The secure cloud solution

Digital sovereignty and trustworthiness in the cloud.
Sharing infrastructure saves resources and also enables companies with little technical expertise and little effort to drive digitization forward. However, security, trustworthiness and transparency are essential to ensure that this does not lead to digital dependency. SecuStack enables companies to retain full control over their processed and stored data.
What is SecuStack?
SecuStack is a cloud operating system and enables, for example, the simple and secure provision of resources for the operation of cloud applications by means of "Infrastructure as a Service" (IaaS). As an extension of OpenStack, it is fully compatible with it. Transparently integrated cryptographic mechanisms now make the transfer, storage and processing of data and the networking of resources in an OpenStack environment consistently secure.
SecuStack thus enables various industries to enter cloud computing that have not yet been able or willing to use it due to strict security regulations or a lack of trust.

Digital sovereignty and trustworthiness in the cloud.
Sharing infrastructure saves resources and also enables companies with little technical expertise and little effort to drive digitization forward. However, security, trustworthiness and transparency are essential to ensure that this does not lead to digital dependency. SecuStack enables companies to retain full control over their processed and stored data.
What is SecuStack?
SecuStack is a cloud operating system and enables, for example, the simple and secure provision of resources for the operation of cloud applications by means of "Infrastructure as a Service" (IaaS). As an extension of OpenStack, it is fully compatible with it. Transparently integrated cryptographic mechanisms now make the transfer, storage and processing of data and the networking of resources in an OpenStack environment consistently secure.
SecuStack thus enables various industries to enter cloud computing that have not yet been able or willing to use it due to strict security regulations or a lack of trust.

VS Cloud for Defense


Digital sovereignty and trustworthiness in the cloud.
Sharing infrastructure saves resources and also enables companies with little technical expertise and little effort to drive digitization forward. However, security, trustworthiness and transparency are essential to ensure that this does not lead to digital dependency. SecuStack enables companies to retain full control over their processed and stored data.
What is SecuStack?
SecuStack is a cloud operating system and enables, for example, the simple and secure provision of resources for the operation of cloud applications by means of "Infrastructure as a Service" (IaaS). As an extension of OpenStack, it is fully compatible with it. Transparently integrated cryptographic mechanisms now make the transfer, storage and processing of data and the networking of resources in an OpenStack environment consistently secure.
SecuStack thus enables various industries to enter cloud computing that have not yet been able or willing to use it due to strict security regulations or a lack of trust.

Welche Auflagen und Regularien für welche Industrien, insbesondere im KRITIS-Umfeld, gelten, haben wir hier für Sie zusammengestellt. SecuStack ermöglicht sicherheitskonformes und vertrauenswürdiges Cloud Computing für eine Vielzahl von Branchen.
Standards | IEC62443, ISO27001, ISO 27018, ISO 27017, (BSI Standards, BSI-IT Grundschutz) C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Produktion (MES - Leistungsanalyse, Materialmanagement, Feinplanung /-steuerung etc.; Automatisierungs-Leitsystem). Office IT, ERP |
Standards | ISO27001, ISO 27018, ISO 27017, ISO/SAE 21434, ISO PAS 5112, (BSI Standards, BSI-IT Grundschutz), C5:2020, TISAX, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, UNECE R155, UNECE R156, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Connected Car. Produktion (MES - Leistungsanalyse, Materialmanagement, Feinplanung /-teuerung etc.; Automatiisierungs-Leitsystem). Office IT, ERP |
Standards | BSI Standards, BSI-IT Grundschutz, C5:2020 |
---|---|
Regulierung | DSGVO, VSA, BSI-Gesetz, BSI-KritisV, spezifische Landesgesetzgebung |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Anwendungssysteme der Kommunen. Office IT |
Standards | ISO 27001, ISO 27018, ISO 27017, BSI Standards, BSI-IT Grundschutz, C5:2020 |
---|---|
Regulierung | DSGVO, BSI-Gesetz, BSI-KritisV |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Rundfunk-Systeme von Haupt-Nachrichtenkanäle. Office IT |
Standards | ISO27001, ISO 27018, ISO 27017, BSI Standards, BSI-IT Grundschutz, C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV, TKG, TMG, |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Leitstellen, Betrieb Mobilfunk, Vermittlungssysteme, Netzwerkknoten. Office IT |
Standards | ISO27001, ISO 27018, ISO 27017, PCI-DSS, C5:2020, (BSI Standards, BSI-IT Grundschutz), IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV, Bankengesetzgebung (Bafin), VAIT, BAIT, MA Risk, Basel3 |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Investmentbanking. Retailbanking und Payment. Office IT |
Standards | ISO27001, ISO 27018, ISO 27017, BSI Standards, BSI-IT Grundschutz, C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Leitsysteme auf Autobahnen. Leitsysteme der Logistik-Unternehmen. Office IT |
Standards | IEC62443, ISO27001, ISO 27018, ISO 27017, ISO27019, (BSI Standards, BSI-IT Grundschutz), C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV, EnWG, IT Sicherheitskatalog, GDEW |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Leitsysteme und Automatisierungssysteme zur Netz- und Systemführung, Netzzustandserfassung und -bewertung, Netzschutz. Systeme zum Einspeisemanagement (Prognose), Fahrplanmanagement, Last-Prognoseerstellung, Beschaffung. Office IT |
Standards | ISO27001, ISO 27018, ISO 27017, (BSI Standards, BSI-IT Grundschutz), C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Produktion (MES - Leistungsanalyse, Materialmanagement, Feinplanung /-steuerung etc.; Automatisierungs-Leitsystem). Office IT, ERP |
Standards | ISO27001, ISO 27018, ISO 27017, BSI Standards, BSI-IT Grundschutz, C5:2020, IDW PS 951, IDW PS880, DVGW W 1060 |
---|---|
Regulierung | DSGVO, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Leitsysteme und Automatisierungssysteme. Systeme für Prognose, Betriebsplanung, Simulation/Optimierung, Assetmgmt, Labor, Diagnose/Analytics. Office IT |
Standards | ISO27001, ISO 27018, ISO 27017, DIN EN-80001, BSI Standards, BSI-IT Grundschutz, C5:2020, IDW PS 951, IDW PS880 |
---|---|
Regulierung | DSGVO, SGB X, IT Sicherheitsgesetz, BSI-Gesetz, BSI-KritisV, Krankenhauszukunftsgesetz, Patientendaten-Schutz-Gesetz, MPG, MDR |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Krankenhaus-IT (OP, Notfallmedizin). Krankenhaus-IT(Radiologie, Ultraschall, Endoskopie, Labor, Pharmacy, Archiv, Befundung etc.). Office-IT, Forschung etc. |
Standards | ISO27001, BSI Standards, BSI-IT Grundschutz, C5:2020 |
---|---|
Regulierung | DSGVO |
Standards RZ | ISO/IEC 27001, EN 50600, TSI.Standard, DCSA eco |
Typische Use Cases | Bildungsportale |
Standards | ISO27001 |
---|---|
Regulierung | DSGVO |
Standards RZ | ISO 27001 |
Typische Use Cases | Predictive Maintenance, Fraud detection, Robotic Process Automatisation, Datamining, OT, IOT |
Use Cases
Thanks to the flexible structure of the overall solution, many areas of application are possible, including those that may only take off in the near future. SecuStack is flexible in the breadth of application areas and at the same time can be specifically aligned to concrete industry use cases - as the following examples from practice show:

