SlideShare a Scribd company logo

Secure data management, analysis, infrastructure and policy in an international context

C
Carolyn Ten Holter

Presentation from Dr Steven Newhouse at the Human Brain Project conference 2018 on data governance in international neuro-ICT collaborations

Science
1 of 24
Download to read offline
Secure data management, analysis, infrastructure and policy in an international context Steven Newhouse Head of Technical Services, EMBL- EBI
International Collaborative Data Analysis • Distributed data generation • Distributed data analysis • Distributed (in)formal governance • Increasingly sensitive data • Increasingly valuable analysis resources • Increasingly moving closer to production
Some Examples • Worldwide Large Hadron Collider Computing Grid (WLCG) • A worldwide federation of federated sites • EMBL-EBI and ELIXIR • Infrastructure to support multiple communities • Global Alliance for Genomics and Health (GA4GH) • International collaboration to support
WLCG Collaboration WLCG Workshop, Manchester 19 June 2017 4 April 2017: - 63 MoU’s - 167 sites; 42 countries 985 PB Storage  395 PB disk  590 PB tape
Security Policy & Operations in e- Infrastructures • e-Infrastructures: • Generally federation of clusters/clouds in research community • Structured geographically nationally and/or regionally • Make local resources available to remote users • Build trust around common policies • Site Security Policy: What a site commits to • Acceptable Use Policy: What a user commits to • Security Operations • Monitor use to contain & eliminate any security breach
WISE • WISE: Wise Information Security for e-Infrastructures • Community activity driven by the e-Infrastructures • Supporting user communities that span e-Infrastructures • Active Working Groups • Security for Collaborating e-Infrastructures • Security Training and Awareness • Risk Assessment • Security in Big and Open Data
Security for Collaborating e-Infrastructures Build a trust framework to enable interoperation between e- Infrastructures and to manage cross-infrastructure security risks • Manage risk through mitigation & counter measures • Minimise impact of a security incident • Identify the cause of incidents to stop repeats • Identify users & services to control access to resources
Building trust by exposing maturity • Expose Maturity across different Capabilities • Operational Security, Incident Response & Traceability • Participant Responsibilities • Data Protection • Capability Maturity Levels • 0: Not implemented for critical services • 1: Implemented for critical services but not documented • 2: Implemented and documented for critical services • 3: Implemented, documented and reviewed
EMBL sites – over 1600 people and more than 80 nationalities Structural biology Hamburg Life sciences Heidelberg Epigenetics and neurobiology Rome Bioinformatics Cambridge (EMBL-EBI) Structural biology Grenoble Tissue biology and disease modelling Barcelona
Data Resources at EMBL-EBI Literature & ontologies • Experimental Factor Ontology • Gene Ontology • BioStudies • Europe PMC Chemical biology • ChEBI • ChEMBL • SureChEMBL Molecular structures • Protein Data Bank in Europe • Electron Microscopy Data Bank Gene, protein & metabolite expression • Expression Atlas • Metabolights • PRIDE • RNA Central Protein sequences, families & motifs • InterPro • Pfam • UniProt Genes, genomes & variation • Ensembl • Ensembl Genomes • GWAS Catalog • Metagenomics portal Systems • BioModels • BioSamples • Enzyme Portal • IntAct • Reactome Molecular Archives • European Nucleotide Archive • European Variation Archive • European Genome-phenome Archive • ArrayExpress
~25 million requests to EMBL-EBI websites every day Big Data, Big Demand Scientists at over 5 million unique sites use EMBL-EBI websites 200 petabytes of scientific data managed by EMBL
Storage Use Cases are Evolving • Evolving away from ‘simple’ archiving • Challenge used to be scale, now tackling diversity • Not just diversity in type, but diversity in access • Common use case • Public data embargoed before publication • Hosting sensitive data • European Genome-phenome Archive (EGA) • Analysing sensitive data • Formal access to named individuals for specific research goals
