SlideShare a Scribd company logo
1
23 May 2023
Lucas van der Meer & Ivar Janmaat
TruSSD:
Trust in Sharing
Sensitive Data
…and many
others
Sharing research data
● Sensitive data is indispensable in research
● Sensitive data is indispensable in research
Foto: Wikimedia ©
Sharing research data
● Sensitive data is indispensable in research
●
Foto: Wikimedia © Foto: Wikimedia ©
Sharing research data
● Sensitive data is indispensable in research
●
Foto: Wikimedia © Foto: Wikimedia ©
Sharing research data
Foto: BG Legal
● Sensitive data is indispensable in research
●
Foto: Wikimedia © Foto: Wikimedia ©
Sharing research data
Foto: BG Legal
● Sensitive data is indispensable in research
Typical solution: Trusted Research Environment (TRE)
Foto: Wikimedia © Foto: Wikimedia ©
Sharing research data
Foto: BG Legal
Getting access to sensitive data
What could be technological
solutions?
And trust and data governance solutions?
Trusted Research
Environments
(TREs)
Image: Wiktionary ©
Researcher perspective: KvK
“To what extent does the proportion of
part-time employees affect firm closure?”
● Combine it with my own data
● Play (Tinker with the data)
● Specific characteristics of the
combined data determine
consequent analytical steps.
● Use R, Python
Foto: BG Legal
Complete control over the data
● Data cannot leave environment
● Research purpose
● Pseudonymised data
● Review any output
● Trust the research software
● Data upload not allowed
Data provider perspective: KvK
Foto: BG Legal
Sensitive data
Cloud
computer
Own data
Analysis
tools
Secure ANalysis Environment (SANE)
Enter
Output checks
Researcher
Five Safes
Afbeelding: UKDS ©
TRE issues
Issues (1/)
● 100s TREs in EU and sufficient investments by data providers
● BUT… TREs hardly allow for the transnational or transdisciplinary analysis of
sensitive data
●
Issues (2/)
● 100s TREs in EU and sufficient investments by data providers
● BUT… TREs hardly allow for the transnational or transdisciplinary analysis of
sensitive data
● Data providers
Data governance misalignments Capacity to deliver safeguards
Issues (3/)
● TRE providers: not interoperable
○ No consolidation of standards
■ AAI, software, trusted data classification, payment method…
○ Many different TRE types
■ Locally vs. Cloud solutions
■ (Un)guarded solutions
■ Physical solutions
SRAM
Examples of TRE issues
(and potential solutions)
Example: SHARE
Transnational comparative analysis of aging process
Four NSOs TREs separately
● Cumbersome
● Time-consuming
● Limits transnational analysis
Example: SHARE
Transnational comparative analysis of aging process
Four NSOs TREs separately
● Cumbersome
● Time-consuming
● Limits transnational analysis
Example: Providing access to 12B tweets
TweetsKB database
● 12B Tweets (1% sample)
● 3B semantically annotated Tweets
Currently Hadoop TRE cluster (1 PB HDD, 392 CPU
cores) – but only on-site
Scalable (cloud) TRE solution needed
Example: Providing access to 12B tweets
TweetsKB database
● 12B Tweets (1% sample)
● 3B semantically annotated Tweets
Solutions
TRE
Ecosystem of
TREs
&
Off-the-shelf
solutions
Solutions
● Technology
○ Federated, transdisciplinary, and transnational ecosystem of trusted research environments
● Trust
○ Executing research workflows with sensitive data providers + researchers + TRE(s)
● Data governance
○ Guidance in tackling legal misalignments
Interconnected workstreams.
How?
Ivar
Introduction
Manager SURF Research Cloud
Services:
• SURF Research Cloud
• SURF HPC Cloud
Projects:
• Secure ANalyses Environment (SANE) project
• Social Science and Humanities Open Cloud (SSHOC-NL)
• EOSC Future: European Environment for Scientific Software Installation
• E-Ecology project
• SURF Container Orchestration project
• X-omics project
E-mail: Ivar.Janmaat@surf.nl
Telephone number: +31 (0) 6 3867 8601
Ivar Janmaat
Who can provide what?
• Dataprovider
• Provides data
• No research infrastructure.
• Research Institution (University, UMC, Applied Sciences, Research)
• Provides funding, Local institute research infrastructure
• No (inter) national research infrastructure.
• SURF
• Provides national research infrastructure connection to international
infrastructures
• No direct access for foreign researchers to national infrastructure.
30
Technical requirements
• EU/Global Identity
• SURF Research Access Management (SRAM)
• Other Authentication and authorization infrastructures (AAI)
• EUDIW EU Digital Identity Wallet
• Authorization based on funding
• E-infra (National envelopes for Dutch researchers)
• SURF credits (RCCS contracts)
• National envelopes for international researchers
• NOBID (Nordic-Baltic eID)
31
Technical requirements
• Data classification and access
• Data Access Commission (DAC)
• ODISSEI data portal
• Passport / Visa (Global Alliance for Genomics and Health; GA4GH)
• Trusted infrastructure
• Network isolation, virtual networks (Enclaves)
• Confidential VM, Hardware isolation and validating (Attestation)
• Confidential jobs
• Zero-trust: only access to things that is allowed (Boundary)
• Key management
32
Technical requirements
• Trusted software
• Catalog items version
• Signed software (ID)
• Hashed images
• Audit logging
• What to report to dataprovider
• What to report to NREN (hosting company)
• What to report to institutions
• What to report to researchers
33
Workflow
Tasks in the technical workpackages
• Collecting technical and organisational requirements from data providers &
researchers
• Developing a TRE interoperability framework
• Implementing building blocks of the TREs
• Building a number of off-the-shelf, trusted research environment configurations
• Aligning with EOSC standards and best practices
• Exploring industrial involvement: GAIA-X, Data Spaces, and EOSC-DIH
• Extending of the EOSC Interoperability Framework with the TRE interoperability
framework and TRE reference architecture
35
36
23 May 2023
Lucas van der Meer & Ivar Janmaat
TruSSD:
Trust in Sharing
Sensitive Data
…and many
others

