SecuStack

secustack is contributing to enabling digital sovereignty in the Cloud. The Dresden based company was founded by the IT security specialist secunet Security Networks AG and the IT infrastructure provider Cloud&Heat Technologies GmbH. With this cooperation, the two partners combine their many years of expertise in the field of security solutions and the operation of OpenStack-based cloud infrastructures.

OpenStack is the de facto standard for cloud infrastructures based on Open Source. An OpenStack infrastructure can reach a high level of complexity. Maintaining the life cycle of such an infrastructure as well as ensuring regular updates to its components’ present additional challenges to providers. Furthermore, a vanilla OpenStack setup - especially concerning highly security-critical infrastructures - provides only limited cryptographic protection of cloud resources. Both disadvantages that apply to a regular OpenStack distribution are addressed by SecuStack, which develops a modular solution. SecuStack is composed of OpenStack code extensions as well as an OpenStack infrastructure management solution. As an extension of OpenStack, SecuStack is fully compatible with it. The transparently integrated cryptographic mechanisms now make the transfer, storage and processing of data as well as the networking of resources in an OpenStack environment consistently secure.

SecuStack is a cloud operating system enabling the simple and secure provision of resources for the operation of cloud applications using "Infrastructure as a Service" (IaaS). By transparently integrating cryptographic mechanisms, the transfer, storage and processing of data as well as the networking of resources are made consistently secure. SecuStack makes the use of cloud computing possible for industries which have not yet been able to or did not want to use it due to strict security regulations or a lack of trust. SecuStack consists of the following product stack:

1. SecuStack CORE addresses a strong, multi-layer client separation based primarily on cryptographic mechanisms.

2. SecuStack INFRA is based on SecuStack CORE and offers automated provisioning for SecuStack. It defines a system architecture with a focus on high availability and scalability. All OpenStack/SecuStack components are redundant so that the SecuStack cluster remains available even if individual server systems fail.

3. SecuStack Operations & Management (O&M) is based on SecuStack INFRA and offers complete lifecycle management for the administration of an OpenStack environment. As a result, the SecuStack infrastructure is kept "as a service" up to the latest release status and ready for operation. If a problem occurs within the cluster, an operator is automatically notified of the problem via a monitoring system. In the case of problems, the operator reacts within an hour after being notified by the monitoring system starting to identify the cause of the issue.