Open Telekom CloudESA-ESPI Workshop

Space Data & Cloud Computing Infrastructures: Policies and Regulations –Provider View

Andreas Falkner

A door-opener for digitizationnot only in industry, but science as well

cloud as the Basis for Digitization

2ESA-ESPI Workshop, Frascati July, 7 2017

Sou

rce:

flat

icon

.com

Data Explosion Increase of produced and “consumed” data

Tech Advancements Fast pace of innovation, nearly “daily” new options

Collaboration Cross-science, science/industry, worldwide

Scientific computing soars

3ESA-ESPI Workshop, Frascati July, 7 2017

Sou

rce:

flat

icon

.com

Legal Challenges for Space data?

Generally “aerial” Images are considered uncritical

© ESA, creative commons licensehttp://creativecommons.org/licenses/by-sa/3.0/igo/

But there are exceptions …

For private individuals For businesses For nations

4ESA-ESPI Workshop, Frascati July, 7 2017

known challenges

For private individuals For Businesses For nations “Bundesdatenschutzgesetz (BDSG)”,

German Federal Data Protection Act Consider data privacy regulations, when

data can be connected with individuals

“Satellitendatensicherheitsgesetz(SatDSiG)”

Protecting (Germany) from harms, disturbance of peaceful living together or relationships to other nations

“Wirtschaftsgeheimnisse” Satellite data of estates, properties can

reveal economical secrets (that are protected)

5ESA-ESPI Workshop, Frascati July, 7 2017

High security location

area 40.000 m² ca. 6.000 m² pure IT sq. footage

nearly equal identically constructed like Biere

Primary mainframe DC

Protected area with according n safety installations

High security location

area 36.000 m² ca. 9.000 m² pure IT sq. footage

Data Center 2020 with latest, eco-friendly technology

Separate routes with 20 resp. 27 km/DWDM

SOX compliant distance of >10 miles between DC

Fulfils BaFin requirements for fail-safe DC

T-Systems is a German provider and must fulfil legal requirements for high data protection.

Magdeburg Biere

Answer 1: Open Telekom Cloud operationsstate of the art Twin-Core DC for high Data security

6ESA-ESPI Workshop, Frascati July, 7 2017

Answer 2: German data Privacy

§ 11 BDSG

§ 3 BDSG

§ 9 BDSG

§ 8,3 BDSG

7ESA-ESPI Workshop, Frascati July, 7 2017

Answer 3: Data Encryption

Elastic IP

Virtual Private Cloud

Unified Load Balancer

Domain Name Service

Direct Connect

CCERDSWorkspace

Services

ObjectStorage Service

Elastic Volume Service

Volume Backup Service

ECS AS IMSDeH

PAAS

Management

Compute

Network

StorageSe

cu

rit

y

ECS = Elastic Cloud Server, DeH =Dedicated Host, AS= Auto Scaling, IMS = Image Mgmt SystemKMS = Key Mgmt System, MaaS = Migration aaS, SMN =SimpleMessage Notification, DMS = Distributed Message Service

IAM

Anti-DDoS

OBS Encrypt.

KMS

EVS Encrypt.

SAAS Big Data

Bare Metal

FW aaS MarketplaceDistributed

Cache

Cloud EyePrice

Online Display

MaaS SMN DMSHEAT/

Res.TemplCloud Trace

Tag MgmtService

Enterprise Agreements Financial Dashboard

8ESA-ESPI Workshop, Frascati July, 7 2017

Compliant with Germandata-privacy standards

Certified data-center operations

Hosted in Germany Operated by T-Systems Free-of-charge anti-DDoS

Certified security

ISO 27001

ISO 20000

ISO 14001 OHS AS 18001

SOX ISAE 3402 – Type II

DIN ISO 9001:2008

ESARISEnterprise Security Architecture for

Reliable ICT Services

CSA Star L. 2 Gold3/2016 für R.1.1

R.1.1 (Q4/16), R.2.0 (Q1/17)

TÜV TrustedCloud Service

3/2016

ESARIS2/2016

DT Privacy + Security assessment

Q1/2016

Certified toISO 27001

SOC 1/2Q4/2017

PCIQ4/2017

C5Q1/2018

pre assessment based on SOC2

ISO 27017,ISO 27018

Q4/2016

Letter of Confirmacy

TrustedCloud BMWI

Q1/2017

Achieved

Planned

9ESA-ESPI Workshop, Frascati July, 7 2017

Hybrid Cloud for CERN/Helix Nebula

Indigo DataCloud

ESA DIAS Tender Hybrid Clouds for advanced #UX Secure/protected holistic environment

Solutions for Science

10ESA-ESPI Workshop, Frascati July, 7 2017

Challenge accepted – and resolved in Open Telekom Cloud

Legally compliant

In accordance with Sections 3 and 11,

German Federal Data Protection Act (BDSG)

Contract. defined

Information on German legislation provided in advance in the service specifications, T&Cs

and contract data processing agreement

Certification

Various ISO certificates, CSA Star

Level 2 etc. – currently enhanced

Data stored in Germany

All data stored only in Germany, meeting

German legal requirements(> 50 years’ experience)

Section 9, BDSG

Technical and organizational

measures (TOM) for contract data processing

ServiceSpecifications

Encryption & Sec. Check

Beyond basic IT security: option to encrypt data and security-checked

personnel

11ESA-ESPI Workshop, Frascati July, 7 2017

Thank you.

An open technology platform with built-in compliance, ease-of-use, and best pricing for businesses of any size,in any industry

Open Telekom Cloud

Open Telekom cloudpublic Iaas for European Customers

Market and customer expectations are changing:

Demand for scalable, dynamic IT resources is growing.

Public IaaS is the answer(compute, storage, network, management)

OpenStack API No vendor lock-in Simple to integrate

Great pricing Moving from capex to opex

for IT infrastructures

Rapid access Support/help getting started Easy to use

Data protection in compliancewith German legislation

Meeting enterprise needs

Open

affordable

Secure

Simple

13ESA-ESPI Workshop, Frascati July, 7 2017

Open Telekom cloudpublic Iaas for European Customers

https://cloud.telekom.de/en/infrastructure/open-telekom-cloud/

more than 60 flavors for big data, HPC, graphical processing, bare metal

Great platform performance

Excellent price/performance

100 G InfiniBand EDR

OpenStack based (100 % DefCore compliant)

Additional PaaS (Container, VDI, Databases) and SaaS (Big Data)

Bitnami suite available

14ESA-ESPI Workshop, Frascati July, 7 2017

Open Telekom cloudpublic Iaas for European Customers

15ESA-ESPI Workshop, Frascati July, 7 2017