The government approved the concept of creation of the state single cloud platform
In September, 2019 on the official portal of the government the order approving the concept of creation of the state single cloud platform (SSCP) was published. Developed the document the Ministry of digital development within implementation of the federal draft "Information Infrastructure" of the Digital Economy national program.
The concept provides step-by-step transfer of information systems of public authorities and local government authorities to GEOP. Service providers of GEOP will be selected in the order set by federal laws on state procurements and purchases of goods, works, services as separate types of legal entities.
By 2022 it is necessary to complete transfer of 52% of information systems and resources of federal executive authorities and state non-budgetary funds to GEOP. To fulfill key approaches to transfer to this platform of information systems the concept provides carrying out a pilot project with participation of federal executive authorities and state non-budgetary funds.
It is reasonable to determine by the department coordinating and supporting methodically pilot project the Ministry of digital development, said in the concept. For a pilot project together with its participants it is going to create time requirements to infrastructure of GEOP.
In more global scale the concept provides creation of collegiate organ which can join representatives of the Ministry of digital development, FSB, FSTEC and other federal authorities the and also bodies and organizations transferring information systems to GEOP. The collegiate organ will be responsible for project development of requirements to infrastructure of the platform, methodology of transition to its use, regulations of providing and consumption of services, approval of plans of transition, etc.
It is necessary to develop the mechanism and to provide step-by-step connection to infrastructure of GEOP of the existing DPCs of authorities, having synchronized stages of creation of the platform with plans for transfer to it of their information resources.
Also, according to the document, it is necessary to work the mechanisms allowing to be service providers of cloud computing and program services to legal entities or individual entrepreneurs who correspond to a number of requirements – from structure of beneficiaries of provider to resource requirements which the provider has.
The separate block of the concept is devoted to information security support of GEOP where requirements to suppliers of cloud services are stated. For example, at least once a year they will have to hold the organizational events (training, a training) directed to increase in level of knowledge of specialists in questions of security.
The authorities approved an experiment on transition gosinformsisty in Gosoblako
On August 30, 2019 it became known that the Government of the Russian Federation approved regulations on carrying out an experiment on transfer of information systems of state agencies to a single cloud platform. The relevant resolution can be found on the portal of the official publication of legal acts.
As it was reported, the experiment starts on August 30, 2019 and will last till December 30, 2020. He will mention information systems and resources of federal authorities and state non-budgetary funds. Also within the experiment the specified structures will be provided with the automated jobs and software.
The Ministry of Justice, the Public Courier Service (PCS), the Federal Customs Service (FCS), Rostekhnadzor, the National Guard of the Russian Federation, Rosarkhiv, Rosimushchestvo and Social insurance fund will participate in an experiment the Ministry of Telecom and Mass Communications, Ministry of Labor. On a voluntary basis will participate in an experiment federal state budgetary Institution Scientific Research Institute Voskhod and IT suppliers.
Can participate in an experiment and other state agencies or off-budget state funds, but such solutions need to be approved with them and to approve by presidium of the Government commission on digital development, use of IT for improvement of quality of life and conditions of conducting business activity.
Costs for project implementation in 2019-2021 were estimated at 47.6 billion rubles. Earlier it was supposed that Rostelecom will become the coordinator of works on creation of the platform, having spent for it from own means 41 billion rubles. However then the Ministry of Telecom and Mass Communications suggested to appoint to this position of Scientific Research Institute Voskhod.
The experiment represents attempt to create and approve the conditions necessary for creation of the State single cloud platform (Gosoblako). During the experiment it is also supposed to approve functionality of the first stage of the federal GIS "Management of the State Single Cloud Platform". It is as a result going to create the working model of functioning GIS on the platform.
According to the government decree, the customer of works on development of documentation for an experiment will become the Ministry of Telecom and Mass Communications. It can act as the customer of the goods and works connected with the translation of GIS in a cloud, but for this purpose the ministry should sign the relevant agreements with participants of an experiment. Participants who will not sign the agreement from the Ministry of Telecom and Mass Communications will order to themselves goods and works.
Besides, the Ministry of Telecom and Mass Communications should create the interdepartmental working group for coordination of events of an experiment and develop the plan of transition of state agencies for a cloud platform.