More Related Content

Similar to TruSSD - Trust in Sharing Sensitive Data | Lucas van der Meer - SRD23

Data Discovery and Metadata
Data Discovery and MetadataData Discovery and Metadata
Data Discovery and Metadata
markgrover
 
Unidata Overview 3.6.15
Unidata Overview 3.6.15Unidata Overview 3.6.15
Unidata Overview 3.6.15
Josh Young
 
Sebastian Hellmann
Sebastian HellmannSebastian Hellmann
Sebastian Hellmann
Connected Data World
 
Jisc Research Data Management Shared Service Workshop: An institutional persp...
Jisc Research Data Management Shared Service Workshop: An institutional persp...Jisc Research Data Management Shared Service Workshop: An institutional persp...
Jisc Research Data Management Shared Service Workshop: An institutional persp...
Jisc RDM
 
PhD Thesis Proposal
PhD Thesis Proposal PhD Thesis Proposal
PhD Thesis Proposal
Ziqiang Feng
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
ATMOSPHERE .
 
Intelligent Data Processing for the Internet of Things
Intelligent Data Processing for the Internet of Things Intelligent Data Processing for the Internet of Things
Intelligent Data Processing for the Internet of Things
PayamBarnaghi
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES.eu
 
ERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management WebinarERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management Webinar
FAIRDOM
 
10th International Conference on Data Mining and Database (DMDB 2023)
10th International Conference on Data Mining and Database (DMDB 2023) 10th International Conference on Data Mining and Database (DMDB 2023)
10th International Conference on Data Mining and Database (DMDB 2023)
ijait
 
Belgium & Luxembourg dedicated online Data Virtualization discovery workshop
Belgium & Luxembourg dedicated online Data Virtualization discovery workshopBelgium & Luxembourg dedicated online Data Virtualization discovery workshop
Belgium & Luxembourg dedicated online Data Virtualization discovery workshop
Denodo
 
Data Description Registry Interoperability WG at Research Data Alliance Third...
Data Description Registry Interoperability WG at Research Data Alliance Third...Data Description Registry Interoperability WG at Research Data Alliance Third...
Data Description Registry Interoperability WG at Research Data Alliance Third...
amiraryani
 
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
SURFnet
 
SMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data ManagementSMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data Management
SMART Infrastructure Facility
 
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Databricks
 
Bertenthal
BertenthalBertenthal
Bertenthal
Jesse Lingeman
 
"Filling the Digital Preservation Gap" with Archivematica
"Filling the Digital Preservation Gap" with Archivematica"Filling the Digital Preservation Gap" with Archivematica
"Filling the Digital Preservation Gap" with Archivematica
Jenny Mitcham
 
