The Secure Cloud.

SecuStack extends OpenStack and offers the following security enhancements:

Secured Access

Access to the cloud infrastructure is secured and encrypted.

Tenant Network Protection

Tenant networks are isolated and encrypted.

Cryptographic Control

The user has full control over cryptographic keys used.

Block Storage Encryption

User data stored within the cloud is fully encrypted and only accessible to the user.

Secured Images

Images can be encrypted and additionally secured with a digital signature.

Infrastructure Hardening

SecuStack provides mechanisms and consultation offers for securing your underlying infrastructure.

Details of SecuStack

OpenStack is the de facto standard for cloud infrastructures based on Open Source. An OpenStack infrastructure can reach a high level of complexity. Maintaining the life cycle of such an infrastructure as well as ensuring regular updates to its components present additional challenges to providers. Furthermore, a vanilla OpenStack setup - especially concerning highly security-critical infrastructures - provides only limited cryptographic protection of cloud ressources. Both disadvantages that apply to a regular OpenStack distribution are addressed by SecuStack, which develops a modular solution. SecuStack is composed of OpenStack code extensions as well as an OpenStack infrastructure management solution:

Due to the separation into SecuStack Core and SecuStack Infra, the adaptation into different environments is possible: SecuStack Core can be deployed as a security enhancement on top of existing OpenStack distributions. SecuStack Infra provides complete automation for the installation and maintenance of OpenStack infrastructures. In conjunction both parts form an independent OpenStack distribution.


Frequently Asked Questions

  • What is SecuStack?

    SecuStack is a security-hardened Cloud infrastructure solution based on OpenStack. It comes with various features securing the data provided by users to the Cloud. Furthermore, it offers holistic cryptographic tenant seperation.

  • How does SecuStack compare to OpenStack?

    SecuStack is an extension of the vanilla OpenStack code base. It is built upon generic OpenStack code and incorporates security enhancements and acts as a drop-in replacement for standard OpenStack components.

  • What are use cases for SecuStack?

    SecuStack may be used in any environment with security-critical processes and data. Examples are Cloud infrastructures in the health care domain and Cloud infrastructures for public authorities as well as Cloud infrastructures for Smart Home or Smart City applications.

  • Do you also provide security-hardening for existing OpenStack infrastructures?

    Yes, SecuStack may be applied to existing OpenStack infrastructures to add unique security features such as a cryptographic separation of tenants. Furthermore, we offer consultancy services to evaluate and improve the security of existing OpenStack infrastructures.

  • Want to know more?

The SecuStack Partners

Dr. Kai Martius

CTO (secunet AG)

Dr. Marius Feldmann

COO (Cloud&Heat Technologies)

The companies secunet and Cloud&Heat Technologies are the driving forces behind the development of SecuStack. The two partners combine their longstanding expertise in the fields of security solutions and the operation of OpenStack.

Contact Us

Get in touch with us for more information.