The Ministry of Telecom and Mass Communications should trace that in the first stage of a management system there were information security tools and means of identification of users. Besides, in a system there have to be electronic journals of accounting of transactions and means of daily copying of these magazines and other data on the reserve carrier and also means of storage of backup copies within 30 days.
Till September 30, 2019 the Ministry of Telecom and Mass Communications in coordination with the Federal Security Service (FSS) and the Federal Service for Technical and Export Control (FSTEC) should approve requirements to DPC at which will work as Gosoblako and also requirements to ensuring its security and to optimization of architecture of GIS of participants of an experiment. Within two months from the date of adoption of the resolution of the Ministry of Telecom and Mass Communications should approve the GIS list who will be transferred to a cloud with participants of an experiment.
Till December 30, 2019 the ministry should approve the engineering design of migration in which the model of classification GIS, standard migratory stages and the list of necessary documentation will be presented. To this term of the Ministry of Telecom and Mass Communications also should decide on time standards of the automated workplace, service qualities of suppliers, providing the reporting on work of a cloud platform, etc. Besides, the ministry should create the permanent stand for testing of technical solutions.
In addition, till December 30, 2019 by the ministry technical requirements to the first stage of a management system for Gosoblak, rules of its use and service support should be developed. To the same term the single cloud platform and the first stage of a management system should be created by it.
Till January 30, 2020 the Ministry of Telecom and Mass Communications together with Scientific Research Institute Voskhod should analyze the existing Russian hardware and software systems and select among them the most suitable for the organization of the automated jobs and the platforms which are most conforming to the time standard of standard technical solutions for program and cloud services of suppliers. To the same term the Ministry should start the register of the suppliers and consumers participating in an experiment.
The report on an experiment should be submitted till September 30, 2020. If necessary the experiment can be prolonged. The assessment of results is carried out within three months after the end of an experiment.
The adviser to the director of federal state budgetary Institution Scientific Research Institute Woschod Ruben Enfiadzhyan, speaking at the TAdviser Cloud Day 2019 conference in April, told about the new concept of the state single cloud platform (SSCP). It was developed under the auspices of the Ministry of Telecom and Mass Communications in 2019 and represents new vision of creation and development of "state cloud" taking into account the new calls facing state agencies.
Ruben Enfiadzhyan noted that in 2015 the order of the Government of the Russian Federation approved the concept of development of "state cloud", but for 4 years of special progress in promotion of this idea in the market was not reached. And now in actions of the Digital Economy national program this project will be given new breath, he says.
Examination of state agencies on complexity and duration of migration of information systems of state agencies on a cloud platform was conducted. An output - the needs for infrastructure for state agencies grow every year approximately for 15%. Also the nedofinansirovannost of some systems regarding infrastructure was revealed that is connected with passing of several crisis periods the Russian economy, the adviser to the director of Scientific Research Institute Voskhod noted.
At the same time, very often IT systems of state agencies are based on import software and hardware tools that bears in itself risks. Possibilities of import substitution are limited to heterogeneity of the existing technologies. The new concept became the answer to all these calls, the speaker explained.
Different authorities and local government, state corporation should become potential consumers of the platform. Gosoblako will be controlled and certified by the state.
It is supposed that the platform will include a uniform set of basic services (Colocation, IaaS, PaaS, eGaaS is infrastructure of the electronic government) from a pool of the entrusted providers equivalent in terms of access and with transparent blanket market tariffs. At the same time each customer can have several providers.
The concept provides the choice of providers on 44-FZ, and for quality control with providers SLA will subscribe. This platform will be controlled and be monitored by the organization subordinated to the Ministry of Telecom and Mass Communications. For example, Scientific Research Institute Voskhod. This solution is not approved yet, but the Ministry of Telecom and Mass Communications has such intention, Enfiadzhyan added.
Will be responsible the Ministry of Telecom and Mass Communications for approval of requirements for inclusion in the register of suppliers of GEOP, the adviser to the director of Scientific Research Institute Voskhod told.
| ||In the previous concept the supplier was uniform: the operator who holds essential market position of Russia - Rostelecom. But now the new command of the ministry insists on competitive environment - creation of a pool of the entrusted providers, i.e. companies and state corporations which underwent testing and accreditation, - Ruben Enfiadzhyan explained.|| |
It is supposed that suppliers of GEOP invest the infrastructure in the project, participate in the held auction which is held by customers, and further perform terms of the contract. Customers will have to send then the report to the regulator about efficiency of use of resources.
