SlideShare a Scribd company logo

Exploring New Methods for Protecting and Distributing Confidential Research Data

Download as PPT, PDF
B
Bryan Beecher

The document discusses improving methods for distributing confidential research data. It proposes moving from traditional paper-based systems to a cloud-based model where researchers could access sensitive data and analytic tools securely through a web portal. Some benefits include improved speed, scalability and cost-effectiveness compared to existing approaches. However, challenges include ensuring security, performance, and meeting researchers' needs when providing customizable virtual research environments in the cloud.

EducationTechnology
1 of 40
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Exploring New Methods for Protecting and Distributing Confidential Research Data Bryan Beecher Felicia LeClere ICPSR/University of Michigan
Today’s Talk What’s ICPSR? How do organizations distribute confidential research data today? What are the problems? What can we improve?
What’s ICPSR? Inter-university Consortium for Political and Social Research JSTOR for social science data Serving billions since 1962
Who does ICPSR serve? Research universities Discover and download data Teaching universities and colleges On-line analysis Federal agencies Data management, preservation, and dissemination
Distributing data
Distributing data Most of our content is public-use Anonymized public opinion Aggregate government data Little risk of disclosure But what about the good stuff?
Distributing sensitive data
Distributing sensitive data Higher risk of breech of confidentiality Variables that give geographic information that might be combined with other data sources to identify a respondent Requires special handling
Distributing sensitive data Researcher agrees to protect the data and identities Delivered securely Harsh penalty deterrent http://www.flickr.com/photos/lwr/521394398
National Longitudinal Study of Adolescent Health Add Health Highly used and cited study Very frank questions Kids in 7 th through 12 th grade Carolina Population Center Gold standard in data protection
Traditional Approach http://www.flickr.com/photos/videolux/2389320345/ http://www.flickr.com/photos/curiousexpeditions/3767246490/
Traditional Approach Confidential research data Apply for access Write security plan Repeat
Can we improve upon it? Paperwork How do we speed the application process? Security How do we ensure the data are going to a good home?
Paperwork Web portal Research plan IRB approval CVs Confidentiality agreements
Paperwork Web portal Behavioral questionnaire Electronic copy of contract (HTML, PDF) Database back-end to drive workflow systems
Restricted data Contracting System Integrated with ICPSR’s existing Web download mechanism Collects information that would ordinarily be provided through paper “ Tickler” system to send reminders, nag about missing items
Security Current system relies on… The data provider to maintain security templates The researcher to write an IT security plan The data provider to read and understand the plan The researcher to execute the plan
Current access model Researcher Workstation ICPSR
A new access model? Secure Area Researcher Workstation ICPSR
Secure area = the cloud? Cloud-based access Convenient Scalable Economical Perfect? http://www.flickr.com/photos/docbudie/2240764187/
What could go wrong?
Almost everything Is the cloud reliable? Will the data be safe? We are building an analytic environment for a researcher, how will we know what to provide? Will this perform well for the researcher? This is the main story…
Cloud reliability Already using the cloud for DR purposes since January 2009 The Merit Network Operations Center monitors all of our stuff Ping, http GET every minute 24 x 7 Results?
Local v. cloud – CY 2009
Conclusion Cloud has been more reliable than local environment If local power was better, cloud would still be better, but only a little better Certainly seems to be good enough
Cloud security Absolute security? Who cares? More secure than the typical WinTel desktop of a social science researcher? That’s the goal http://www.flickr.com/photos/amagill/235453953
Current practice Data archive maintains per-platform guidelines on IT security Researcher downloads a template and writes his/her own IT security plan Data provider reviews plan; approves or iterates until approved or rejected
Sample items I secured the computer on which the Add Health data resides in a locked room, or secured the computer to a table with a lock and cable (locking the case so the battery cannot be removed). I turned off all unneeded services and disabled unneeded network protocols.
Brutal facts Data providers are not IT experts Researchers are not experts in IT security Even if the system is secure on Day One, what assurance is there that it continues to be secure? http://www.flickr.com/photos/42dreams/1878611309
Our approach to security Leverage tools from the cloud provider (AWS access control lists) Leverage tools from UMich (regular Retina and Nessus scans) Engage a white hat hacker to probe and evaluate the system
Conclusion Expecting researchers to build and maintain secure IT environments is not reasonable We think we can build something at least as secure in the cloud We’ll evaluate our environment using outside evaluators
What to deploy? Model means we need to distribute a working analytic environment, not just the data Also gives the researcher the opportunity to limit access to only a subset of contractees
May I Take Your Order? Operating system? Analysis software? Who’s allowed to use the system? Anything else? http://www.flickr.com/photos/stephenpougas/2267503544
The ACI Chooser Analytic Cloud Instance Cumulus The ACI Chooser Takes your order Brings your ACI to your table (in the cloud)
Conclusion We’re building this now Issues to resolve How do we get passwords to people? Remote access mechanism? Citrix? Terminal Services? Should we encrypt the data?
Performance Will a cloud-based analysis system meet the expectations of a researcher? Will one size fit all?
Amazon EC2 Regular S (1 CPU, 2GB, $0.12) L (4 CPU, 7GB, $0.48) XL (8 CPU, 15GB, $0.96) High memory XXL (13 CPU, 34GB, $1.44) XXXXL (26 CPU, 68GB, $2.88) High CPU M (5 CPU, 2GB, $0.29) XL (20 CPU, 7GB, $1.16)
Strategy Balance cost and performance Start small, but give opportunity to grow Easy to move an image from one instance size to another Measure performance via researcher’s experience
Conclusion Partners Panel Study of Income Dynamics (PSID) Los Angeles Family and Neighborhood Study (LA FANS) Start small; re-launch larger Ask how well it works
Thanks and Final Thoughts Could preserve machine image + data + software + “program” for replication purposes enclavecloud.blogspot.com charts our adventures Cloud-related work sponsored by a recent NIH Challenge Grant

