...

_archive/tfgrid/usp/usp.md

@@ -0,0 +1,11 @@
+# ThreeFold Cloud Unique Benefits
+
+![](img/cloud_benefits_.jpg)
+
+| Benefit                            | Description                                                           |
+| ---------------------------------- | --------------------------------------------------------------------- |
+| [Security](usp_secure)             | The ThreeFold_Grid was built with good security concepts in mind.    |
+| [Decentralized](usp_decentralized) | Have your personal or corporate cloud where you want, at any scale.   |
+| [Autonomous](usp_autonomous)       | A self-driving and self-healing architecture.                         |
+| [Compatible](usp_compatible)       | Compatible with industry standards like Kubernetes, Docker, Helm, ... |
+<!-- | [Sovereign](usp_sovereign)         | A sovereign solution for people, organizations and countries.         | -->

_archive/tfgrid/usp/usp_autonomous.md

@@ -0,0 +1,3 @@
+# Autonomous deployment
+
+The ThreeFold Grid management and the IT workloads running on it are not handled by humans but by bots. This removes human error and malicious hacking possibilities from the equation. We call them 3Bots. 3Bots are our virtual system administrators (VSA); they execute all workloads on the grid. To better understand how this works, we invite you to go through the [security section](usp_secure), paragraph 'Deployment process'.

_archive/tfgrid/usp/usp_compatible.md

@@ -0,0 +1,30 @@
+# IT-Standard Compatibility
+
+To meet IT industry standards, we integrated the most used tools for IT workload deployments.
+
+## Docker
+
+![](img/docker.jpg)
+
+Docker is the standard and most widely used container system.
+
+It is supported on the ThreeFold_Grid through the Kubernetes orchestrator layer or directly through conversion into a flist on the [ThreeFold Hub](https://hub.grid.tf). Extensive Docker documentation can be found [here](https://docs.docker.com).
+
+## Kubernetes
+
+![](img/ips_kubernetes.jpg)
+
+Kubernetes is the standard for container orchestration.
+
+On the TF grid, someone can deploy a Kubernetes orchestrator out of the box. We have implemented [K3S](https://k3s.io), a full-blown Kubernetes offering that uses only half of the memory footprint. It is packaged as a single binary and made more lightweight to run workloads in resource-constrained locations (fits e.g. IoT, edge, ARM workloads).
+
+## Helm
+
+![](img/helm.jpg)
+
+The process for deploying workloads on a Kubernetes cluster can be made easy by using Helm templates. These templates are YAML-formatted resource descriptions that Kubernetes can operate.
+A [nice guide](https://helm.sh/docs/chart_template_guide/) describes all ins and outs of this widely used way of defining workload fit for Kubernetes.
+
+# Filesystem
+
+For storage, any file system will be supported; see our qsfs for more detail.

_archive/tfgrid/usp/usp_decentralized.md

@@ -0,0 +1,20 @@
+# Local and affordable everywhere
+
+80% of the world's data currently resides in hyperscale data centers in central locations, which less than 20 organizations own. Compute power is centralized to specific locations. This centralization of power/ownership does not lend itself to equality in the data economy. We have already witnessed examples of major data breaches that benefit big tech corporations.
+
+However, the trend is shifting: it is expected that by 2025, most of the world's data will move closer to where it is used. Local storage of data and computation at the edge will be required for smart cities, self-driving cars, 5G, IoT, Virtual Reality and many more use cases where quick response times are critical.
+
+![](img/decentralized_usp.jpg)
+
+The Threefold technology brings privacy by design, whereby all data and applications remain under the user's control. Only the user can decide to share the data with others.
+
+A decentralized architecture stimulates equality by disabling the accumulation of significant amounts of data from one player.
+
+Moreover, a centrally organized internet architecture is unsustainable: the internet already consumes as much as 10% of the world ́s power generation today. The extremely high entry cost for setting up data centers and the high dependency on reliable power and network infrastructure are major factors that restrain digital infrastructure growth in emerging markets.
+
+ThreeFold brings your data center to where you need it to be, on any scale, and very close to where it's being produced and consumed — facilitating infrastructure setup at the edge.
+
+Related Reading:
+- [ThreeFold Blog: Decentralizing the Internet](https://threefold.io/blog/post/decentralzing_the_internet/)
+- [ThreeFold Blog: Data Center Myths](https://threefold.io/blog/post/big_datacenter_myth/)
+- [ThreeFold Blog: Better Solution For Our Planet](https://threefold.io/blog/post/for_our_planet/)

