High-Security Data Platform supporting Data Visiting for sensitive data
-
Discussion
-
Dear colleagues,
Some of you might be interested in this initially ad-hoc activity
emerging from the Austrian COVID19 Future Operations Clearing Board
that is now being supported by the CO-Creationg fund of the EOSC
Secretariat to turn it into a proper and re-usable Open-Source based
solution:
Already very early on during the rise of the COVID19 pandemic, the need
for solid, data-driven decision was recognized. During meetings of the
COVID19 Future Operations Clearing Board, a national expert platform in
Austria, it became evident that access to essential data was missing.
This was primarily due to the impossibility of data owners to share
their data with experts, either due to privacy reasons (medical, social
science), but also due to the massive risk involved in sharing
commercially sensitive data. In order to break this deadlock, TU Wien
within a timeframe of two weeks set up a high-security data
infrastructure and according processes to allow data owners to provide
– highly selective access (data visiting)
– to specific (fine-granular or aggregated, fingerprinted)
subsets of data
– for identified individuals
– for limited periods of time
– to answer precisely defined questions accepted by the data owner
As this infrastructure was set-up and deployed in less than two weeks,
it was obviously highly “handcrafted” and targeted to the specific needs
and local set-up. Yet, the availability of such an infrastructure has
met the interest of several parties who would like to provide such a
data hosting / data visiting solution on their own. We have thus been
granted funding to package and release this infrastructure components
and according documentation to allow other parties to set-up and operate
this infrastructure (or parts of it) in their own environment, thus
being able to maintain complete control over who is able to work with
which parts of their data within their own server infrastructure, and
without having to hand over data to external partners.
More details on this activity will be released via the (currently rather
rudimentary) webpage at
http://www.ifs.tuwien.ac.at/~andi/secure_data_infrastructure.html
We are, of course, very interested in feedback on the current
architecture, issues discovered with the architecture, design, and –
once the components are being provided (planed for late summer / early
autumn) – their usefulnees and limitations. If you have any questions,
pleaselet me know.
Best regards,
Andreas Rauber
Log in to reply.