More Related Content

PDF
Meetup presenation 06192013
Sqrrl
 
PDF
Study on Cyber Security:Establishing a Sustainable Cyber Security Framework f...
Rihab Rahman
 
PDF
Current trends in data security nursing research ppt
Nursing Path
 
DOCX
Sqrrl
Salman SH
 
PPTX
Irving-TeraData: data and science driven big industry-nfdp13
DataDryad
 
PPT
Privacy Preserving DB Systems
Ashraf Bashir
 
PDF
Braveheart Cloud Storage 2014 Student Showcase
Travis McAdams
 
PDF
BIOMAG2018 - Denis Engemann - MNE-HCP
Robert Oostenveld
 
Meetup presenation 06192013
Sqrrl
 
Study on Cyber Security:Establishing a Sustainable Cyber Security Framework f...
Rihab Rahman
 
Current trends in data security nursing research ppt
Nursing Path
 
Sqrrl
Salman SH
 
Irving-TeraData: data and science driven big industry-nfdp13
DataDryad
 
Privacy Preserving DB Systems
Ashraf Bashir
 
Braveheart Cloud Storage 2014 Student Showcase
Travis McAdams
 
BIOMAG2018 - Denis Engemann - MNE-HCP
Robert Oostenveld
 

What's hot (20)

PPTX
Security bigdata
Jitendra Chauhan
 
DOCX
Thought leaders in big data ulf mattsson, cto of protegrity (part 4)
Ulf Mattsson
 
PPTX
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
PacificResearchPlatform
 
PDF
Forecast 2014: eDiscovery and Forensics
Open Data Center Alliance
 
PPTX
Discovery of rest at data
Sanjeev Solanki
 
PDF
Towards Trusted eHealth Services in the Cloud
PaaSword EU Project
 
PPTX
No Free Lunch: Metadata in the life sciences
Chris Dwan
 
PPTX
Big Data Security Analytics (BDSA) with Randy Franklin
Sridhar Karnam
 
PPTX
Med.data.edu.au project
ARDC
 
PPTX
Running Research as a Service. Implications for Privacy Policies and Ethics
Lancaster University Library
 