At the same time the cloud should be implemented on the equipment and software, "free from sanctions risks".
The concept assumes that Scientific Research Institute Voskhod maintains a register of suppliers, develops rates, requirements, specifications, carries out monitoring of management, develops and controls execution of SLA and also helps examination with permission of disputable situations.
Transition FOIVOV to a cloud is supposed step-by-step, especially considering that this process is performed in parallel with import substitution of software in state agencies.
That the cloud platform fully earned, harmonization of the existing legislation is necessary. Making changes in 149 and 44-FZ is necessary, first of all, and also it is a little in 210-FZ, Ruben Enfiadzhyan notes. Also it is required to prepare the bylaws and new regulatory legal acts providing the new national standard of classification of DPCs not to be guided by the American or European standards like Tier 3, Tier 4.
The representative of Scientific Research Institute Voskhod noted that terms of the beginning of transition of state agencies to a cloud platform depend in many respects on that how soon necessary legislative changes will be carried out. It is expected that transition will begin in 2020.
Scientific Research Institute Voskhod develops the plan of transition of state agencies for a cloud platform. It is going to be approved in 2019. Also, without waiting for changes in the law, Scientific Research Institute Voskhod wants the order of the government to make an experiment with the first 10-15 departments at first of transition to GEOP and to consider this experience in 2020.
2017: By Gosoblako it has to be brought into commercial operation until the end of 2019
According to the actions plan in the Information Infrastructure direction of the Digital Economy of the Russian Federation program, to the middle of 2019 requirements for use of the state single cloud platform by public authorities and local government should be normative defined and also the plan of transfer of their information systems and resources to the state single cloud platform ("state cloud") is approved.
At the same time, input of "state cloud" in commercial operation is planned for the end of 2019. From this point and until the end of 2020 on this platform 60% of federal and 40% of regional information systems should migrate. In general by 2024 the share of the state systems transferred to "state cloud" should increase to 90%.
Bill of a state cloud
In November, 2016 the Ministry of Telecom and Mass Communications submitted the bill for public discussion, providing gradual transfer of the existing and perspective state information systems to uniform infrastructure of the electronic government. It was drafted, including, in execution of the order of the president about primary use of uniform infrastructure of the electronic government by state agencies.
According to the bill, functioning of information systems of state agencies, state corporations, state companies and interaction between them is electronically performed, including, using infrastructure of the electronic government. In the document the order of use of this infrastructure is regulated and its structure is defined. In the same place definition of service provider of infrastructure is given, his duties are fixed.
Developers of the document suggest to implement uniform infrastructure of the electronic government in the form of the system of federal and regional DPCs. They believe that it is most reasonable method to provide economically reasonable conditions for concentration of computing resources and also storages and processings of personal data of citizens in the territory of the Russian Federation. It is supposed that DPCs should be connected by redundant trunk communication channels of high capacity in a uniform disaster-proof cluster.
| ||The similar structure of a system of DPC will allow to provide with the smallest costs information and telecommunication services of geographically distributed users due to approach of resources of information and telecommunication infrastructure directly to users, said in the explanatory note to the bill.|| |
Protection against the computer attacks should be implemented using reliable software and hardware tools and respect for the principle of absence of traffic of the specified cluster out of borders of the Russian Federation, it is noted in the same place.
During creation of uniform infrastructure the bill assumes use of cloud computing. Among their advantages developers of the document call increase in efficiency of use of computing resources, cost reduction of the organization on acquisition of the IT equipment, software and their service, cost reduction on the electric power. Advantages are also increase in controllability of IT infrastructure and an opportunity to ensure smooth operation of the organization thanks to a backup system and migration of virtual environments.
The bill provides making changes in a row of legal acts to update a conceptual framework, to regulate main engines of use of cloud services, to set legal status of a system of federal and regional DPCs.
The document sets determination of infrastructure of cloud computing. It is represented to set of technical means, software, isolated and geographically distributed across the territory of the Russian Federation, networks ensuring functioning during creation, processing, storage and providing information in the mode of remote access to more than one information system.