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
Dr. Arif Wider
 
Built around answering questions
Built around answering questionsBuilt around answering questions
Built around answering questions
Larry Smarr
 
NSDI_ Concepts and Components
NSDI_ Concepts and ComponentsNSDI_ Concepts and Components
NSDI_ Concepts and Components
Jayantha Samarasinghe
 

Similar to TruSSD - Trust in Sharing Sensitive Data | Lucas van der Meer - SRD23 (20)

Data Discovery and Metadata
Data Discovery and MetadataData Discovery and Metadata
Data Discovery and Metadata
 
Unidata Overview 3.6.15
Unidata Overview 3.6.15Unidata Overview 3.6.15
Unidata Overview 3.6.15
 
Sebastian Hellmann
Sebastian HellmannSebastian Hellmann
Sebastian Hellmann
 
Jisc Research Data Management Shared Service Workshop: An institutional persp...
Jisc Research Data Management Shared Service Workshop: An institutional persp...Jisc Research Data Management Shared Service Workshop: An institutional persp...
Jisc Research Data Management Shared Service Workshop: An institutional persp...
 
PhD Thesis Proposal
PhD Thesis Proposal PhD Thesis Proposal
PhD Thesis Proposal
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
 
Intelligent Data Processing for the Internet of Things
Intelligent Data Processing for the Internet of Things Intelligent Data Processing for the Internet of Things
Intelligent Data Processing for the Internet of Things
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
 
ERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management WebinarERA CoBioTech Data Management Webinar
ERA CoBioTech Data Management Webinar
 
10th International Conference on Data Mining and Database (DMDB 2023)
10th International Conference on Data Mining and Database (DMDB 2023) 10th International Conference on Data Mining and Database (DMDB 2023)
10th International Conference on Data Mining and Database (DMDB 2023)
 
Belgium & Luxembourg dedicated online Data Virtualization discovery workshop
Belgium & Luxembourg dedicated online Data Virtualization discovery workshopBelgium & Luxembourg dedicated online Data Virtualization discovery workshop
Belgium & Luxembourg dedicated online Data Virtualization discovery workshop
 
Data Description Registry Interoperability WG at Research Data Alliance Third...
Data Description Registry Interoperability WG at Research Data Alliance Third...Data Description Registry Interoperability WG at Research Data Alliance Third...
Data Description Registry Interoperability WG at Research Data Alliance Third...
 
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
Research data zone: veilige en geoptimaliseerde netwerkomgeving voor onderzoe...
 
SMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data ManagementSMART Seminar Series: SMART Data Management
SMART Seminar Series: SMART Data Management
 
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
Data Mesh in Practice: How Europe’s Leading Online Platform for Fashion Goes ...
 
Bertenthal
BertenthalBertenthal
Bertenthal
 
"Filling the Digital Preservation Gap" with Archivematica
"Filling the Digital Preservation Gap" with Archivematica"Filling the Digital Preservation Gap" with Archivematica
"Filling the Digital Preservation Gap" with Archivematica
 
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
Data Mesh in Practice - How Europe's Leading Online Platform for Fashion Goes...
 
Built around answering questions
Built around answering questionsBuilt around answering questions
Built around answering questions
 
NSDI_ Concepts and Components
NSDI_ Concepts and ComponentsNSDI_ Concepts and Components
NSDI_ Concepts and Components
 

More from SURFevents

SURF Lego - SURFwired - Edwin Verheul - NWD23
SURF Lego - SURFwired - Edwin Verheul - NWD23SURF Lego - SURFwired - Edwin Verheul - NWD23
SURF Lego - SURFwired - Edwin Verheul - NWD23
SURFevents
 
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
SURFevents
 
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
SURFevents
 
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
SURFevents
 
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
SURFevents
 
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
SURFevents
 
Grenzeloos musiceren - Bert Kremer - NWD23
Grenzeloos musiceren - Bert Kremer - NWD23Grenzeloos musiceren - Bert Kremer - NWD23
Grenzeloos musiceren - Bert Kremer - NWD23
SURFevents
 
Topspeed wifi bij de F1 Dutch GP - Raymond Hendrix - NWD23
Topspeed wifi bij de F1 Dutch GP  - Raymond Hendrix - NWD23Topspeed wifi bij de F1 Dutch GP  - Raymond Hendrix - NWD23
Topspeed wifi bij de F1 Dutch GP - Raymond Hendrix - NWD23
SURFevents
 
