Internet Impact Brief: Technical Architecture of the GAIA-X Project

Authors:
Olaf Kolkman, Internet Society
Andrei Robachevsky, Internet Society

Abstract

GAIA-X is a project initiated by the German Ministry of Economic affairs, the French Ministry of the Economy,^[1] and a number of private sector entities to create a competative, secure and trustworthy federtation of data infrastructure. Aspiring to values of transparency, openness, data protection, and security, the collaborative initiative aims to provide digital sovereignty by enabling a data infrastructure “by Europe for Europe and beyond.”^[2]

This report uses the Internet Impact Assessment Toolkit ^[3](IIAT) to assess how the GAIA-X concepts may affect the global Internet by impacting what the Internet needs to thrive as an open, globally connected, secure and trustworthy resource for all. We find that the architecture and ideas behind Gaia-X are well aligned with the Internet and its goals and that eventual negative impact will depend on various details in the implementation and rollout. In particular, any mandated or other non-voluntary deployment would negatively impact the Internet Way of Networking and the Openness of the Internet.

Methodology

The Internet owes its strength and success to a foundation of critical properties that, when combined, represent the Internet Way of Networking (IWN). This includes: an accessible Infrastructure with a common protocol, a layered architecture of interoperable building blocks, decentralized management and distributed routing, a common global identifier system, and a technology neutral, general-purpose network.

To assess whether the present proposal has an impact on the Internet, this report will examine its impact on the IWN foundation the Internet needs to exist, and what it needs to thrive as an open, globally-connected, secure and trustworthy resource.

Context and Assumptions

Context

Federated services ^[4] provide value if they are based on common standards which ensure openness, transparency and interoperability. GAIA-X addresses this requirement by aligning data handling practices of network and interconnection providers, Cloud Solution Providers (CSP), High Performance Computing (HPC) as well as sector specific clouds and edge systems. Here, mechanisms are developed to find, combine and connect services from participating providers in order to enable digital-sovereignty, which GAIA-X defines as. “the power to make decisions about how digital processes, infrastructures and the movement of data are structured, built and managed”.^[5]The proposal is inspired by the goal of digital and data sovereignty. In the GAIA-X context, digital sovereignty is seen as the power by users ^[6] to make decisions about how digital processes, infrastructures and the movement of data are structured, built and managed. The GAIA-X architecture outlines technical solutions to establish digital sovereignty according to EU standards. One particular important aspect of digital sovereignty is data sovereignty. Data sovereignty is the execution of full control and governance by a data owner over data location and usage.

GAIA-X identifies the minimum technical requirements, services, and compliance necessary to operate the federated GAIA-X Ecosystem that provides data sovereignty. The development of these services will follow the principles of Security by Design and also include the concept of Privacy by Design in order to ensure highest security requirements and privacy protection ^[7].

The stated objective ^[8] is to design and implement a data sharing architecture (including standards for data sharing, best practices, tools) and governance mechanism, as well as a European Union (EU) federation of cloud infrastructure, related infrastructure and data services.

The project’s website ^[9] describes the architecture and governance of the federation that is needed to allow all independent actors to exchange trusted statements (self-descriptions) about their capabilities, policies, and commitments in an automated and certifiable manner.

Technical implementation of these Federation Services will focus on the following areas:

The implementation of secure federated identity and trust mechanisms (security and privacy by design).
Sovereign data services which ensure the identity of source and receiver of data, and ensure the access and usage rights towards the data.
Easy access to the available providers, nodes and services. Data will be provided through federated catalogues
The integration of existing standards to ensure interoperability and portability across infrastructure, applications, and data.
The establishment of a compliance framework and Certification and Accreditation services.
The contribution of a modular compilation of open source software and standards to support providers in delivering a secure, federated, and interoperable infrastructure.

Assumptions

There are not many details available about how certain aspects of the proposal will be implemented in practice. The architecture requires that “existing technology stacks must be seamlessly integrable into the GAIA-X ecosystem, without the modification of core application attribute’.”

