Safety Lock Computer Motherboard

STACKIT expands sovereign cloud offering with innovative confidential computing solutions

Neckarsulm, 14. March 2024

STACKIT expands sovereign cloud offering with innovative confidential computing solutions

  • The STACKIT Confidential Computing products developed together with partner Edgeless Systems are a further building block for customers to effectively prevent unauthorized access to data by third parties
  • STACKIT Confidential Kubernetes offers users the option of operating containers in a Kubernetes cluster protected with Confidential Computing
  • STACKIT Confidential Servers make it possible to use confidential computing mechanisms in virtual machines with little effort

Neckarsulm, March 14, 2024 STACKIT, the German cloud from Schwarz Digits, helps customers to use cloud services with confidence by operating high-performance data centers in Germany and ensuring that all data processing takes place within the EU. This ensures the security, integrity and availability of data, as well as compliance with the GDPR and other legal requirements. The use of open standards and open source technologies avoids provider lock-in.

Together with its partner Edgeless Systems, STACKIT has launched new products to further strengthen customers' data sovereignty. With STACKIT Confidential Server and STACKIT Confidential Kubernetes, customers have the option of encrypting their own applications and all data processed in them at runtime, isolating them from access by third parties and providing verifiable proof of this property. STACKIT's new products therefore meet the highest security requirements, such as the requirements for cloud solutions in regulated industries.

In particularly sensitive areas or regulated industries such as healthcare, effective operator exclusion is required to ensure exclusive access to data and its processing. Until now, these regulatory requirements have often prevented the use of modern cloud technologies. The new STACKIT Confidential Computing products solve this problem by enabling customers to carry out comprehensive encryption of all data during processing, transmission and storage. They operate these "self-managed". This means that even the cloud provider is guaranteed and proven to have no access to the encrypted data.

STACKIT Confidential Server is based on the modern hardware security mechanisms of processor manufacturers. This enables applications to be operated simply and encrypted in virtual machines (VMs) without major modifications, thus isolating them from third-party access. STACKIT Confidential Kubernetes also raises these properties to the abstraction level of containers and relies on the open source framework Constellation from Edgeless Systems. Containerized applications can be operated in encrypted and isolated form without any adjustments. Here, too, it is possible to verify these properties in a testable manner. The usual scalability of containerized applications is retained.

"Thanks to the successful collaboration with Edgeless Systems, our new products STACKIT Confidential Server and STACKIT Confidential Kubernetes have been created. We are thus providing our customers with another innovative security building block to support them in their sovereign cloud use," reports Matthias Sutter, Chief Product Owner STACKIT. Felix Schuster, CEO Edgeless Systems, adds: "We are delighted to be able to offer our technologically leading confidential computing solutions with STACKIT as an ideal partner. Together, we enable customers to use state-of-the-art cloud functionality without having to compromise on data sovereignty or data security."