Classifying and controlling the data • What data do we store? • Personal, Scientific Research, Administrative, Professional, Private • How sensitive is the data? • Controlled, Confidential, Restricted, Public • What are the storage options? • ‘Vault’, Managed, Standard, Any Cloud, EU Cloud, Hosting End up with a matrix describing what can go where!
Data Sensitivity Classification Data Type On Site (inc. Embassy Cloud) Off-Site Confidential or Controlled Restricted Restricted Public or Controlled Public Confidential or Controlled Restricted Restricted Public or Controlled Public Scientific Research Vault (as contains Personal Data) Managed Standard EMBL Hosting EMBL Hosting or as specified by the Data Access agreement Any Professional N/A Standard Standard N/A EMBL Hosting Any Administrative SAP Facility (as contains Personal Data) Managed Standard EMBL Hosting EMBL Hosting EMBL Hosting Private Standard Standard Standard Any Any Any Personal Only as part of the Vault (Scientific Data) or SAP Facility Administrative Data) EMBL Hosting
European Genome-Phenome Archive • Data hosted by EMBL-EBI and CRG • Several PB and growing • Data sets managed through individual Data Access Committees • EMBL-EBI data stored in the ‘vault’ • Isolated network area in ISO27K leased data centre space • Requires 2 factor auth to access • Data encrypted at rest • Data released to specific individuals • Encrypted with unique individual key
ELIXIR – Research Infrastructure for Life Science 16 • Compute Access, Exchange & Compute on sensitive data • Data Sustain core data resources • Tools Services & connectors to drive access and exploitation • Standards Integration and interoperability of data and services. • Training Professional skills for managing and exploiting data
ELIXIR: European Open Science Cloud • Cloud activities to support BMS Research Infrastructures • Commercial cloud providers: Helix Nebula Science Cloud, … • Community cloud providers: EMBL-EBI, CSC, de.NBI, … • Sensitive data may have complex requirements • Not to leave institution or legal jurisdiction • National legal requirements • Specific data protection requirements • Compile maturity matrix around key security features • Map user requirements to complient cloud providers
ga4gh.org Place photo here: 2000px x 595px @ 72 dpi
genomicsandhealth.org 19 Data Security Work Stream
genomicsandhealth.org Overview • Data Security Work Stream helps assess security risk assessments associated with new GA4GH standards 20 At Project Start: Assessment of security risks associated with use case(s) to be addressed Prior to Standard Release: Assessment of how standard has addressed identified risks, and identification of residual risk Work Stream Standards-Development Activity Timeline
genomicsandhealth.org Breach Response Strategy • Projected timeline: Begun at 2017 Plenary, projected end date TBD • Milestones 1) Write Scope and Principles document 2) Inventory practices in place with Driver Projects 3) Define a policy for sharing breach data 4) Develop protocol for sharing breach data 5) Define strategy for responding to breaches associated with GA4GH standards
genomicsandhealth.org Authentication and Authorization Infrastructure (AAI) • Projected timeline: Identification/authentication development begun in 2017; end date TBD • Milestones 1) Document OpenID Connect profile developed for and implemented by ELIXIR Beacons 2) Define authorization use cases 3) Document standard GA4GH OAuth 2.0 authorization profile for RESTful APIs
genomicsandhealth.org Linkages with Other Work Streams • Breach Information Exchange protocol will be informed by legal, regulatory, and ethical guidance provided by Regulatory and Ethics Work Stream • AAI profiles will consume vocabulary and ontology developed by Data Use and Research Identities (DURI) Work Stream • AAI use cases will be based on APIs being defined by Genomic Knowledge Sharing (GKS), Clinical and Phenotypic Data Capture, and Discovery Work Streams
Conclusions • One size does not fit all • But there are some common approaches that can be adopted • Challenge is to build scalable trust networks • ‘Tea and biscuits’ strategy • Having confidence in those running sites & services • Security is just one aspect of data protection • Understand the data and what you are protecting it from

