
Specifications of the BSI
As a commercially available cloud solution, VS-Cloud has the best prerequisites for approval by the German Federal Office for Information Security (BSI). It also implements all federal regulatory frameworks. This is to the advantage of the armed forces and the defence technology industry.

Secure IT infrastructure
The hardware components of VS-Cloud meet the most stringent requirements for IT security. The software components used are specially tested, hardened and secured with cryptographic mechanisms.

Three strong partners
With IBM, secunet and Red Hat, you have strong partners at your side – with in-depth technological know-how, security-oriented consulting services and many years of experience in the development of highly secure technologies for processing classified data up to SECRET classification.
State-of-the-art methods and technologies for processing classified information
An entire ecosystem of methods and technologies, and thus digital innovations, has emerged in the cloud. The aim of VS-Cloud is therefore to make these methods and technologies available for processing classified information. The use of security technology "Made in Germany", enterprise open-source software and professional services are the best prerequisites for the upcoming BSI approval.
Secure use of cloud standards in the processing of classified information
At the heart of VS-Cloud is the SecuStack cloud operating system, which enables simple and secure provision of resources via Infrastructure as a Service (IaaS). Transparently integrated cryptographic mechanisms ensure that data transfer, storage and processing of resources in an OpenStack environment stay consistently secure. SecuStack takes into account secure separation between clients as well as other security and control features to protect against external attacks and threats.
Operation in your own data-processing centre
In computer science, an "air gap" or "airwall" is understood as being a procedure that physically and logically separates two CIS systems with different levels of trust from each other, but still allows the transmission of user data. With VS-Cloud, the Air Gap can be implemented in the cloud system itself, hosted on-site in a customer data centre or at a later stage remotely as a managed service.
VS-Cloud interoperability
VS-Cloud is a software solution that provides a free architecture and interfaces for cloud computing services. With its modular architecture and open standards, VS-Cloud can cover the entire spectrum ranging from data collection from IoT devices to aggregation, analysis and evaluation by artificial intelligence.
Compliance with the "red lines" of the BSI
By using SecuStack in the VS-Cloud solution, core aspects of Digital Sovereignty are fulfilled:
- Federally owned infrastructure
- Local operation by federally owned IT service providers
- No data transmission to the manufacturer
- Interoperability
- Control of resources
- Ensuring testability and availability of updates along with their documentation
- Compliance with the legal requirements of the German Federal Office for Information Security (BSI) and implementation of all federal regulations
Strict separation of clients
If the data and applications of several organisations are processed in a central cloud infrastructure, for classified data there must be a strict separation of services and clients. Until now, the separation on the physical level could only be achieved by having separate racks with independent and disjoint components, which incurs high costs.
By using SecuStack as an infrastructure component of VS-Cloud for Defence, it should be made possible in the future to perform client separation at a higher level of abstraction. Strict separation and flexible key management should in futire allow multiple clients to use the same components without compromising data protection and data security. This improved utilisation of existing hardware resources and the lower licensing costs provide a significant cost advantage.