Critical to the implementation of the architecture are the schemas in which the self-descriptions of the various components and their relation are documented. The document states that “the declarive representation of GAIA-X schemas will be build upon Linked Data Standards like RDF/OWL and JSON-LD.” For the use of electronic certificates a reference is made to X.509, but merely as an example ^[10].

The architecture makes a few references to the Internet, mainly to recognise that networking will take place over the Internet. However, private network interconnects also seem within scope. We also assume that the GAIA-X architecture does not change the way users access cloud services, using the standard Internet protocols. A hint is provided in Appendix B in which a number of link types are covered. It suggests that IP routing, and thus IP, is being used. The architecture seems neutral on the networking paradigms that will be used between the various components of the cloud infrastructure.

The document is also unclear on what protocols and infrastructure will be used for inter-cloud traffic exchange. While one might assume that it is likely going to be on top of an IP based stack, the proposal is not explicit on that matter.

While GAIA-X implements European regulations such as General Data Protection Regulation (GDPR), it is not clear whether the GAIA-X architecture itself will be mandated, such as in government procurement or stronger forms of regulations. Our analysis is mostly based on the assumption of voluntary, market-based development and adoption – an assumption that is critical for our conclusion.

There are several definitions of digital and data sovereignty we are using the one that is used in the GAIA-X documents where “users always retain sovereignty over their data”^[11]. The analysis of the motivation of the proposed architecture, the digital sovereignty, and its merits are outside the scope of this assessment.

How does GAIA-X affect the Internet

In order to understand how GAIA-X affects the Internet model we assess how it might impact the Critical Properties of the Internet, as described by the Internet Society.

The Use of a Common Protocol Whereby Local Arrangements Provide End-to-End Connectivity

We identify no immediate impact.

The architecture does not explicitly state that it will use IP as a common bearer, neither does it reject it. It seems the networking protocol stack is outside the scope of the architecture and, therefore, the choice of the data bearer. However, it explicitly assumes a global reach and hence the functionality of IP as common bearer. In other words, its success depends on it.

That said, as part of the overall trend, where one type of specialised networks (cloud and content distribution networks) gets directly interconneted, if not merged, with access networks, it maybe tempting to use a specialised networking protocol stack. Such choice would have a detremental impact on the Internet as it would lead to a vertically intergated system, rather than re-usable building blocks. Such design choices may reduce the utility of the federation because of the (switching) costs for future participants. Those will be significant unless access to the infrastructure remains available over common protocols, and are able to use the IP stack to grow the federation.

Interoperable and Reusable Building Blocks that are Openly Defined and Voluntarily Adopted by a User Community.

There is a risk that the design and deployment of the building blocks are not based on their utility and business case but are the result of politial negotiation. This would hinder voluntary market driven deployment and will likely limit the use of the federation outside the EU, potentially creating islands of interoperability and increasing the risk of fragmentation. That risk can be mittigated by using building blocks such as technical specifications and open-source libraries that are already in common use ^[12], as the GAIA-X proposal seems to set out to do.

Decentralized Management and a Single Distributed Routing System that is Scalable and Agile

The federated architecture depends on several centralized components to make the actual federation work, such as the service discovery and service catalogue functions. These serve as an enabler for individual participants of the federation to run their networks and services as they see fit.

The standard-to-be is aimed at facilitating a federated data infrastructure, and therefore foster a more distributed system and decentralized management than a consolidated cloud market would offer. It is not clear whether implementation of the GAIA-X architecture would exacerbate a trend where cloud providers build their own data distribution backbones and use private interconnects with access providers, which leads to lower investment in the general purpose transit services ^[13].

It is also unclear to what extent these centralized components will support competition and innovation among GAIA-X participants. For example, if the service catalogue provides definitions that are too rigid and not extendable, it may be benefitial to the portability of services among different participants. At the same time, however, it may drive customers to competitors who can offer the extentions.