Recommended

Nordic Tryggve project
Nordic Tryggve projectNordic Tryggve project
Nordic Tryggve projectanttipursula
 
Tryggve support for-research
Tryggve support for-researchTryggve support for-research
Tryggve support for-researchanttipursula
 
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...Dr. Haxel Consult
 
151111 tryggve-nordic biobank
151111 tryggve-nordic biobank151111 tryggve-nordic biobank
151111 tryggve-nordic biobankanttipursula
 
160905 tryggve-at-eccb pursula
160905 tryggve-at-eccb pursula160905 tryggve-at-eccb pursula
160905 tryggve-at-eccb pursulaanttipursula
 
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...12th International Conference on Digital Preservation (iPRES 2015)
 
Building blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesBuilding blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesAcademy of Science of South Africa (ASSAf)
 
Policy-based Data Management
Policy-based Data Management Policy-based Data Management
Policy-based Data Management Gary Wilhelm
 

Recommended

Nordic Tryggve project
Nordic Tryggve projectNordic Tryggve project
Nordic Tryggve projectanttipursula
 
Tryggve support for-research
Tryggve support for-researchTryggve support for-research
Tryggve support for-researchanttipursula
 
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...
II-SDV 2016 Michael Iarrobino - Improving Text Mining Results with Access to ...Dr. Haxel Consult
 
151111 tryggve-nordic biobank
151111 tryggve-nordic biobank151111 tryggve-nordic biobank
151111 tryggve-nordic biobankanttipursula
 
160905 tryggve-at-eccb pursula
160905 tryggve-at-eccb pursula160905 tryggve-at-eccb pursula
160905 tryggve-at-eccb pursulaanttipursula
 
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...
DataNet Federation Consortium Preservation Policy Toolkit. Reagan Moore, Arco...12th International Conference on Digital Preservation (iPRES 2015)
 
Building blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesBuilding blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesAcademy of Science of South Africa (ASSAf)
 
Policy-based Data Management
Policy-based Data Management Policy-based Data Management
Policy-based Data Management Gary Wilhelm
 
COBWEB: Privacy and Security
COBWEB: Privacy and SecurityCOBWEB: Privacy and Security
COBWEB: Privacy and SecurityCOBWEB Project
 
White Manipulating Metadata to Enhance Access
White Manipulating Metadata to Enhance AccessWhite Manipulating Metadata to Enhance Access
White Manipulating Metadata to Enhance AccessNational Information Standards Organization (NISO)
 
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19Ciarán Quinn
 
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web SearchII-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web SearchDr. Haxel Consult
 
ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy Dr. Haxel Consult
 
Data cycle health
Data cycle healthData cycle health
Data cycle healthjyotikhadake
 
Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08Jian Qin
 
Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...Pistoia Alliance
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...Edge Pereira
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Dia09
Dia09Dia09
Dia09Dparrish
 
SciBite
SciBiteSciBite
SciBiteDr. Haxel Consult
 
Trm Trusted Repositories
Trm Trusted RepositoriesTrm Trusted Repositories
Trm Trusted RepositoriesDigitalPreservationEurope
 
PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences Pistoia Alliance
 
Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringePaul Walk
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheDr. Haxel Consult
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
Anderson Conglomerating and Collocating Collections
Anderson Conglomerating and Collocating CollectionsAnderson Conglomerating and Collocating Collections
Anderson Conglomerating and Collocating CollectionsNational Information Standards Organization (NISO)
 
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities Dr. Haxel Consult
 
Elixir at de.nbi meeting
Elixir at de.nbi meetingElixir at de.nbi meeting
Elixir at de.nbi meetingNiklas Blomberg
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repositoryIna Smith
 

More Related Content

What's hot

COBWEB: Privacy and Security
COBWEB: Privacy and SecurityCOBWEB: Privacy and Security
COBWEB: Privacy and SecurityCOBWEB Project
 
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19Ciarán Quinn
 
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web SearchII-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web SearchDr. Haxel Consult
 
ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy Dr. Haxel Consult
 
Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08Jian Qin
 
Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...Pistoia Alliance
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...Edge Pereira
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences Pistoia Alliance
 
Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringePaul Walk
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheDr. Haxel Consult
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceDr. Haxel Consult
 
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities Dr. Haxel Consult
 

What's hot (20)

COBWEB: Privacy and Security
COBWEB: Privacy and SecurityCOBWEB: Privacy and Security
COBWEB: Privacy and Security
 
White Manipulating Metadata to Enhance Access
White Manipulating Metadata to Enhance AccessWhite Manipulating Metadata to Enhance Access
White Manipulating Metadata to Enhance Access
 
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
Core Trust Seal for Trustworthy Data Repositories, 2018-04-19
 
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web SearchII-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
II-SDV 2016 Aleksandar Kapisoda, Klaus Kater - Deep Web Search
 
ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy
 
Data cycle health
Data cycle healthData cycle health
Data cycle health
 
Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08Data repositories -- Xiamen University 2012 06-08
Data repositories -- Xiamen University 2012 06-08
 
Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...Fair webinar, Ted slater: progress towards commercial fair data products and ...
Fair webinar, Ted slater: progress towards commercial fair data products and ...
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in Nice
 
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
From Ashley madison to_panama_papers - Office 365 bringing sexy back to eDisc...
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
 
Dia09
Dia09Dia09
Dia09
 
SciBite
SciBiteSciBite
SciBite
 
Trm Trusted Repositories
Trm Trusted RepositoriesTrm Trusted Repositories
Trm Trusted Repositories
 
PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences PA webinar on benefits & costs of FAIR implementation in life sciences
PA webinar on benefits & costs of FAIR implementation in life sciences
 
Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringe
 
ICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ KarlsruheICIC 2017: Product presentations FIZ Karlsruhe
ICIC 2017: Product presentations FIZ Karlsruhe
 
II-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in NiceII-SDV 2015, 20 - 21 April, in Nice
II-SDV 2015, 20 - 21 April, in Nice
 
Anderson Conglomerating and Collocating Collections
Anderson Conglomerating and Collocating CollectionsAnderson Conglomerating and Collocating Collections
Anderson Conglomerating and Collocating Collections
 
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
ICIC 2014 Chemical Patent Curation and Management – New Tools and Capabilities
 

Similar to Secure data management, analysis, infrastructure and policy in an international context

Elixir at de.nbi meeting
Elixir at de.nbi meetingElixir at de.nbi meeting
Elixir at de.nbi meetingNiklas Blomberg
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repositoryIna Smith
 
ELIXIR and data grand challenges in life sciences
ELIXIR and data grand challenges in life sciencesELIXIR and data grand challenges in life sciences
ELIXIR and data grand challenges in life sciencesRafael C. Jimenez
 
Datat and donuts: how to write a data management plan
Datat and donuts: how to write a data management planDatat and donuts: how to write a data management plan
Datat and donuts: how to write a data management planC. Tobin Magle
 
Globus in European Life Science
Globus in European Life ScienceGlobus in European Life Science
Globus in European Life ScienceGlobus
 
Neo4j for Discovering Drugs and Biomarkers
Neo4j for Discovering Drugs and BiomarkersNeo4j for Discovering Drugs and Biomarkers
Neo4j for Discovering Drugs and BiomarkersNeo4j
 
Graham Pryor
Graham PryorGraham Pryor
Graham PryorEduserv
 
Technical activities in ELIXIR Europe
Technical activities in ELIXIR EuropeTechnical activities in ELIXIR Europe
Technical activities in ELIXIR EuropeRafael C. Jimenez
 
An Oz Mammals Bioinformatics and Data Resource
An Oz Mammals Bioinformatics and Data ResourceAn Oz Mammals Bioinformatics and Data Resource
An Oz Mammals Bioinformatics and Data ResourcePhilippa Griffin
 
Data and Donuts: How to write a data management plan
Data and Donuts: How to write a data management planData and Donuts: How to write a data management plan
Data and Donuts: How to write a data management planC. Tobin Magle
 
The Future of Semantics on the Web
The Future of Semantics on the WebThe Future of Semantics on the Web
The Future of Semantics on the WebJohn Domingue
 
eTRIKS at Pharma IT 2017, London
eTRIKS at Pharma IT 2017, LondoneTRIKS at Pharma IT 2017, London
eTRIKS at Pharma IT 2017, LondonPaul Agapow
 
Architecture and Standards
Architecture and StandardsArchitecture and Standards
Architecture and StandardsARDC
 
Building blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesBuilding blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesIna Smith
 
Data discovery and sharing at UCLH
Data discovery and sharing at UCLHData discovery and sharing at UCLH
Data discovery and sharing at UCLHJisc
 
Prototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyPrototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyArchiver
 
FAIRDOM data management support for ERACoBioTech Proposals
FAIRDOM data management support for ERACoBioTech ProposalsFAIRDOM data management support for ERACoBioTech Proposals
FAIRDOM data management support for ERACoBioTech ProposalsFAIRDOM
 

Similar to Secure data management, analysis, infrastructure and policy in an international context (20)

Elixir at de.nbi meeting
Elixir at de.nbi meetingElixir at de.nbi meeting
Elixir at de.nbi meeting
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repository
 
ELIXIR and data grand challenges in life sciences
ELIXIR and data grand challenges in life sciencesELIXIR and data grand challenges in life sciences
ELIXIR and data grand challenges in life sciences
 
