Digital sovereign cloud technology

Software is only a facet of of the picture “digital sovereignty” (see below), but an important base for it. The decision for a software stack for a governmental environment should be taken consciously and educated. Here are some points to be considered to gain real digital sovereignty:

• software licenses for all code should be open source allow for free usage and adaption, and offer the capability to contribute to and shape the software

• the used software should be mature and proven in production, it should be resilient, scaleable, and possible to be used in large and professional environments (like enterprise clouds)

• the software should be maintained by an active community or foundation to guarantee further development, bug fixes, support, and increased security – the community or foundation should also offer the possibility to contribute, so the national technicians can collaborate on the software development; ideally, the community is diverse and not closely associated with a single entity

• it should use open, common standards and open interfaces

• the cloud infrastructure should be automated, integrated, interoperable, and modular federal, so it can be also used in multi or hybrid cloud environments

• the cloud infrastructure should be independent of the underlying hardware and operation system

• it should reduce critical dependencies on providers through standardized, modular IT architectures

• it should allow cross-cloud and reciprocal use of governmental applications, allowing the integration and execution of GovStack building blocks

• it should cover all security demands and access requirements

• Additionally: operational knowledge should be available, documented, and further developed by an active community

• to get scalable, resilient cloud infrastructure it is recommended to have a dedicated IaaS (virtualization) layer with automated rollout and integrated monitoring and security tools

• for application development and operations, a dedicated scalable self-service container platform is recommended with container orchestration, a container registry, and configuration management

In recent years, open source and open technologies have played an exceptionally important role in the realization of specialized applications in the corporate and government context. However, these also require a technological basis that ensures their sovereignty in the long term. The operating environments or the cloud platforms therefore play an important role here. Of course, these cloud environments can be built from scratch, but there are existing solutions which cover all necessary aspects. Govstack and their partners are happy to help (one example see below).