PPTX
Managing Complexity in a World of Surprise David L. Alderson, PhD
PacificResearchPlatform
 
PPTX
Web scraping and healthcare
Avanish Giri
 
PDF
Capsule Computing: Safe Open Science
Beth Plale
 
PDF
Covid Safe Paths
Camera Culture Group, MIT Media Lab
 
PPTX
Discovery of rest at data
Sanjeev Solanki
 
PPT
current-trends
Quickoffice Test
 
PDF
BigInsight seminar on Practical Privacy-Preserving Distributed Statistical Co...
Statistisk sentralbyrå
 
PDF
Machine Learning in Healthcare: What's Now & What's Next
PointClear Solutions
 
PDF
Secure sensitive data sharing on a big data platform
redpel dot com
 
PDF
Some Frameworks for Improving Analytic Operations at Your Company
Robert Grossman
 
Security bigdata
Jitendra Chauhan
 
Thought leaders in big data ulf mattsson, cto of protegrity (part 4)
Ulf Mattsson
 
TIPPSS for Enabling & Securing our Increasingly Connected World – Trust, Iden...
PacificResearchPlatform
 
Forecast 2014: eDiscovery and Forensics
Open Data Center Alliance
 
Discovery of rest at data
Sanjeev Solanki
 
Towards Trusted eHealth Services in the Cloud
PaaSword EU Project
 
No Free Lunch: Metadata in the life sciences
Chris Dwan
 
Big Data Security Analytics (BDSA) with Randy Franklin
Sridhar Karnam
 
Med.data.edu.au project
ARDC
 
Running Research as a Service. Implications for Privacy Policies and Ethics
Lancaster University Library
 
Managing Complexity in a World of Surprise David L. Alderson, PhD
PacificResearchPlatform
 
Web scraping and healthcare
Avanish Giri
 
Capsule Computing: Safe Open Science
Beth Plale
 
Covid Safe Paths
Camera Culture Group, MIT Media Lab
 
Discovery of rest at data
Sanjeev Solanki
 
current-trends
Quickoffice Test
 
BigInsight seminar on Practical Privacy-Preserving Distributed Statistical Co...
Statistisk sentralbyrå
 
Machine Learning in Healthcare: What's Now & What's Next
PointClear Solutions
 
Secure sensitive data sharing on a big data platform
redpel dot com
 
Some Frameworks for Improving Analytic Operations at Your Company
Robert Grossman
 
Ad

Similar to Exploring New Methods for Protecting and Distributing Confidential Research Data (20)

PPTX
Research, the Cloud, and the IRB
Michael Zimmer
 
PPTX
Preparing for the Cybersecurity Renaissance
Cloudera, Inc.
 
PPTX
Intro to RDM
Sarah Jones
 
PPT
0th PPT - BLOCKCHAIN-CBE (1).ppt
VarioTechnology
 
PPTX
Cloud-Computing-and-Big-Data-Internship (1).pptx
ashabakhtar07
 
PDF
A proposed Solution: Data Availability and Error Correction in Cloud Computing
CSCJournals
 
PDF
Iaetsd enhancement of performance and security in bigdata processing
Iaetsd Iaetsd
 
PPTX
Breed data scientists_ A Presentation.pptx
GautamPopli1
 
PDF
Cloud and Bid data Dr.VK.pdf
kalai75
 
PPTX
Big Data PPT by Rohit Dubey
Rohit Dubey
 
PPT
Ahearn Cloud Presentation
johnjamesahearn
 
DOCX
Privacy-Preserving Multi-keyword Top-k Similarity Search Over Encrypted Data
JAYAPRAKASH JPINFOTECH
 
PPTX
Cyber security within Organisations: A sneaky peak of current status, trends,...
Marco Casassa Mont
 
PDF
J017547478
IOSR Journals
 
DOCX
Privacy-Preserving Multi-keyword Top-k Similarity Search Over Encrypted Data
JAYAPRAKASH JPINFOTECH
 
PPTX
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB
 
PDF
Kaasaegse andmekeskuse arhitektuur ja andmete turvalisus
Primend
 
PPTX
Overview of GovCloud Today
GovCloud Network
 
PPTX
Komatsoulis internet2 executive track
George Komatsoulis
 
PDF
Cloud data governance, risk management and compliance ny metro joint cyber...
Ulf Mattsson
 
Research, the Cloud, and the IRB
Michael Zimmer
 
Preparing for the Cybersecurity Renaissance
Cloudera, Inc.
 