Datat and donuts: how to write a data management plan
Datat and donuts: how to write a data management planDatat and donuts: how to write a data management plan
Datat and donuts: how to write a data management plan
 
ELIXIR TCG update
ELIXIR TCG updateELIXIR TCG update
ELIXIR TCG update
 
Globus in European Life Science
Globus in European Life ScienceGlobus in European Life Science
Globus in European Life Science
 
Neo4j for Discovering Drugs and Biomarkers
Neo4j for Discovering Drugs and BiomarkersNeo4j for Discovering Drugs and Biomarkers
Neo4j for Discovering Drugs and Biomarkers
 
Graham Pryor
Graham PryorGraham Pryor
Graham Pryor
 
Technical activities in ELIXIR Europe
Technical activities in ELIXIR EuropeTechnical activities in ELIXIR Europe
Technical activities in ELIXIR Europe
 
An Oz Mammals Bioinformatics and Data Resource
An Oz Mammals Bioinformatics and Data ResourceAn Oz Mammals Bioinformatics and Data Resource
An Oz Mammals Bioinformatics and Data Resource
 
Data and Donuts: How to write a data management plan
Data and Donuts: How to write a data management planData and Donuts: How to write a data management plan
Data and Donuts: How to write a data management plan
 
The Future of Semantics on the Web
The Future of Semantics on the WebThe Future of Semantics on the Web
The Future of Semantics on the Web
 
eTRIKS at Pharma IT 2017, London
eTRIKS at Pharma IT 2017, LondoneTRIKS at Pharma IT 2017, London
eTRIKS at Pharma IT 2017, London
 
Sept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the CloudSept 24 NISO Virtual Conference: Library Data in the Cloud
Sept 24 NISO Virtual Conference: Library Data in the Cloud
 
Architecture and Standards
Architecture and StandardsArchitecture and Standards
Architecture and Standards
 
Building blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositoriesBuilding blocks for success: criteria for trusted institutional repositories
Building blocks for success: criteria for trusted institutional repositories
 
Data discovery and sharing at UCLH
Data discovery and sharing at UCLHData discovery and sharing at UCLH
Data discovery and sharing at UCLH
 
ELIXIR
ELIXIRELIXIR
ELIXIR
 
Prototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and CeremonyPrototype Phase Kick-off Event and Ceremony
Prototype Phase Kick-off Event and Ceremony
 
FAIRDOM data management support for ERACoBioTech Proposals
FAIRDOM data management support for ERACoBioTech ProposalsFAIRDOM data management support for ERACoBioTech Proposals
FAIRDOM data management support for ERACoBioTech Proposals
 

Recently uploaded

Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...Sérgio Sacani
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)Areesha Ahmad
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...ssifa0344
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...anilsa9823
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxgindu3009
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRDelhi Call girls
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsAArockiyaNisha
 
Disentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOSTDisentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOSTSérgio Sacani
 
Spermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSpermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSarthak Sekhar Mondal
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfSumit Kumar yadav
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxUmerFayaz5
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPirithiRaju
 
GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)Areesha Ahmad
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfSumit Kumar yadav
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)PraveenaKalaiselvan1
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...RohitNehra6
 
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls Agency
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls AgencyHire 💕 9907093804 Hooghly Call Girls Service Call Girls Agency
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls AgencySheetal Arora
 
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral Analysis
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral AnalysisRaman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral Analysis
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral AnalysisDiwakar Mishra
 

Recently uploaded (20)

Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)GBSN - Microbiology (Unit 1)
GBSN - Microbiology (Unit 1)
 
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
TEST BANK For Radiologic Science for Technologists, 12th Edition by Stewart C...
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
 
Presentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptxPresentation Vikram Lander by Vedansh Gupta.pptx
Presentation Vikram Lander by Vedansh Gupta.pptx
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based Nanomaterials
 
Disentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOSTDisentangling the origin of chemical differences using GHOST
Disentangling the origin of chemical differences using GHOST
 
Spermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatidSpermiogenesis or Spermateleosis or metamorphosis of spermatid
Spermiogenesis or Spermateleosis or metamorphosis of spermatid
 
Botany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdfBotany 4th semester file By Sumit Kumar yadav.pdf
Botany 4th semester file By Sumit Kumar yadav.pdf
 