A Technology Neutral, General-Purpose Network that is Simple and Adaptable

The Internet’s foundation relies on a technology neutral, general purpose network, which in turn enables its decentralized nature. The fact that many small and medium-sized companies (SMEs) can potentially serve customers all over the world is a testament the critical property’s importance to the success of the Internet. If, however, the deployment of GAIA-X is based on vertical special purpose network technologies then that would effectivelly negate this property, and place the initiative outside the Internet. In that case disjointed GAIA-X components would need special gateways or translators to interconnect over the Internet.

Summary

If GAIA-X uses IP as a common bearer to reach its own full potential, its architecture will not likely impact the Internet in a significant way.

If the initiative leads to strong verticalisation of services causing uninteroperable islands of deployment, however, this would have a significant impact on the Internet. Those verticals would not be part of the Internet, and would need gateways where some degree of interoperability is required and may inadvertently compete with it.

How does GAIA-X Affect the Realization of the Full Potential of the Internet?

While the critical properties are essential for the Internet to exist, they are other elements the Internet needs to unlock its full potential. To identify whether GAIA-X could impact what we need for an Internet that is open, globally connected, secure and trustworthy, we will assess the initiative through the lens of the enablers of these goals.

Easy and unrestricted access

“It is easy to become part of the Internet, for networks and users alike. That means that for users the Internet is affordable and Internet services are accessible, and that network operators can easily become part of the Internet, without unnecessary regulatory or commercial barriers for both groups.”^[14]

From the perspective of “access”, we do not see an immediate impact for network operators to provide Internet services and for users to use them, if access to these services is provided using commonly used/deployed methods (i.e. IP protocol stack). If access to GAIA-X requires non-Internet-based access, however, then it would not be a part of the Internet.

The architecture poses additional requirements such as the need for certification (to a greater extent related to socio-political requirements rather than the provision of the service). That makes the barrier to entry higher. At the same, time allowing automated assessment of policies and practices reduces the friction set by those requirements Should the use of GAIA-X be mandated, something that is not implied by the current documentation on GAIA-X, there would be additional challenges for service providers. They may face a higher hurdle to offer services and technology in Europe if they had to meet the GAIA-X requirements.

Unrestricted Use and Deployment of Internet technologies

“The Internet’s technologies and standards are available for adoption without restriction. This enabler extends to end-points: the technologies used to connect to and use the Internet do not require permission from a third party, operating system (OS) vendor, a network provider, or any other third party. The Internet’s infrastructure is available as a resource to anyone who wishes to use it. Existing technologies can be mixed in and used to create new products and services that extend the Internet’s capabilities.“^[15]

GAIA-X components are expected to be available as open source. We assume these will be available for other parties willing to set up a federation based in this architecture. If that assumption is correct, GAIA-X positively impacts that enabler. Howeer, any restrictions and non-voluntary adoption of this technology would impact the enabler in a negative way.

Collaborative Development, Management, and Governance

“The Internet’s technologies and standards are developed, managed, and governed in an open and collaborative way. This open collaboration extends to the building and operation of the Internet and services built on top of the Internet. The development and maintenance process is based on transparency and consensus, and has as its goal the optimization of infrastructure and services to the benefit of the users of these technologies.”^[16]

The GAIA-X initiative has been spearheaded by German and French governments, and it is unclear to what extent the requirements reflect political imperatives or real business needs. At first glance the project seems to be developed with ‘bottom’ up’ collaborative governance in mind. It relies on other projects and aims to not reproduce work by the communities behind the projects it relies on. However, if its governance and adoption is led by a state driven conformance regime then this enabler would be driven in a negative way. There is no indication that the ecosystem will evolve that way ^[17]. In fact, we expect its governance model to become more open. For instance, the document on Policy Rules and the Architecture of Standards (PRAAS) for the federated GAIA-X Data and Infrastructure Ecosystem ^[18] is a first draft on existing policies and rules and has been initially provided by the members of a Franco-German working group. It suggests that several working groups have been formed. The term “working groups” appears to imply they would be open for anybody to join ^[19] but further information about them, their deliberations, and charters are not (yet) available.

