< Back

Sovereign Private Cloud - A Confidential Computing Solution for the Italian Public Administration

June 5, 4:00 PM - 4:20 PM
Grand Ballroom Salon B

The Cloud Italy Strategy, created by the Department for Digital Transformation and the National Cybersecurity Agency, contains the strategic directions for the migration path towards the cloud of data and digital services of the Public Administration. The strategy responds to three main challenges: ensuring the country's technological autonomy, guaranteeing control over data, and increasing the resilience of digital services. In line with the objectives of the National Recovery and Resilience Plan, approximately 75% of Italian PAs are migrating data and IT applications towards a cloud environment.

Leonardo is a member of the PSN (Polo Strategico Nazionale), a highly reliable infrastructure that has the objective in line with the Cloud Italia Strategy and the National Recovery and Resilience Plan (PNRR), to provide cloud infrastructures for the highest guarantees of reliability, resilience, scalability, interoperability and environmental sustainability. One of Leonardo's responsibilities is to design and provide a secure infrastructure supporting this qualified cloud. One of the requirements for this infrastructure is the capability to technically enforce isolation of the cloud end-user data with respect to the infrastructure team.

One of the technologies chosen to implement this isolation is the confidential computing technology applied at the level of the virtual machines. Confidential computing provides the protection of the data in the use of a VM and the capacity to verify the activation of the memory isolation and of the integrity of some code running within the VMs. Based on these capacities, Leonardo and CYSEC designed a solution that protects the VM data in all states (at rest, in transit, and in use) and allows the detection of abnormal behaviors of the infrastructure hosting the qualified cloud. This solution includes the attestation of the launch of VMs and a regular auditing mechanism of the VMs at runtime.

Leonardo will present the high-level design of the hosted private cloud solution for the Italian administrations.

CYSEC will present the design of the confidential computing solution embedded within this hosted private cloud.

About the speakers

Matthieu Legre

Matthieu Legre

Vice President of Product, CYSEC SA

Matthieu Legre is in charge of the product management of CYSEC's hardened Linux-based micro-distribution, ARCA Trusted OS, and its attestation VM launch solution.

Davide Roggero

Davide Roggero

Head of Hybrid Cloud Infrastructure, Leonardo

Head of Hybrid Cloud Infrastructure.