Authorities & administration
Administrative modernisation cannot be realised without modern cloud technology. However, established hyperscalers do not seem to offer a sustainable solution here, as they are unsuitable for government and sovereign IT services from a political (digital sovereignty), business (vendor lockin effects) and data protection perspective.
As a security-hardened solution based on open source, SecuStack® offers full control and sovereignty on the technology used and the required operating mode - whether “on premise” for a dedicated private cloud or in established operator models with multiple customers under strict cryptographic client separation. Specialist procedures, web portals, online services and collaboration tools receive a fully auditable and innovative foundation with SecuStack®.

Police & civil protection
Police and security authorities depend on fast and legally certain communication, not only in the event of disasters or confusing situations. The daily work is carried out by the authorities via digital radio communication. Messenger apps are also becoming increasingly established, although not in the sense of WhatsApp and similar apps.
Typically, the infrastructure of the security authorities is operated by the country‘s own IT providers in order to ensure full control over the data. Messenger apps such as stashcat are administered centrally and the corresponding apps are installed on police-owned or private (BYOD) mobile phones. SecuStack® offers a reliable platform on which these services can run and be operated in a legally secure manner.

Utilities: Edge Cloud
The energy transition is probably the most important project in our society today. Besides environmentally friendly energy generation, the greatest challenge at present is intelligent distribution and storage. At the same time, energy demand is increasing due to new data centres being built to host cloud services.
With a SecuStack® Edge Cloud, energy providers rely on a model that uses surplus energy directly where it is generated. In small decentralised data centres, energy is converted into computing power without feeding it into the grid. This increases the efficiency of plants and reduces costs for providers and consumers.

Healthcare
Health and patient data are increasingly processed in hyperconvergent ICT infrastructures. Local and central systems merge into each other, cross-organisational process routines establish themselves. Today, the virtualised and centralised IT services are often still operated „on premise“ due to compliance specifications. Cloud migration is subject to extensive regulatory requirements.
SecuStack® enables operators and providers of software solutions to transfer their current solutions to a cloud operating model that meets the special security requirements of German legislation. A trusted cloud infrastructure is being created as a security-hardened open-source cloud that connects all areas of medical care, e.g., patient data systems, medical technology, evaluation analytics and medical robotics.

VS Cloud for armed forces & authorities
The ultimate in data security is the handling of classified information (CI). They are classified by sovereign authorities and contain sensitive administrative documents, military mission data or even state secrets. To protect them, security measures are taken that seem excessive and inefficient in the private sector. At the same time, they form the everyday basis of government action. The SecuStack® infrastructure layer, provided in cooperation with IBM, RedHat and secunet, is based on an extensively hardened open source approach. It uses advanced design principles and security technologies as in the already VS-approved SINA products. SecuStack® is intended to establish itself as a cloud solution for VS-approved information.

Private cloud with client separation
If the data and applications of several organisations are processed in a central cloud infrastructure, a strict separation of services and clients must be ensured. In existing approaches, the separation takes place on the physical level. Separate racks with independent and disjoint components such as virtualisation solution, network and hardware must be procured and operated for each client. Especially the licensing of the market-leading proprietary software solutions (e.g., VMware, Microsoft, Citrix, Oracle ...) generates considerable costs.
The SecuStack® technology enables client separation to be carried out at a higher level of abstraction. Strict cryptographic separation and flexible key management allow different clients to use the same components without compromising data protection and security. This significantly better utilisation of existing hardware resources and the lower licensing costs provide a considerable cost advantage.
All benefits of SecuStack at a glance
With the provision of virtualized infrastructures, SecuStack enables the setup of cloud computing environments while taking over the complete lifecycle management.

SecuStack helps control and automate isolated computing tasks - especially in large, dynamic environments.

SecuStack secures user data and access restrictions through block-storage encryption

Due to the cryptographic mechanisms used by SecuStack, control over all keys is always guaranteed

Send us an inquiry via the contact form. We are happy to help.