With the change from on-premises to production using cloud services (whether hyperscale cloud providers, hybrid cloud, or on privately hosted cloud services) a new approach to security is required. In response, MovieLabs has defined the Common Security Architecture for Production (CSAP), a security architecture that can be used by anyone building next generation security systems for production workflows. The need for a CSAP was driven by our 2030 Vision work, where MovieLabs foresaw the challenges of securing workflows happening outside of facility security perimeters. CSAP makes extensive use of common and well-documented services available from major cloud service providers and other common security services. This approach is intentional because we need to build a common and high quality security ecosystem before we implement advanced software defined workflows on top. Provided below are the critical documents included in the download ZIP package.
The architecture is divided into parts and parts 1 to 3 are available now.
- CSAP Part 1 is the main architecture document and introduces core concepts such as dynamic security policies.
- CSAP Part 2 is a high level description of the interfaces between components.
- CSAP Part 3 defines a set of security levels to demonstrate how the security implementation can be scaled to fit the requirements of different types of production
As part of the package we include the “Evolution of Production Security” whitepaper that is an introductory document explaining the need and the approach taken.
MovieLabs, and its member studios, are working on the next three parts of the architecture which will cover implementation considerations, securing software defined workflows and a security policy description language.