Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
Open Telekom CloudESA-ESPI Workshop
Space Data & Cloud Computing Infrastructures: Policies and Regulations –Provider View
Andreas Falkner
A door-opener for digitizationnot only in industry, but science as well
cloud as the Basis for Digitization
2ESA-ESPI Workshop, Frascati July, 7 2017
Sou
rce:
flat
icon
.com
Data Explosion Increase of produced and “consumed” data
Tech Advancements Fast pace of innovation, nearly “daily” new options
Collaboration Cross-science, science/industry, worldwide
Scientific computing soars
3ESA-ESPI Workshop, Frascati July, 7 2017
Sou
rce:
flat
icon
.com
Legal Challenges for Space data?
Generally “aerial” Images are considered uncritical
© ESA, creative commons licensehttp://creativecommons.org/licenses/by-sa/3.0/igo/
But there are exceptions …
For private individuals For businesses For nations
4ESA-ESPI Workshop, Frascati July, 7 2017
known challenges
For private individuals For Businesses For nations “Bundesdatenschutzgesetz (BDSG)”,
German Federal Data Protection Act Consider data privacy regulations, when
data can be connected with individuals
“Satellitendatensicherheitsgesetz(SatDSiG)”
Protecting (Germany) from harms, disturbance of peaceful living together or relationships to other nations
“Wirtschaftsgeheimnisse” Satellite data of estates, properties can
reveal economical secrets (that are protected)
5ESA-ESPI Workshop, Frascati July, 7 2017
High security location
area 40.000 m² ca. 6.000 m² pure IT sq. footage
nearly equal identically constructed like Biere
Primary mainframe DC
Protected area with according n safety installations
High security location
area 36.000 m² ca. 9.000 m² pure IT sq. footage
Data Center 2020 with latest, eco-friendly technology
Separate routes with 20 resp. 27 km/DWDM
SOX compliant distance of >10 miles between DC
Fulfils BaFin requirements for fail-safe DC
T-Systems is a German provider and must fulfil legal requirements for high data protection.
Magdeburg Biere
Answer 1: Open Telekom Cloud operationsstate of the art Twin-Core DC for high Data security
6ESA-ESPI Workshop, Frascati July, 7 2017
Answer 2: German data Privacy
§ 11 BDSG
§ 3 BDSG
§ 9 BDSG
§ 8,3 BDSG
7ESA-ESPI Workshop, Frascati July, 7 2017
Answer 3: Data Encryption
Elastic IP
Virtual Private Cloud
Unified Load Balancer
Domain Name Service
Direct Connect
CCERDSWorkspace
Services
ObjectStorage Service
Elastic Volume Service
Volume Backup Service
ECS AS IMSDeH
PAAS
Management
Compute
Network
StorageSe
cu
rit
y
ECS = Elastic Cloud Server, DeH =Dedicated Host, AS= Auto Scaling, IMS = Image Mgmt SystemKMS = Key Mgmt System, MaaS = Migration aaS, SMN =SimpleMessage Notification, DMS = Distributed Message Service
IAM
Anti-DDoS
OBS Encrypt.
KMS
EVS Encrypt.
SAAS Big Data
Bare Metal
FW aaS MarketplaceDistributed
Cache
Cloud EyePrice
Online Display
MaaS SMN DMSHEAT/
Res.TemplCloud Trace
Tag MgmtService
Enterprise Agreements Financial Dashboard
8ESA-ESPI Workshop, Frascati July, 7 2017
Compliant with Germandata-privacy standards
Certified data-center operations
Hosted in Germany Operated by T-Systems Free-of-charge anti-DDoS
Certified security
ISO 27001
ISO 20000
ISO 14001 OHS AS 18001
SOX ISAE 3402 – Type II
DIN ISO 9001:2008
ESARISEnterprise Security Architecture for
Reliable ICT Services
CSA Star L. 2 Gold3/2016 für R.1.1
R.1.1 (Q4/16), R.2.0 (Q1/17)
TÜV TrustedCloud Service
3/2016
ESARIS2/2016
DT Privacy + Security assessment
Q1/2016
Certified toISO 27001
SOC 1/2Q4/2017
PCIQ4/2017
C5Q1/2018
pre assessment based on SOC2
ISO 27017,ISO 27018
Q4/2016
Letter of Confirmacy
TrustedCloud BMWI
Q1/2017
Achieved
Planned
9ESA-ESPI Workshop, Frascati July, 7 2017
Hybrid Cloud for CERN/Helix Nebula
Indigo DataCloud
ESA DIAS Tender Hybrid Clouds for advanced #UX Secure/protected holistic environment
Solutions for Science
10ESA-ESPI Workshop, Frascati July, 7 2017
Challenge accepted – and resolved in Open Telekom Cloud
Legally compliant
In accordance with Sections 3 and 11,
German Federal Data Protection Act (BDSG)
Contract. defined
Information on German legislation provided in advance in the service specifications, T&Cs
and contract data processing agreement
Certification
Various ISO certificates, CSA Star
Level 2 etc. – currently enhanced
Data stored in Germany
All data stored only in Germany, meeting
German legal requirements(> 50 years’ experience)
Section 9, BDSG
Technical and organizational
measures (TOM) for contract data processing
ServiceSpecifications
Encryption & Sec. Check
Beyond basic IT security: option to encrypt data and security-checked
personnel
11ESA-ESPI Workshop, Frascati July, 7 2017
Thank you.
An open technology platform with built-in compliance, ease-of-use, and best pricing for businesses of any size,in any industry
Open Telekom Cloud
Open Telekom cloudpublic Iaas for European Customers
Market and customer expectations are changing:
Demand for scalable, dynamic IT resources is growing.
Public IaaS is the answer(compute, storage, network, management)
OpenStack API No vendor lock-in Simple to integrate
Great pricing Moving from capex to opex
for IT infrastructures
Rapid access Support/help getting started Easy to use
Data protection in compliancewith German legislation
Meeting enterprise needs
Open
affordable
Secure
Simple
13ESA-ESPI Workshop, Frascati July, 7 2017
Open Telekom cloudpublic Iaas for European Customers
https://cloud.telekom.de/en/infrastructure/open-telekom-cloud/
more than 60 flavors for big data, HPC, graphical processing, bare metal
Great platform performance
Excellent price/performance
100 G InfiniBand EDR
OpenStack based (100 % DefCore compliant)
Additional PaaS (Container, VDI, Databases) and SaaS (Big Data)
Bitnami suite available
14ESA-ESPI Workshop, Frascati July, 7 2017
Open Telekom cloudpublic Iaas for European Customers
15ESA-ESPI Workshop, Frascati July, 7 2017