined by Jon Measham, a former employee of the UK's Royal Mail in a 2001 research paper, and subsequently used by the Jericho Forum of which the Royal Mail was a founding member.^[2]

Potential benefits[edit]

Claims made for removal of this border include the freeing up of business-to-business transactions, the reduction in cost and the ability for a company to be more agile. Taken to its furthest extent an organisation could operate securely directly on the Internet.

Operating without a hardened border frees organizations to collaborate, utilizing solutions based on a Collaboration Oriented Architecture framework.

Relevance to other computing areas[edit]

The work, particularly by the Jericho Forum, on de-perimeterisation has fed into two key areas of computing:

Originally described as "computing outside your perimeter", this is now referred to as Cloud Computing.
The Zero trust security model is the architectural response to the problem statement posed by de-perimeterisation.

Variations[edit]

More recently the term is being used in the context of a result of both entropy and the deliberate activities of individuals within organizations to usurp perimeters often for well intentioned reasons. The Jericho Forum paper named "Collaboration Oriented Architecture" refers to this trend of de-perimeterisation as a problem:

Problem
The traditional electronic boundary between a corporate (or ‘private’) network and the Internet is breaking down in the trend which we have called de-perimeterisation.^[3]

Variations of the term have been used to describe aspects of de-perimeterisation such as:

"You’ve already been de-perimeterised" to describe the Internet worms, viruses and other exploits which are designed to by-pass the border typically using web and e-mail.^[4]
"re-perimeterisation" to describe the interim step of moving perimeters to protection groups of computer servers or a data centre – rather than the perimeter.
"Macro-Perimeterisation" the act of moving the security perimeter into "the cloud", see Security As A Service, examples of such security services in the cloud are exemplified by email cleaning services or proxy filtering services provided by towers in the internet.
"micro-perimeterisation" moving the security perimeter to surround the data itself, interim steps might include moving the perimeter around individual computer systems or an individual application (consisting of a cluster of computers).

Notes[edit]

^ In American English, de-perimeterization. The hyphen is always included.

References[edit]

^ "Jericho Forum - FAQs - Miscellaneous". opengroup.org. Archived from the original on 7 March 2016. Retrieved 21 February 2023.

^ "Jericho Forum".

^ The Jericho Forum's Collaboration Oriented Architecture Paper Collaboration Oriented Architecture paper Archived 5 December 2008 at the Wayback Machine

^ Joanne Cummings "Security in a world without borders" Network World 27 September 2004 "Face it, you've already been de-perimeterized. The question now is, what are you going to do about it?"

Retrieved from "https://en.wikipedia.org/w/index.php?title=De-perimeterisation&oldid=1197522937" Category: ●Data security Hidden categories: ●Webarchive template wayback links ●Articles with short description ●Short description matches Wikidata ●Use dmy dates from February 2023 ●This page was last edited on 20 January 2024, at 21:51 (UTC). ●Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. ●Privacy policy ●About Wikipedia ●Disclaimers ●Contact Wikipedia ●Code of Conduct ●Developers ●Statistics ●Cookie statement ●Mobile view