Animal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptxAnimal Communication- Auditory and Visual.pptx
Animal Communication- Auditory and Visual.pptx
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
 
GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)
 
Zoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdfZoology 4th semester series (krishna).pdf
Zoology 4th semester series (krishna).pdf
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)Recombinant DNA technology (Immunological screening)
Recombinant DNA technology (Immunological screening)
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls Agency
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls AgencyHire 💕 9907093804 Hooghly Call Girls Service Call Girls Agency
Hire 💕 9907093804 Hooghly Call Girls Service Call Girls Agency
 
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral Analysis
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral AnalysisRaman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral Analysis
Raman spectroscopy.pptx M Pharm, M Sc, Advanced Spectral Analysis
 

Secure data management, analysis, infrastructure and policy in an international context

  • 1. Secure data management, analysis, infrastructure and policy in an international context Steven Newhouse Head of Technical Services, EMBL- EBI
  • 2. International Collaborative Data Analysis • Distributed data generation • Distributed data analysis • Distributed (in)formal governance • Increasingly sensitive data • Increasingly valuable analysis resources • Increasingly moving closer to production
  • 3. Some Examples • Worldwide Large Hadron Collider Computing Grid (WLCG) • A worldwide federation of federated sites • EMBL-EBI and ELIXIR • Infrastructure to support multiple communities • Global Alliance for Genomics and Health (GA4GH) • International collaboration to support
  • 4. WLCG Collaboration WLCG Workshop, Manchester 19 June 2017 4 April 2017: - 63 MoU’s - 167 sites; 42 countries 985 PB Storage  395 PB disk  590 PB tape
  • 5. Security Policy & Operations in e- Infrastructures • e-Infrastructures: • Generally federation of clusters/clouds in research community • Structured geographically nationally and/or regionally • Make local resources available to remote users • Build trust around common policies • Site Security Policy: What a site commits to • Acceptable Use Policy: What a user commits to • Security Operations • Monitor use to contain & eliminate any security breach
  • 6. WISE • WISE: Wise Information Security for e-Infrastructures • Community activity driven by the e-Infrastructures • Supporting user communities that span e-Infrastructures • Active Working Groups • Security for Collaborating e-Infrastructures • Security Training and Awareness • Risk Assessment • Security in Big and Open Data
  • 7. Security for Collaborating e-Infrastructures Build a trust framework to enable interoperation between e- Infrastructures and to manage cross-infrastructure security risks • Manage risk through mitigation & counter measures • Minimise impact of a security incident • Identify the cause of incidents to stop repeats • Identify users & services to control access to resources
  • 8. Building trust by exposing maturity • Expose Maturity across different Capabilities • Operational Security, Incident Response & Traceability • Participant Responsibilities • Data Protection • Capability Maturity Levels • 0: Not implemented for critical services • 1: Implemented for critical services but not documented • 2: Implemented and documented for critical services • 3: Implemented, documented and reviewed
  • 9. EMBL sites – over 1600 people and more than 80 nationalities Structural biology Hamburg Life sciences Heidelberg Epigenetics and neurobiology Rome Bioinformatics Cambridge (EMBL-EBI) Structural biology Grenoble Tissue biology and disease modelling Barcelona
  • 10. Data Resources at EMBL-EBI Literature & ontologies • Experimental Factor Ontology • Gene Ontology • BioStudies • Europe PMC Chemical biology • ChEBI • ChEMBL • SureChEMBL Molecular structures • Protein Data Bank in Europe • Electron Microscopy Data Bank Gene, protein & metabolite expression • Expression Atlas • Metabolights • PRIDE • RNA Central Protein sequences, families & motifs • InterPro • Pfam • UniProt Genes, genomes & variation • Ensembl • Ensembl Genomes • GWAS Catalog • Metagenomics portal Systems • BioModels • BioSamples • Enzyme Portal • IntAct • Reactome Molecular Archives • European Nucleotide Archive • European Variation Archive • European Genome-phenome Archive • ArrayExpress
  • 11. ~25 million requests to EMBL-EBI websites every day Big Data, Big Demand Scientists at over 5 million unique sites use EMBL-EBI websites 200 petabytes of scientific data managed by EMBL