The document suggests to make also changes No. 210-FZ "About the organization of providing the public and municipal services" to fix in it use of uniform ICT-infrastructure when rendering state services. Besides, he assumes making changes in No. 63-FZ "About the electronic signature" to set uniform requirements to the electronic signature for state agencies.
Along with it, the document fixes for the Ministry of Telecom and Mass Communications of power on carrying out uniform technology policy. Here formation of technical and organizational requirements to communication networks, import substitution of the equipment and software, an exception of repeated creation of functionally similar elements of infrastructure enters.
In the explanatory note to the bill it is said that implementation of its provisions will demand significant engineering and organizational changes from state agencies. With respect thereto application of a special order of term of its introduction in force will be required.
Order of the president about uniform infrastructure
On July 21, 2016 the president Russia Vladimir Putin charged to the prime minister To Dmitry Medvedev to develop and enter to State Duma the federal law on primary use of uniform infrastructure of the electronic government by state bodies "for increase in security and stability of work of information systems of public authorities". It is said on the Kremlin website.
The document should approve structure and requirements to elements of uniform infrastructure, including an engineering part which includes communication networks, data processing centers and an information security system. Functions of each element should be fixed, and use of analogs is limited over time.
Also the Cabinet of Ministers should work a transient period during which state agencies will pass to uniform infrastructure during creation and operation of the state information systems and receiving services of providing the software and the equipment on cloud computing for the benefit of executive authorities and local government authorities.
Besides, the bill should determine the operator of infrastructure and the contractor by creation and operation of all its elements. The telecom operator holding essential position in a public communication network in territories not less than two thirds of regions of Russia should be it.
In order it is said that it is necessary to define legal and economic mechanisms of phased transition on financing of creation, development and operation of uniform infrastructure with attraction of extrabudgetary funds.
Order of the president should be executed till January 1, 2017.
Estimates of perspectives of Gosoblak participants of IT market before start of the project
During the survey conducted in May-June, 2016, TAdviser asked to estimate the domestic vendors and integrators working at the market of informatization of a public sector perspectives of "state cloud" (trends of consolidation of computing resources of departments). Practically all polled experts are positive for the future of this trend. In particular, during the poll such epithets as "perspective", "effective", "practical", "profitable", "useful", "correct", etc. sounded.
| ||Development of modern information systems is directly connected with development of cloud solutions and, technology, this way is perspective and economic. Use of cloud computing in a private cloud or in a state cloud allows to resolve issues of safe storage and data processing, to quickly carry out informatization, - Dmitry Komissarov, the CEO of New cloud technologies is sure|| |
Technology, according to him, implementation is possible despite project scales and that is important - implementation is possible with wide use of domestic software. A number of steps on the way to creation of such infrastructure is ready to accept the state, the expert adds. The most difficult is the organizational issue of the choice of the operator here – as soon as it is solved, process can be considered begun, Komissarov considers.
According to the CEO of AMT Group Alexander Goltsov, "state cloud" is very right direction of development as it will allow to optimize significantly investments into infrastructure and also to provide fulfillment of requirements of information security.
At the same time, if from the technology party the task looks quite solvable, then with legal and problems can be organizational. Mainly it concerns questions of confidentiality of data.
| ||The main barriers were and remain not in the technology plane any more, and it is rather - in legal. Now there is no sufficient normative field which will allow to take data and information systems of departments and to place on one server or in one DPC. Even at the federal level. Besides, that the initiative of "state cloud" was interesting to departments, it is necessary to handle financing issues. Now department for an information system necessary for it "votes ruble", - Sergey Eysymont, the associate director of department of complex projects Lanit says. - Who will be a customer in case of "state cloud" – me not really clear|| |
If it is an area of responsibility of the operator, then without study necessary legal the technician the interest of the functional customer will be less protected, than now. As a result, adds Eysymont, there is a downside risk of relevance of the implemented solutions to business challenges which need to be computerized.