An important aspect of the governance will be the certification and onboarding processes. (See also Accountability below.)

Unrestricted reachability

“Internet users have access to all resources and technologies made available on the Internet and are able to make resources available themselves. Once a resource has been made available in some way by its owner, there is no blocking of legitimate use and access to that resource by third parties.”^[20]

GAIA-X gives data owners the ability to determine terms of usage. In that sense, it maximises reachability of the data, as data owners may now make data available that they previously might not have made available. We see no impediments imposed by GAIA-X that would restrict users to access resources made available, beyond the scope defined by data owners.

Available Capacity

“The capacity of the Internet is sufficient to meet user demand. No one expects the capacity of the Internet to be infinite, but there is enough connection capacity – ports, bandwidth, services – to meet the demands of the users.”^[21]

If concepts like data sovereignty are mandated, the available capacity of services that provide data sovereignty might be limited. For instance, while an optimised path or a data location may exist at a point in time, it may be restricted by policy, and therefore be not available for use. Depending on the scale of deployment and associated economics, there may be sufficient offerings to avoid bottlenecks.

Data Confidentiality of Information, Devices, and Applications

“Data confidentiality, usually accomplished with tools such as encryption, allows end users to send sensitive information across the Internet so that eavesdroppers and attackers cannot see the content or know who is communicating. Allowing the transfer of sensitive information helps create a secure Internet. Data confidentiality also extends to data-at-rest in applications and on devices. (N.B., “confidentiality” also contributes to privacy, which is part of a trustworthy Internet).”^[22]

It is likely that GAIA-X enhances the confidentiallity of information. The GAIA-X Policy Rules for Infrastructure (V1.1)^[23] explicitly calls out the following requirement for services processing personal identifiable information:

“The infrastructure cloud provider ensures by the application of appropriate technical or organisational measures the confidentiality, veracity and availability of the data of the controller. Risk appropriate transfer encryptiono [sic]. Traceability of data processingo [sic]. Separate processingo [sic]. Restorabilty after incidentso [sic].”

Through the lens of this enabler that requirement could be strengthed by also requiring encryption of data at rest and in transit, regardless the risk level ^[24].

Integrity of Information, Applications, and Services

“The integrity of data sent over the Internet, and stored in applications, is not compromised. That is, information sent over the Internet shouldn’t be modified in transit, unless directed by the communicating parties (e.g., a captioning bot may be useful to turn spoken words into text). Critical underlying Internet services, such as DNS and the routing system, cannot be manipulated or compromised by malicious actors. Data stored in applications cannot be manipulated or compromised by third parties.”^[25]

If developed as per its current set of requirements, GAIA-X would have a positive impact on this enabler. There is an architectural requirement supporting this in the reference to the European Cloud Security Certification ^[26].

Reliability, Resilience, and Availability

“The Internet is reliable when technology and processes are in place that permit the delivery of services as promised. If, for example, an Internet service’s availability is unpredictable, then users will observe this as unreliable. This can reduce trust not just in one single service, but in the Internet itself. Resilience is related to reliability: a resilient Internet maintains an acceptable level of service even in the face of errors, malicious behavior, and other challenges to its normal operations.”

The GAIA-X ambition is to create a federation through which small and medium sized enterprises can ofer their services as such it is likely to offer a broad offering. From a global Internet perspective not having all eggs in a few hyperscaler baskets, but spread over many decentralized service providers is a positive development. For the users (e.g. enterprises) of GAIA-X the creation of a multi-cloud environment can be easier. However, individual providers may not reach the level that allows them to benefit from the economy of scale. As such, they could lack the resilliency of skills, staff and resources that the biggest providers might reach.

Accountability

“Accountability on the Internet gives users the assurance that organizations and institutions they interact with are directly or indirectly acting in a transparent and fair way. In an accountable Internet, entities, services, and information can be identified and the organizations involved will be held responsible for their actions.”^[27]

The GAIA-X framework requires specific measures to be implemented and requires the certification of those. This makes individual service providers more accountable for their actions.