  • 12. Storage Use Cases are Evolving • Evolving away from ‘simple’ archiving • Challenge used to be scale, now tackling diversity • Not just diversity in type, but diversity in access • Common use case • Public data embargoed before publication • Hosting sensitive data • European Genome-phenome Archive (EGA) • Analysing sensitive data • Formal access to named individuals for specific research goals
  • 13. Classifying and controlling the data • What data do we store? • Personal, Scientific Research, Administrative, Professional, Private • How sensitive is the data? • Controlled, Confidential, Restricted, Public • What are the storage options? • ‘Vault’, Managed, Standard, Any Cloud, EU Cloud, Hosting End up with a matrix describing what can go where!
  • 14. Data Sensitivity Classification Data Type On Site (inc. Embassy Cloud) Off-Site Confidential or Controlled Restricted Restricted Public or Controlled Public Confidential or Controlled Restricted Restricted Public or Controlled Public Scientific Research Vault (as contains Personal Data) Managed Standard EMBL Hosting EMBL Hosting or as specified by the Data Access agreement Any Professional N/A Standard Standard N/A EMBL Hosting Any Administrative SAP Facility (as contains Personal Data) Managed Standard EMBL Hosting EMBL Hosting EMBL Hosting Private Standard Standard Standard Any Any Any Personal Only as part of the Vault (Scientific Data) or SAP Facility Administrative Data) EMBL Hosting
  • 15. European Genome-Phenome Archive • Data hosted by EMBL-EBI and CRG • Several PB and growing • Data sets managed through individual Data Access Committees • EMBL-EBI data stored in the ‘vault’ • Isolated network area in ISO27K leased data centre space • Requires 2 factor auth to access • Data encrypted at rest • Data released to specific individuals • Encrypted with unique individual key
  • 16. ELIXIR – Research Infrastructure for Life Science 16 • Compute Access, Exchange & Compute on sensitive data • Data Sustain core data resources • Tools Services & connectors to drive access and exploitation • Standards Integration and interoperability of data and services. • Training Professional skills for managing and exploiting data
  • 17. ELIXIR: European Open Science Cloud • Cloud activities to support BMS Research Infrastructures • Commercial cloud providers: Helix Nebula Science Cloud, … • Community cloud providers: EMBL-EBI, CSC, de.NBI, … • Sensitive data may have complex requirements • Not to leave institution or legal jurisdiction • National legal requirements • Specific data protection requirements • Compile maturity matrix around key security features • Map user requirements to complient cloud providers
  • 18. ga4gh.org Place photo here: 2000px x 595px @ 72 dpi
  • 20. genomicsandhealth.org Overview • Data Security Work Stream helps assess security risk assessments associated with new GA4GH standards 20 At Project Start: Assessment of security risks associated with use case(s) to be addressed Prior to Standard Release: Assessment of how standard has addressed identified risks, and identification of residual risk Work Stream Standards-Development Activity Timeline
  • 21. genomicsandhealth.org Breach Response Strategy • Projected timeline: Begun at 2017 Plenary, projected end date TBD • Milestones 1) Write Scope and Principles document 2) Inventory practices in place with Driver Projects 3) Define a policy for sharing breach data 4) Develop protocol for sharing breach data 5) Define strategy for responding to breaches associated with GA4GH standards
  • 22. genomicsandhealth.org Authentication and Authorization Infrastructure (AAI) • Projected timeline: Identification/authentication development begun in 2017; end date TBD • Milestones 1) Document OpenID Connect profile developed for and implemented by ELIXIR Beacons 2) Define authorization use cases 3) Document standard GA4GH OAuth 2.0 authorization profile for RESTful APIs
  • 23. genomicsandhealth.org Linkages with Other Work Streams • Breach Information Exchange protocol will be informed by legal, regulatory, and ethical guidance provided by Regulatory and Ethics Work Stream • AAI profiles will consume vocabulary and ontology developed by Data Use and Research Identities (DURI) Work Stream • AAI use cases will be based on APIs being defined by Genomic Knowledge Sharing (GKS), Clinical and Phenotypic Data Capture, and Discovery Work Streams
  • 24. Conclusions • One size does not fit all • But there are some common approaches that can be adopted • Challenge is to build scalable trust networks • ‘Tea and biscuits’ strategy • Having confidence in those running sites & services • Security is just one aspect of data protection • Understand the data and what you are protecting it from