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
SURFevents
 
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
SURFevents
 
SURF Lego - Architecture - Peter Boers- NWD23
SURF Lego - Architecture - Peter Boers- NWD23SURF Lego - Architecture - Peter Boers- NWD23
SURF Lego - Architecture - Peter Boers- NWD23
SURFevents
 
SURF Lego - Campusdiensten - Maurice van den Akker- NWD23
SURF Lego -  Campusdiensten - Maurice van den Akker- NWD23SURF Lego -  Campusdiensten - Maurice van den Akker- NWD23
SURF Lego - Campusdiensten - Maurice van den Akker- NWD23
SURFevents
 
SURF Lego - Netwerkdiensten - Sander Klemann - NWD23
SURF Lego - Netwerkdiensten - Sander Klemann -  NWD23SURF Lego - Netwerkdiensten - Sander Klemann -  NWD23
SURF Lego - Netwerkdiensten - Sander Klemann - NWD23
SURFevents
 
SURF, Hoe laat is het - Sander Klemann - NWD23
SURF, Hoe laat is het - Sander Klemann - NWD23SURF, Hoe laat is het - Sander Klemann - NWD23
SURF, Hoe laat is het - Sander Klemann - NWD23
SURFevents
 
Quantum cryptography for researchers - Teodor Strömberg - SRD23
Quantum cryptography for researchers - Teodor Strömberg - SRD23Quantum cryptography for researchers - Teodor Strömberg - SRD23
Quantum cryptography for researchers - Teodor Strömberg - SRD23
SURFevents
 
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
SURFevents
 
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
SURFevents
 
The CAFE community: a local, inclusive programming community for researchers ...
The CAFE community: a local, inclusive programming community for researchers ...The CAFE community: a local, inclusive programming community for researchers ...
The CAFE community: a local, inclusive programming community for researchers ...
SURFevents
 
Responsible AI: the epistemology of using machine learning as a research meth...
Responsible AI: the epistemology of using machine learning as a research meth...Responsible AI: the epistemology of using machine learning as a research meth...
Responsible AI: the epistemology of using machine learning as a research meth...
SURFevents
 
Biking on the edge - Jerome Mies - SRD23
Biking on the edge - Jerome Mies - SRD23Biking on the edge - Jerome Mies - SRD23
Biking on the edge - Jerome Mies - SRD23
SURFevents
 

More from SURFevents (20)

SURF Lego - SURFwired - Edwin Verheul - NWD23
SURF Lego - SURFwired - Edwin Verheul - NWD23SURF Lego - SURFwired - Edwin Verheul - NWD23
SURF Lego - SURFwired - Edwin Verheul - NWD23
 
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
SURF lego- campusdiensten - iotroam - Thomas Esman - NWD23
 
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
AI zal je baan niet vervangen, maar iemand die AI gebruikt wel - Marco van de...
 
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
De dagelijkse puzzel van netwerkbeheer en monitoring - Jan Martijn Metselaar ...
 
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23
 
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
Forum Groningen - een ontmoetingsplaats voor iedereen - Richard de Vries- NWD23
 
Grenzeloos musiceren - Bert Kremer - NWD23
Grenzeloos musiceren - Bert Kremer - NWD23Grenzeloos musiceren - Bert Kremer - NWD23
Grenzeloos musiceren - Bert Kremer - NWD23
 
Topspeed wifi bij de F1 Dutch GP - Raymond Hendrix - NWD23
Topspeed wifi bij de F1 Dutch GP  - Raymond Hendrix - NWD23Topspeed wifi bij de F1 Dutch GP  - Raymond Hendrix - NWD23
Topspeed wifi bij de F1 Dutch GP - Raymond Hendrix - NWD23
 
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
Ontwikkelingen in internationale research en education-infrastructuur - Bram ...
 
