OC3 registrations are now open! Join the premier event for confidential computing online or in Berlin on March 27.

desk

Case study: ZenDiS

OpenDesk on Constellation: empowering sovereign workplace solutions for the German public sector

ZenDiS

The German government established the Center for Digital Sovereignty (ZenDiS) in 2022. ZenDiS, a limited liability company (GmbH) owned by the Ministry of the Interior, aims to be the central point of contact for the public administration to coordinate and manage open-source projects. This aligns with broader goals outlined in the European Commission’s “Open source software strategy 2020 – 2023”. ZenDiS is responsible for open-source projects such as the OpenCoDE repository and OpenDesk. 

OpenDesk is a sovereign workplace solution for the public administration. It provides a user-friendly, integrated workplace platform including tools for e-mailing, video conferencing, project management, and file storage. OpenDesk is open source, allowing users the right to view, redistribute, and modify the respective components. This ensures competition and innovation, while improving security and enabling Europe’s own digital autonomy. 

Challenge

The German government handles large amounts of sensitive data, including personally identifiable information (PII) and classified documents, making data security a top priority. Therefore, deploying openDesk presents a challenge: ensuring security and sovereignty while maintaining ease of use and scalability. On-premises solutions offer control over data residency, but are expensive, hard to operate, and lack scalability.  Public cloud deployments provide infinite scale but introduce concerns over data privacy and security. 

Solution

Confidential computing is an emerging technology that ensures that data is always encrypted, even during processing. It enables secure cloud migration, with your data being protected even when hosted on external infrastructure, across hybrid, public, or multi-cloud environments, effectively empowering digital sovereignty. Other use cases are multi-party computation, data privacy, and regulatory compliance. 

Constellation is an open-source software that leverages confidential computing to protect entire Kubernetes deployments on public clouds like Azure, AWS, and STACKIT). It isolates any cloud-native application from the infrastructure, making sure that cloud admins or other tenants never get access to any data. Additionally, Constellation is easy to deploy and offers high availability, backups, and auto-scaling. Constellation is the perfect solution to run even complex collaborative solutions like openDesk on public infrastructure, while assuring that all data is always encrypted. Not even system administrators, datacenter employees or other insider attackers can access workloads protected this way.

For more technical information on Constellation, please refer to our docs or contact us

Result

We have deployed openDesk with Constellation on Microsoft Azure to provide a workplace solution that is easy to use, highly scalable, and aligns well with the public administration’s security requirements. Constellation is also cloud-agnostic and can be deployed on any infrastructure. 

Felix Schuster talking at PITS eventPanel discussion at PITS eventDietmar Wippig talking at PITS event

Want to learn more about Constellation or our other security solutions?


Please fill out the form and our experts will be in contact with you.

The form failed to load. Please send an email to contact@edgeless.systems. Loading likely fails because you are using privacy settings or ad blocks.