< Back
Sovereign Private Cloud - A Confidential Computing Solution for the Italian Public Administration
June 5, 4:00 PM - 4:20 PM
Grand Ballroom Salon B
The Cloud Italy Strategy, created by the Department for Digital Transformation and the National Cybersecurity Agency, contains the strategic directions for the migration path towards the cloud of data and digital services of the Public Administration. The strategy responds to three main challenges: ensuring the country's technological autonomy, guaranteeing control over data, and increasing the resilience of digital services. In line with the objectives of the National Recovery and Resilience Plan, approximately 75% of Italian PAs are migrating data and IT applications towards a cloud environment. The Italian strategy is based on a highly reliable infrastructure that has the objective, in line with the Cloud Italia Strategy and the National Recovery and Resilience Plan (PNRR), to provide cloud infrastructures for the highest guarantees of reliability, resilience, scalability, interoperability and environmental sustainability. One of the objectives of the Italian strategy is to design and provide a secure infrastructure supporting this qualified cloud. One of the requirements for this infrastructure is the capability to technically enforce isolation of the cloud end-user data with respect to the infrastructure team. One of the technologies chosen to implement this isolation is the confidential computing technology applied at the level of the virtual machines. Confidential computing provides the protection of the data in the use of a VM and the capacity to verify the activation of the memory isolation and the integrity of some code running within the VMs. Based on these capacities, CYSEC designed a solution that protects the VM data in all states (at rest, in transit, and in use) and allows the detection of abnormal behaviors of the infrastructure hosting the qualified cloud. This solution includes the attestation of the launch of VMs and a regular auditing mechanism of the VMs at runtime.
CYSEC will present the high-level design of the hosted private cloud solution for the Italian administrations and will present the design of the confidential computing solution embedded within this hosted private cloud.
About the speaker
Matthieu Legre
Vice President of Product, CYSEC SA
Matthieu Legre is in charge of the product management of CYSEC's hardened Linux-based micro-distribution, ARCA Trusted OS, and its attestation VM launch solution.