Intro to RDM
Sarah Jones
 
0th PPT - BLOCKCHAIN-CBE (1).ppt
VarioTechnology
 
Cloud-Computing-and-Big-Data-Internship (1).pptx
ashabakhtar07
 
A proposed Solution: Data Availability and Error Correction in Cloud Computing
CSCJournals
 
Iaetsd enhancement of performance and security in bigdata processing
Iaetsd Iaetsd
 
Breed data scientists_ A Presentation.pptx
GautamPopli1
 
Cloud and Bid data Dr.VK.pdf
kalai75
 
Big Data PPT by Rohit Dubey
Rohit Dubey
 
Ahearn Cloud Presentation
johnjamesahearn
 
Privacy-Preserving Multi-keyword Top-k Similarity Search Over Encrypted Data
JAYAPRAKASH JPINFOTECH
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Marco Casassa Mont
 
J017547478
IOSR Journals
 
Privacy-Preserving Multi-keyword Top-k Similarity Search Over Encrypted Data
JAYAPRAKASH JPINFOTECH
 
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB
 
Kaasaegse andmekeskuse arhitektuur ja andmete turvalisus
Primend
 
Overview of GovCloud Today
GovCloud Network
 
Komatsoulis internet2 executive track
George Komatsoulis
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Ulf Mattsson
 
Ad

Recently uploaded (20)

PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PDF
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PDF
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PPTX
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
Insiders guide to clinical Medicine.pdf
AbhishekPatil315128
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
RMMM.pdf make it easy to upload and study
sajedul2
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 