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
SURF Cybersecurity met hoge snelheid - Jasper Hammink - NWD23
 
SURF Lego - Architecture - Peter Boers- NWD23
SURF Lego - Architecture - Peter Boers- NWD23SURF Lego - Architecture - Peter Boers- NWD23
SURF Lego - Architecture - Peter Boers- NWD23
 
SURF Lego - Campusdiensten - Maurice van den Akker- NWD23
SURF Lego -  Campusdiensten - Maurice van den Akker- NWD23SURF Lego -  Campusdiensten - Maurice van den Akker- NWD23
SURF Lego - Campusdiensten - Maurice van den Akker- NWD23
 
SURF Lego - Netwerkdiensten - Sander Klemann - NWD23
SURF Lego - Netwerkdiensten - Sander Klemann -  NWD23SURF Lego - Netwerkdiensten - Sander Klemann -  NWD23
SURF Lego - Netwerkdiensten - Sander Klemann - NWD23
 
SURF, Hoe laat is het - Sander Klemann - NWD23
SURF, Hoe laat is het - Sander Klemann - NWD23SURF, Hoe laat is het - Sander Klemann - NWD23
SURF, Hoe laat is het - Sander Klemann - NWD23
 
Quantum cryptography for researchers - Teodor Strömberg - SRD23
Quantum cryptography for researchers - Teodor Strömberg - SRD23Quantum cryptography for researchers - Teodor Strömberg - SRD23
Quantum cryptography for researchers - Teodor Strömberg - SRD23
 
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
Bridging the gap: hosting Linked Open Data for researchers - Driek Heesakkers...
 
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
Interactive and collaborative AI for biodiversity monitoring and beyond - JWK...
 
The CAFE community: a local, inclusive programming community for researchers ...
The CAFE community: a local, inclusive programming community for researchers ...The CAFE community: a local, inclusive programming community for researchers ...
The CAFE community: a local, inclusive programming community for researchers ...
 
Responsible AI: the epistemology of using machine learning as a research meth...
Responsible AI: the epistemology of using machine learning as a research meth...Responsible AI: the epistemology of using machine learning as a research meth...
Responsible AI: the epistemology of using machine learning as a research meth...
 
Biking on the edge - Jerome Mies - SRD23
Biking on the edge - Jerome Mies - SRD23Biking on the edge - Jerome Mies - SRD23
Biking on the edge - Jerome Mies - SRD23
 

Recently uploaded

EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Nicolás Lopéz
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
Bhajan Mehta
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
Steven Carlson
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
alexjohnson7307
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
The Impact of the Internet of Things (IoT) on Smart Homes and Cities
The Impact of the Internet of Things (IoT) on Smart Homes and CitiesThe Impact of the Internet of Things (IoT) on Smart Homes and Cities
The Impact of the Internet of Things (IoT) on Smart Homes and Cities
Arpan Buwa
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
Ivanti
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
maigasapphire
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
DianaGray10
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
Priyanka Aash
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
BrainSell Technologies
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
Baishakhi Ray
 

Recently uploaded (20)

EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
The Impact of the Internet of Things (IoT) on Smart Homes and Cities
The Impact of the Internet of Things (IoT) on Smart Homes and CitiesThe Impact of the Internet of Things (IoT) on Smart Homes and Cities
The Impact of the Internet of Things (IoT) on Smart Homes and Cities
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
 