The CEO of Aytonika Alexey Boldyrev also speaks about a legal side of a question. According to him, the mechanism of transfer of responsibility for storage of very sensitive confidential data in potential "state cloud" from department which generates them, to department which manages future "state cloud" is still not developed.
| ||Construct big DPC and hammer it with data is a technical issue, and it is solved. Difficulties as it is represented, lie rather in the legal and organizational plane, - the CEO of Aytonika notes|| |
Problems of organizational character are expected also by Vladimir Andreyev, the president of DocsVision. Anyway, all IT services will go to cloud infrastructure, in particular in hierarchical structures of a public sector it is profitable and effective, he says. However mostly it will be hybrid clouds – when the core of the solution is based in a private cloud of higher body of the power/region or large municipality, and some services are consumed from public clouds (for example, the cloud service of "MyOffice" has serious chances of it, explains Andreyev.
If to cross "state cloud" to development of the register of the Russian software, it is possible to receive the independent, available and quickly unrolled infrastructure for complex automation of activity and increase in efficiency of public authorities, Dmitry Trofimov, the deputy manager of commercial directorate of the Asteros group is sure. Data security provision and systems can become restriction, according to him, but at the current level of development of information security systems it is solved organizational and technology measures, with involvement of the state organizations and departments, responsible for it.
| ||At reasonable management of this process budget economy will be profitable to the state and to citizens – we will be able to receive better services, and the released budget will be redirected on other technology and socially important projects", - the representative of Asteros considers|| |
Speak about security issues also in CROC company.
| ||The main stumbling block in creation of "state cloud" are even not normative and legal aspects, and it is rather questions of security. Information systems of different bodies differ on security classes, determined by FSTEC, FSB and so forth, and all of them will be transferred to a unified environment with access for a great number of subjects. The operability of such environment should be not only is normative regulated, but also actually provided in terms of approaches to information security, generally due to use of the free software and the Russian IT solutions", - Alexander Belyaev, the head open-source in IT infrastructure of CROC company comments.|| |
Key risk, according to Timur Medzhitov, the associate director on work with authorities of Directum company, communication channels between the selected places of dislocation of the state clouds elements in regions and real users are. If this risk is not closed, then users can face slow operation of applications and services, he warns.
| ||The cloud model and services are to what both the commercial, and state organizations move today. It is practical and is effective, due to such advantages as virtualization, fault tolerance, simplicity of upgrade, integration and maintenance, smaller specific cost of resources, and many others. Respectively, universal distribution of this trend is only a matter of time, especially taking into account today's realities, - Alexey Pilipchuk, the general manager of Tegrus sums up|| |
The first client of Gosoblak can become the Ministry of Telecom and Mass Communications
And infrastructure of the electronic government can become the first large customer of Gosoblak to the Ministry of Telecom and Mass Communications. In January, 2016 the source in the ministry declared to TAdviser plans to utilize an obsolete equipment of infrastructure and further to rent it on the IaaS model  (in more detail).
2015: Approval of the concept Gosoblak
On October 7, 2015 the Prime Minister Dmitry Medvedev approved the concept (to download the document in the PDF format) transfer of processing and storage of the state information resources which are not containing the data making a state secret in the system of federal and regional DPCs.
Prerequisites of the Project
Inspection of ICT infrastructure of state agencies and off-budget funds showed that they mainly use own resources and have a need for an additional ICT resources. As one of premises of the project in the concept need of selection of large means from the budget is specified development of the infrastructure existing at state agencies. According to authors of the concept, expenses on upgrade and development of own ICT resources at the end of 2014 made of budgets of different levels more than 16 billion rubles, and it without keeping of staff of specialists in number of 4.8 thousand people servicing ICT infrastructure.
Data are provided in the concept that costs only of federal executive authorities for development of own ICT infrastructure, including design and construction of DPC, purchase and installation of equipment, are estimated for 2015 - 2017 at 102 billion rubles from which more than 40% can be directed to purchase of servers.
At the expense of a gradual failure from equipment procurement and reduced cost value of services of a system of DPC it will be possible to achieve decrease in load of budgets of all levels to 10% a year. Thus, during 2015-2017 only on federal authorities economy of means of the federal budget can make about 10.2 billion rubles, the document says.
One more premises is the security issue. Local ICT infrastructure is vulnerable for the external computer attacks because of the import technical and software tools used in it, authors of the concept note. The fact is also given in the document that 70% of public servants use mail services of the commercial organizations which are often placed on foreign hosting platforms for office correspondence. It creates the risks connected with uncontrollable access for the third parties to electronic correspondence.