_archive/tfgrid/usp/usp_secure.md

@@ -0,0 +1,38 @@
+# A More Secure Cloud
+
+## Running on an OS with minimal hacking surface
+
+![](img/secure_zos_.jpg)
+
+Zero-OS is a secure operating system that runs on Threefold nodes.
+
+Some benefits:
+
+- It has no shell, means farmers, i.e. owners of the capacity that hosts the OS and the workloads, have no access to the data residing nor the applications running on their hardware.
+- It does not allow inbound network connections to the OS for administration and workload deployment activities.
+- It is not installed on local (systems based) hard drives.  The OS os booted over the network with cryptographic boot file verification.  Physical disk access or a "man in the middle attack" do not allow hackers to succeed.
+
+
+## Network security
+
+- All networking in Zero-OS comes is set up as a private overlay network. All nodes have their own IPv6 address and are fully interconnected in the defined network. All traffic on the network is encrypted.
+- Linkage for applications to the outside world is managed through the web gateways. These web gateways terminate all incoming traffic pretending to the the server and then initiate a new client service connection to the real application server.  This internal client server connection is initiated by the (real) application server, not from the outside.  This only allows external traffic that is initiated and accepted from inside.
+- There is no TCP/IP traffic allowed coming from the outside. Data is picked up from the inside.
+
+## Quantum safe Storage
+
+The quantum safe storage solution splits data objects or even a full filesystem in an intelligent way into different parts, such that only part of the information stored in one place. Moreover, the data is described in a way such that a person aiming to hack into the low-level data (which is almost impossible in itself), will only find non-relevant information on this storage infrastructure.
+The fact that no data part can be (re-)created by accessing one location, makes the storage quantum proof: no compute power can ‘imagine’ what the other data parts are by looking at the data part of a single location.
+
+Since TFGrid 3.0 we also have a Quantum Safe Filesystem available. This Filesystem can be used inside VM's or Kubernetes. Which is an amazing feature because it allows you to store endless amounts of data in a Virtual Machine.
+
+## Security in the deployment process
+
+Deployment of IT workload using a so-called “Smart Contract for IT” makes the deployment process resilient to human error and hacking. The system is self-driving and self-healing, therefore removing the human requirement for deploying and operating IT infrastructure or services. This represents a breakthrough in IT. 
+
+![](img/smart_contract_it_.jpg)
+
+
+## Secure Decentralized access
+
+Access your blockchain enabled workloads through Threefold Connect App. This app is a decentralized multi-factor authentication mechanism based on PKI technology.

_archive/tfgrid/usp/usp_sovereign.md

@@ -0,0 +1,48 @@
+# Combine Cloud Agility and Sovereignty of On-Premise Data Center
+
+![](img/evdc_sovereign_.jpg)
+
+## Benefit from Agility of Cloud
+
+ThreeFold's allow you to create a Virtual Data Center within a few clicks, will call this an eVDC. 
+
+For Containers:
+
+- Provides agility to the creation and deployment of containers. It brings an easy and efficient framework to create container images as compared to VMs.
+- Allows for continuous development, integration, and deployment, with quick and easy rollback.
+- Applications are decoupled from the infrastructure, therefore isolating the development and operation concerns from each other.
+- Easy management of health and behavior signals of the application.
+- The execution of an application happens in the same way on a laptop/PC or in the cloud.
+- Enables a full abstraction between running an OS and running an application within the OS.
+- Allows for a micro-services architecture, cutting applications into small and independent building blocks that can interact dynamically.
+- It encapsulates the application in such a way that the runtime behavior becomes predictable.
+- An efficient use of hardware resources is possible.
+
+Orchestration with Kubernetes provides users with lots of functionalities:
+
+- Easy to set up and manage the execution of containers and the interaction between these containers.
+- Services to facilitate access using DNS or IP address.
+- Automated load balancing in case of high traffic.
+- Automated rollbacks and rollouts.
+- Self-healing architecture: if containers fail, Kubernetes restarts them, replaces them, kills or stops exposing them if they are not passing the health-checks.
+- Management of secrets and configuration without the need to rebuild container images and without exposing them.
+
+If you don't have enough capacity to run your application, you can create rules in Kubernetes to allocate more resources.
+
+## Benefit from Security and Locality of an On-Premise Data Center
+
+Many organizations don't dare (yet) to benefit from this cloud agility because they see possible significant drawbacks such as:
+
+- By running their applications on a cloud, they commit their data to these cloud providers, which prevents them from controlling and securing their data in an understood manner.
+Cloud architectures are more vulnerable to data intrusion, data theft, data ransom, and other malicious practices because a cloud provider is a multi-tenant set up by design. Many companies and individuals share the same infrastructure (servers, network, access portals etc.). Each of these shared multi-tenant installations brings particular security and privacy risks.
+- Last but not least, in the unlikely case of data loss, data theft, or any other type of hacking occurs, who is held responsible?
+
+The ThreeFold_Grid and eVDC have the solutions to the above challenges, making it possible for anyone to benefit from cloud agility.
+
+### Local secure capacity
+
+The TF Grid is designed in such a way that capacity can be added anywhere by anyone. All you need is a power socket and network connectivity to connect IT infrastructure in a remote area, local office building, private and public datacenter. Therefore, it is possible to create a local cloud infrastructure on-premise with ThreeFold technology that presents the same benefits as large-scale cloud infrastructures. This means companies can be their own internet (cloud infrastructure).
+
+Zero-OS is the stateless operating system that runs on the ThreeFold_Grid hardware infrastructure, and it is available on hardware in any form factor. It can be installed easily, operates autonomously and has incredible security and privacy features.
+
+Zero-OS was designed to enable servers to become part of the ThreeFold_Grid from anywhere (and by anyone). One key element to make this possible is to have an absolute minimal hacking surface on the physical server. In the end, servers will exist in many different locations and will be owned by many actors. A key element to secure the applications that run and the data stored on these servers is to make it impossible for humans to interact with these servers. To make this possible, Zero-OS was designed so that there are no login facility, store and access credentials, or interface for people to interact in any possible way with these servers.