T6.6 Sensitive Data Activities

1. EOSC-hub receives funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 777536. Abdulrahman Azab University of Oslo T6.6 Sensitive Data Activities OpenAIRE EOSC-hub Webinar December 6th

2. CSC – Finnish research, education, culture and public administration ICT knowledge center CSC ePouta secure cloud

3. 406.12.2018

4. 506.12.2018

5. 606.12.2018

6. 706.12.2018

7. 806.12.2018

8. 9 • Apply for a CSC project (You can apply through EOSC-hub) • Setup your own network • Establish the connection with your ePouta network - OPN (Optical Private Network) or - within FUNET and European academic networks - an MPLS (Multiprotocol Label Switching) connection • More info: • Connection: https://research.csc.fi/pouta-application • Pricing (google “epouta pricing”) Getting Access to ePouta 06.12.2018

9. CSC Sensitive data platform

10. Services for Sensitive Data

11. TSD in a nutshell VMs High performance computing Storage 2-factor authentication • Analyzes • Software • Databases • Data collection Firewall

12. BeeGFS TSD Architecture NFSp01 p02 pN p01 p02 pN ColossusTwofactorAuthentication

13. Singularity Repo Compute container CVMFS Repo Singularitycontainers Condor CM container container Compute container Docker Singularity Compute container Docker SingularityDocker Singularity Compute container Docker Singularity Reference data Compute container Docker Singularity Compute container SingularityDocker Local Docker Registry Docker Repo Docker Images Elastic expansion Docker swarm Project storage Sensitive data Shared Storage TSDFirewall ProjectVLAN bio.tools GYOSC2 – Get Your Own Secure Container Cluster

14. # Research project over time TSD in rapid growth 30 80 130 180 230 280 21.04.2014 07.11.2014 26.05.2015 12.12.2015 29.06.2016 15.01.2017 03.08.2017 Ø > 500 research projects Ø > 2200 users Ø > 800 virtual machines Ø ~ 2.0 petabyte data

15. • Web form – online questionnaire for secure data collection • API – import of data from smartphone and tablet • Min Mat - Mapping of malnutrition in patients • Others …. Data collection

16. The consent system is a system designed to provide a service that manages the consents given by persons for handling data imported in TSD by a project. The consents are intended to allow the persons provided data to be processed by researchers inside TSD. The system will provide the following functionality: • Allow a person to give, view and revoke consents for a data uploaded in TSD. • Allow a researches query user consent for a data in TSD 06.12.2018 17 TSD Consent system

17. 06.12.2018 18 TSD Consent system - Design

18. 06.12.2018 19 TSD Consent system - Query

19. 20 • PaaS & SaaS à We take care of you J • Support for both Windows and Linux (platform and software) • High performance computing (HPC) à both elastic and bare metal • Sensitive data Web forms • Data collection using Smart devices • Consent system • Anonymization of structured data TSD features summary 06.12.2018

20. 21 • Apply for a TSD project (You can apply through EOSC-hub) Getting Access to TSD 06.12.2018

21. In the electronic application you will be asked to upload the documentation collected during the following steps: • Step 1: Some document proving your rights to perform your research (i.e. your data usage approval) (typically REK, NSD, Privacy Officer, Data Inspectorate or other such body). NB : If your research falls outside of this, but still has data that should be especially secured, you just upload a document that describes the situation. Typically economic secrets or other data that is business secrets. • Step 2: Documentation regarding partner institutions (if of interest to the project application, most of the time this is not needed) • Step 3: Data Processor Agreement between your institution and UiO/TSD • Step 4: TSD Commercial Contract between your project and UiO/TSD • Step 5: Electronic Application (required) 06.12.2018 22 Apply for a TSD project

22. 23 • Apply for a TSD project (You can apply through EOSC-hub) • Upload your data • Start working J • More info: • User guide: https://www.uio.no/english/services/it/research/sensitive-data/use-tsd/ • Pricing (google “TSD pricing”) Getting Access to TSD 06.12.2018

23. EOSC hub activities

24. B2SHARE 25

25. 26 Simple Setup (ongoing) B2Access B2Access IdP Data PXX Data PYY B2Find B2share pXXaccount pXX users pYY users pYY account TSD/ePouta

26. Secure B2SHARE setup (planned)

27. 28

28. 29

29. uDocker • User space container platform (No admin privileges) • Compatible with Docker (no conversion) • Supports MPI • Suitable for secure e-infrastructure • Ongoing work for support by TSD and ePouta 30

30. Amnesia • Data anonymization tool, that allows to remove identifying information from data. 31

31. BeeGFS NFSp01 p02 pN p01 p02 pN ColossusTwofactorAuthentication

32. Summary • Using personal data for research purposes poses challenges for IT infrastructure – but these can be solved! • CSC ePouta and UiO/TSD are operational secure e- infrastructure for sensitive research data • CSC ePouta secure cloud and UiO/TSD provide sensitive data and compute service in EOSC-hub • https://www.eosc- hub.eu/catalogue/Services%20for%20sensitive%20data

33. Other Nordic activities

34. Integration of ePouta and TSD TSD

35. NeIC Tryggve • Nordic collaboration for sensitive data funded by NeIC and ELIXIR nodes of participating countries. • develops and facilitates access to secure e-infrastructure for sensitive data, suitable for hosting large-scale cross-border biomedical research studies.

36. Kuvat CSC:n arkisto ja Thinkstock Antti Pursula Antti.Pursula@csc.fi Chris Ariyo Chris.Ariyo@csc.fi https://www.csc.fi/ Abdulrahman Azab azab@usit.uio.no www.uio.no Contact information Maria Francesca Iozzi maria.iozzi@uninett.no www.uninett.no