Creation of own products which are based on the Open source software or own development placed in controlled DPCs in the territory of the Russian Federation with observance of the set requirements to cybersecurity could become the solution of this problem, said in the document.
With reference to the international experience in the concept it is noted that in state agencies it is reasonable to use service approach to providing ICT infrastructure and also cloud computing.
"For effective solution of a problem of informatization of public administration at simultaneous providing expense optimization of budgets of all levels, increases in stability of functioning and security of the state information resources it is necessary to increase a share of use of cloud computing in information and telecommunication ensuring activity of authorities", said in the concept.
Organization of a system of DPC
According to the concept, the system of the federal and regional DPCs connected in a uniform disaster-proof cluster by redundant trunk communication channels should be organized. Protection of DPC network against the computer attacks should be implemented using "reliable software and hardware tools" and respect for the principle of absence of traffic of the specified cluster out of borders of the Russian Federation. For the purpose of data protection the document also orders careful independent control of suppliers of the "cloud" services using ICT infrastructure of a system of DPC.
DPC network should be controlled one operator. At the same time the last can create their basic ICT infrastructure at the expense of own means and also attract capacities of other organizations to work in such system according to in advance approved technical requirements and an order of accession.
Regulation of cost of services
For the purpose of restriction of growth of cost of services the concept orders to install the systems of data processing centers maximum permissible annual rise in price of cost of services of Gosoblaka operator no more than on the value of the index of growth of consumer prices (December by December) in previous year in coordination with the body performing functions on development and implementation of state policy and legal regulation in the field of IT.
The plan of transfer of state agencies in Gosoblako
In December, 2015 it is going to make changes in a row of the laws and regulatory legal acts directed to settlement of use of cloud computing at implementation of a state administration. In December it is going to create the collegiate organ which is responsible for development of requirements and methodologies upon transition of public authorities to use of a system of DPC and in the same month to define the operator of a system of DPC.
Creation of a system of data processing centers is planned for December, 2016, and for June, 2016 – a pilot project on transfer of IT resources not less than three public authorities in the system of DPC.
By September, 2016 rules of rendering services of a system of data processing centers and also criteria and an order of inclusion of DPCs, information resources and (or) IT systems of users in Gosoblako should be developed.
From January, 2018 to December, 2020 in Gosoblako IT resources of state agencies which are owners of DPC, and should be translated from January, 2019 to December, 2021 – IT resources of state corporations and companies with state participation.
Responsible for implementation
At the disposal of Dmitry Medvedev it is specified that the realization of the concept should be enabled by the interested federal executive authorities, and – to provide to the Ministry of Telecom and Mass Communications methodical support of transfer process of processing and storage of the state IT resources in the system of DPC.
In 2013 by request of the Ministry of Telecom and Mass Communications the CROC system integrator developed the concept and the engineering design on implementation of uniform engineering infrastructure for state bodies (Gosoblako project), taking into account requirements of regulators to security. The concept contained organizational approaches to receiving IT services by the federal public authorities (FPA) within uniform infrastructure, the principles of migration of the state systems on it and also the analysis of economic feasibility of the project proceeding from information on IT budgets of all federal public authorities. So, by final assessment of the Ministry of Telecom and Mass Communications, transition to uniform infrastructure would allow to optimize costs for informatization of federal state agencies (FOGV) more than for 22%.
The engineering design on implementation of "state cloud" was developed taking into account the software tools existing at that time which could form the basis of future infrastructure. Two options of implementation – based on products from well-known large foreign producers and using open source of components turned out.
In October, 2015 the concept of "state cloud" was approved by the Prime Minister Dmitry Medvedev. The final document reflected the main ideas stated in the concept of 2013 with some reductions and processings.
"The law which should be developed and submitted for consideration in the State Duma of the Russian Federation till January 1, 2017, in fact, will allow to legalize uniform infrastructure of the electronic government which concept developed since 2013. The main idea of changes - economy of means of the state for own needs, at simultaneous quality improvement of the IT systems necessary for work of FOGV. Over time independent purchase of software tools and the IT equipment by state agencies will be replaced to order or purchase of IT services at gosoblaka operator who still should be defined. And IT services of all of FOGV, i.e. a set of infrastructure and application solutions of different types, will be concentrated in a single network of data centers", - Ivan Shumovsky, the head of infrastructure solutions of CROC company says.