Exploring New Methods for Protecting and Distributing Confidential Research Data

  • 1. Exploring New Methods for Protecting and Distributing Confidential Research Data Bryan Beecher Felicia LeClere ICPSR/University of Michigan
  • 2. Today’s Talk What’s ICPSR? How do organizations distribute confidential research data today? What are the problems? What can we improve?
  • 3. What’s ICPSR? Inter-university Consortium for Political and Social Research JSTOR for social science data Serving billions since 1962
  • 4. Who does ICPSR serve? Research universities Discover and download data Teaching universities and colleges On-line analysis Federal agencies Data management, preservation, and dissemination
  • 6. Distributing data Most of our content is public-use Anonymized public opinion Aggregate government data Little risk of disclosure But what about the good stuff?
  • 8. Distributing sensitive data Higher risk of breech of confidentiality Variables that give geographic information that might be combined with other data sources to identify a respondent Requires special handling
  • 9. Distributing sensitive data Researcher agrees to protect the data and identities Delivered securely Harsh penalty deterrent http://www.flickr.com/photos/lwr/521394398
  • 10. National Longitudinal Study of Adolescent Health Add Health Highly used and cited study Very frank questions Kids in 7 th through 12 th grade Carolina Population Center Gold standard in data protection
  • 11. Traditional Approach http://www.flickr.com/photos/videolux/2389320345/ http://www.flickr.com/photos/curiousexpeditions/3767246490/
  • 12. Traditional Approach Confidential research data Apply for access Write security plan Repeat
  • 13. Can we improve upon it? Paperwork How do we speed the application process? Security How do we ensure the data are going to a good home?
  • 14. Paperwork Web portal Research plan IRB approval CVs Confidentiality agreements
  • 15. Paperwork Web portal Behavioral questionnaire Electronic copy of contract (HTML, PDF) Database back-end to drive workflow systems
  • 16. Restricted data Contracting System Integrated with ICPSR’s existing Web download mechanism Collects information that would ordinarily be provided through paper “ Tickler” system to send reminders, nag about missing items
  • 17. Security Current system relies on… The data provider to maintain security templates The researcher to write an IT security plan The data provider to read and understand the plan The researcher to execute the plan
  • 18. Current access model Researcher Workstation ICPSR
  • 19. A new access model? Secure Area Researcher Workstation ICPSR
  • 20. Secure area = the cloud? Cloud-based access Convenient Scalable Economical Perfect? http://www.flickr.com/photos/docbudie/2240764187/
  • 21. What could go wrong?
  • 22. Almost everything Is the cloud reliable? Will the data be safe? We are building an analytic environment for a researcher, how will we know what to provide? Will this perform well for the researcher? This is the main story…
  • 23. Cloud reliability Already using the cloud for DR purposes since January 2009 The Merit Network Operations Center monitors all of our stuff Ping, http GET every minute 24 x 7 Results?
  • 24. Local v. cloud – CY 2009
  • 25. Conclusion Cloud has been more reliable than local environment If local power was better, cloud would still be better, but only a little better Certainly seems to be good enough
  • 26. Cloud security Absolute security? Who cares? More secure than the typical WinTel desktop of a social science researcher? That’s the goal http://www.flickr.com/photos/amagill/235453953
  • 27. Current practice Data archive maintains per-platform guidelines on IT security Researcher downloads a template and writes his/her own IT security plan Data provider reviews plan; approves or iterates until approved or rejected
  • 28. Sample items I secured the computer on which the Add Health data resides in a locked room, or secured the computer to a table with a lock and cable (locking the case so the battery cannot be removed). I turned off all unneeded services and disabled unneeded network protocols.
  • 29. Brutal facts Data providers are not IT experts Researchers are not experts in IT security Even if the system is secure on Day One, what assurance is there that it continues to be secure? http://www.flickr.com/photos/42dreams/1878611309
  • 30. Our approach to security Leverage tools from the cloud provider (AWS access control lists) Leverage tools from UMich (regular Retina and Nessus scans) Engage a white hat hacker to probe and evaluate the system
  • 31. Conclusion Expecting researchers to build and maintain secure IT environments is not reasonable We think we can build something at least as secure in the cloud We’ll evaluate our environment using outside evaluators
  • 32. What to deploy? Model means we need to distribute a working analytic environment, not just the data Also gives the researcher the opportunity to limit access to only a subset of contractees
  • 33. May I Take Your Order? Operating system? Analysis software? Who’s allowed to use the system? Anything else? http://www.flickr.com/photos/stephenpougas/2267503544
  • 34. The ACI Chooser Analytic Cloud Instance Cumulus The ACI Chooser Takes your order Brings your ACI to your table (in the cloud)
  • 35. Conclusion We’re building this now Issues to resolve How do we get passwords to people? Remote access mechanism? Citrix? Terminal Services? Should we encrypt the data?
  • 36. Performance Will a cloud-based analysis system meet the expectations of a researcher? Will one size fit all?
  • 37. Amazon EC2 Regular S (1 CPU, 2GB, $0.12) L (4 CPU, 7GB, $0.48) XL (8 CPU, 15GB, $0.96) High memory XXL (13 CPU, 34GB, $1.44) XXXXL (26 CPU, 68GB, $2.88) High CPU M (5 CPU, 2GB, $0.29) XL (20 CPU, 7GB, $1.16)
  • 38. Strategy Balance cost and performance Start small, but give opportunity to grow Easy to move an image from one instance size to another Measure performance via researcher’s experience
  • 39. Conclusion Partners Panel Study of Income Dynamics (PSID) Los Angeles Family and Neighborhood Study (LA FANS) Start small; re-launch larger Ask how well it works
  • 40. Thanks and Final Thoughts Could preserve machine image + data + software + “program” for replication purposes enclavecloud.blogspot.com charts our adventures Cloud-related work sponsored by a recent NIH Challenge Grant