TruSSD - Trust in Sharing Sensitive Data | Lucas van der Meer - SRD23

  • 1. 1 23 May 2023 Lucas van der Meer & Ivar Janmaat TruSSD: Trust in Sharing Sensitive Data …and many others
  • 2. Sharing research data ● Sensitive data is indispensable in research
  • 3. ● Sensitive data is indispensable in research Foto: Wikimedia © Sharing research data
  • 4. ● Sensitive data is indispensable in research ● Foto: Wikimedia © Foto: Wikimedia © Sharing research data
  • 5. ● Sensitive data is indispensable in research ● Foto: Wikimedia © Foto: Wikimedia © Sharing research data Foto: BG Legal
  • 6. ● Sensitive data is indispensable in research ● Foto: Wikimedia © Foto: Wikimedia © Sharing research data Foto: BG Legal
  • 7. ● Sensitive data is indispensable in research Typical solution: Trusted Research Environment (TRE) Foto: Wikimedia © Foto: Wikimedia © Sharing research data Foto: BG Legal
  • 8. Getting access to sensitive data
  • 9. What could be technological solutions? And trust and data governance solutions?
  • 12. Researcher perspective: KvK “To what extent does the proportion of part-time employees affect firm closure?” ● Combine it with my own data ● Play (Tinker with the data) ● Specific characteristics of the combined data determine consequent analytical steps. ● Use R, Python Foto: BG Legal
  • 13. Complete control over the data ● Data cannot leave environment ● Research purpose ● Pseudonymised data ● Review any output ● Trust the research software ● Data upload not allowed Data provider perspective: KvK Foto: BG Legal
  • 14. Sensitive data Cloud computer Own data Analysis tools Secure ANalysis Environment (SANE) Enter Output checks Researcher
  • 17. Issues (1/) ● 100s TREs in EU and sufficient investments by data providers ● BUT… TREs hardly allow for the transnational or transdisciplinary analysis of sensitive data ●
  • 18. Issues (2/) ● 100s TREs in EU and sufficient investments by data providers ● BUT… TREs hardly allow for the transnational or transdisciplinary analysis of sensitive data ● Data providers Data governance misalignments Capacity to deliver safeguards
  • 19. Issues (3/) ● TRE providers: not interoperable ○ No consolidation of standards ■ AAI, software, trusted data classification, payment method… ○ Many different TRE types ■ Locally vs. Cloud solutions ■ (Un)guarded solutions ■ Physical solutions SRAM
  • 20. Examples of TRE issues (and potential solutions)
  • 21. Example: SHARE Transnational comparative analysis of aging process Four NSOs TREs separately ● Cumbersome ● Time-consuming ● Limits transnational analysis
  • 22. Example: SHARE Transnational comparative analysis of aging process Four NSOs TREs separately ● Cumbersome ● Time-consuming ● Limits transnational analysis
  • 23. Example: Providing access to 12B tweets TweetsKB database ● 12B Tweets (1% sample) ● 3B semantically annotated Tweets Currently Hadoop TRE cluster (1 PB HDD, 392 CPU cores) – but only on-site Scalable (cloud) TRE solution needed
  • 24. Example: Providing access to 12B tweets TweetsKB database ● 12B Tweets (1% sample) ● 3B semantically annotated Tweets
  • 27. Solutions ● Technology ○ Federated, transdisciplinary, and transnational ecosystem of trusted research environments ● Trust ○ Executing research workflows with sensitive data providers + researchers + TRE(s) ● Data governance ○ Guidance in tackling legal misalignments Interconnected workstreams.
  • 29. Introduction Manager SURF Research Cloud Services: • SURF Research Cloud • SURF HPC Cloud Projects: • Secure ANalyses Environment (SANE) project • Social Science and Humanities Open Cloud (SSHOC-NL) • EOSC Future: European Environment for Scientific Software Installation • E-Ecology project • SURF Container Orchestration project • X-omics project E-mail: Ivar.Janmaat@surf.nl Telephone number: +31 (0) 6 3867 8601 Ivar Janmaat
  • 30. Who can provide what? • Dataprovider • Provides data • No research infrastructure. • Research Institution (University, UMC, Applied Sciences, Research) • Provides funding, Local institute research infrastructure • No (inter) national research infrastructure. • SURF • Provides national research infrastructure connection to international infrastructures • No direct access for foreign researchers to national infrastructure. 30
  • 31. Technical requirements • EU/Global Identity • SURF Research Access Management (SRAM) • Other Authentication and authorization infrastructures (AAI) • EUDIW EU Digital Identity Wallet • Authorization based on funding • E-infra (National envelopes for Dutch researchers) • SURF credits (RCCS contracts) • National envelopes for international researchers • NOBID (Nordic-Baltic eID) 31
  • 32. Technical requirements • Data classification and access • Data Access Commission (DAC) • ODISSEI data portal • Passport / Visa (Global Alliance for Genomics and Health; GA4GH) • Trusted infrastructure • Network isolation, virtual networks (Enclaves) • Confidential VM, Hardware isolation and validating (Attestation) • Confidential jobs • Zero-trust: only access to things that is allowed (Boundary) • Key management 32
  • 33. Technical requirements • Trusted software • Catalog items version • Signed software (ID) • Hashed images • Audit logging • What to report to dataprovider • What to report to NREN (hosting company) • What to report to institutions • What to report to researchers 33
  • 35. Tasks in the technical workpackages • Collecting technical and organisational requirements from data providers & researchers • Developing a TRE interoperability framework • Implementing building blocks of the TREs • Building a number of off-the-shelf, trusted research environment configurations • Aligning with EOSC standards and best practices • Exploring industrial involvement: GAIA-X, Data Spaces, and EOSC-DIH • Extending of the EOSC Interoperability Framework with the TRE interoperability framework and TRE reference architecture 35
  • 36. 36 23 May 2023 Lucas van der Meer & Ivar Janmaat TruSSD: Trust in Sharing Sensitive Data …and many others