The SDP framework was developed by the Cloud Security Alliance to control access to resources based on identity.
In an SDP, connectivity follows a need-to-know model, where both device posture and identity are verified before access to application infrastructure is granted.
[1] The application infrastructure in a software-defined perimeter is effectively "black"—a term used by the Department of Defense to describe an undetectable infrastructure—lacking visible DNS information or IP addresses.
[2] An SDP is a security methodology that controls access to resources based on user identity and device posture.
This approach aims to make internal infrastructure invisible to the internet, reducing the attack surface for threats like denial-of-service (DoS) and server scanning (Ref.