It is not yet clear to us how the GAIA-X governance structure itself will be held accountable for its decisisions. For instance, will there be methods of appeal when entities are allowed or becoming part of the federation?

Privacy

“Privacy on the Internet is the ability of individuals and groups to be able to understand and control what information about them is being collected and how, and to control how this is used and shared. Privacy often includes aspects of anonymity, removing linkages between data, devices, and communications sessions and the identities of the people to which they pertain.”^[28]

In theory, service providers operating in the European Union are already bound to privacy requirments set by GDPR. As such privacy will not be enhanced as a result of GAIA-X development and deployment. However, the explicit privacy focus might draw customers from regions to which EU regulation does not apply and provide those customers with greater privacy expectations than previously would have been available to them.

It is also not clear from the current document to what extent privacy and data sovereignty objectives will be achieved by policing and conformance, vis-à-vis use of privacy enhancing technologies, such as zero trust architectures and end-to-end encryption. Both play an important role and should not be neglected.

Summary

Upon analysis of current GAIA-X proposals, it appears that it is a positive development for an open, globally connected, secure, and trustworthy Internet. However, if using GAIA-X deployment is mandated instead of voluntary, this would impact aspects of openness because appropriate technologies and service can be limited in choice and be less easily adapted to specific operating conditions. While the proposals address security, this aspect could be improved with making more explicit strong measures for confidentiality of data.

We believe that the openness and accountability of its governance process is a point of attention as it is not yet clear how entities can participate in the actual governance and how the governing entities can be held accountable for their decisions.

Conclusions

Based on our understanding and assumptions, the GAIA-X proposal in its current state gives us little reason to think it will impact the Internet and its use in negative ways. However, this conclusion is with the caveats that:

The architecture is IP based and that its deployment in specialized verticals does not degrade the ability to run similar services on the general purpose Internet.
The standard development process is open, inclusive and transparent.
The deployment of GAIA-X is voluntary and not mandated.
There is attention to ensuring an accountable governance model with the appropriate stakeholders involved.

Endnotes

[1] https://www.data-infrastructure.eu/GAIAX/Redaktion/EN/Video/20200604-GAIA-X-Ministerial-talk/20200604-ministerial-talk.html

[2] https://www.data-infrastructure.eu/GAIAX/Redaktion/EN/Dossier/gaia-x.html

[3] https://www.internetsociety.org/issues/internet-way-of-networking/internet-impact-assessment-toolkit/ The IIAT was developed by the Internet Society to be used by anyone who wants to check if a particular policy, development, or trend affects the critical properties of the Internet Way of Networking (IWN).

[4] A federated service is one where several autonomous entities collaborate, using technical and behavioral standards, to offer a common service to the users of that service. Also see e.g. https://en.wikipedia.org/wiki/Federated_architecture

[5] Gaia-X Architecture Document, 21.06 Release, section 8.28.

[6] https://www.gaia-x.eu/what-is-gaia-x explicitly refers the sovereignty of users.

[7] https://www.data-infrastructure.eu/GAIAX/Navigation/EN/Home/home.html#id1839166

[8] ibid

[9] https://www.data-infrastructure.eu/GAIAX/Navigation/EN/Home/home.html and links therefrom

[10] See footnote 14 of the Gaia-X Technical Architecture Document https://www.data-infrastructure.eu/GAIAX/Redaktion/EN/Publications/gaia-x-technical-architecture.html and links therefrom

[11] https://www.gaia-x.eu/what-is-gaia-x

[12] An example of widely adopted open-source building blocks is the OpenStack initiative, https://www.openstack.org/

[13] A point made by Geoff Huston at e.g. https://www.potaroo.net/ispcol/2021-07/telco.html and https://www.potaroo.net/ispcol/2016-10/xtransit.pdf

[14] https://www.internetsociety.org/resources/doc/2021/enablers-of-open-globally-connected-secure-trustworthy-internet/

[15] Ibid.

[16] Ibid.