SecuStack is a cloud operating system enabling the simple and secure provision of resources for the operation of cloud applications using “Infrastructure as a Service” (IaaS). As an extension of OpenStack, it is fully compatible with it. Transparently integrated cryptographic mechanisms now make the transfer, storage and processing of data as well as the networking of resources in an OpenStack environment consistently secure. SecuStack thus enables various industries to enter cloud computing, which have not yet been able or do not want to use it due to strict security regulations or a lack of trust. [1]

Figure 1. Overview of Secustack

Figure 1 shows SecuStack takes advantage of Intel® processors equipped with Intel SGX, which enables critical infrastructure services like identity management, key management, and virtual private network (VPN) services to be executed inside of isolated application enclaves. The enclaves have hardware-assisted confidentiality and integrity-added protections to help prevent access from processes at higher privilege levels. [2]

Benefits of SecuStack at a glance

Solid infrastructures:With the provision of virtualized infrastructures, SecuStack enables the setup of cloud computing environments while taking over the complete lifecycle management.

Secure container orchestration: SecuStack helps control and automate isolated computing tasks - especially in large, dynamic environments.

Encryption Block Storage: SecuStack secures user data and access restrictions through block-storage encryption

Cryptographic control: Due to the cryptographic mechanisms used by SecuStack, control over all keys is always guaranteed [3]

Products & Services

SecuStack is a cloud operating system enabling the simple and secure provision of resources for the operation of cloud applications using "Infrastructure as a Service" (IaaS). By transparently integrating cryptographic mechanisms, the transfer, storage and processing of data as well as the networking of resources are made consistently secure. SecuStack makes the use of cloud computing possible for industries which have not yet been able to or did not want to use it due to strict security regulations or a lack of trust. SecuStack consists of the following product stack:

1. SecuStack CORE addresses a strong, multi-layer client separation based primarily on cryptographic mechanisms.
2.  SecuStack INFRA is based on SecuStack CORE and offers automated provisioning for SecuStack. It defines a system architecture with a focus on high availability and scalability. All OpenStack/SecuStack components are redundant so that the SecuStack cluster remains available even if individual server systems fail.
3. SecuStack Operations & Management (O&M) is based on SecuStack INFRA and offers complete lifecycle management for the administration of an OpenStack environment. As a result, the SecuStack infrastructure is kept "as a service" up to the latest release status and ready for operation. If a problem occurs within the cluster, an operator is automatically notified of the problem via a monitoring system. [4]

References:

1. https://www.secustack.com/
2. https://www.intel.in/content/www/in/en/customer-spotlight/stories/secustack-customer-story.html
3. https://www.secunet.com/en/solutions/secustack
4. https://www.openstack.org/community/supporting-organizations/profile/secustack

Cite this article:

Thanusri swetha J (2022), Overview of Secustack, Anatechmaz, pp.171