CREATE Trusted Research Environment¶
What is a Trusted Research Environment?¶
Trusted Research Environments (TREs) provide highly secure computing environments that enable approved researchers to access sensitive datasets. Also known as 'Data Safe Havens' or 'Secure Data Environments', TREs are the emerging standard for processing sensitive datasets in particular those coming from the NHS.
CREATE TRE Current Status¶
CREATE TRE is currently in the the early stages of its development. In January 2023 we launched two pilot projects within our TRE, which included secure data storage, secure data transfer, a locked environment with no data egress or internet access, and pre-installed software for researchers (Excel, Python, R, RStudio, SPSS, Stata, Word).
Since then we continue to improve the security and functionality. For example the process allowing egress of non-sensitive research outputs outside of the environment.
The pilot TRE provides a Windows based virtual desktop environment. We will soon launch the Linux virtual desktop equivalent. Later this year we will be working on HPC (i.e. multi-node) TRE environments.
We remain committed to maintaining the highest levels of security and functionality within our TRE and will continue to implement improvements and updates to ensure that we provide the best possible environment across a very broad range of use cases.
We are currently developing our roadmap for project onboarding to run from now throughout 2023 and beyond. If you are interested in getting added to the pipeline please contact:
email@example.com (e-Research TRE Lead)
We expect TRE demand to be exceptionally high so there may be long waits between project registration and our ability to onboard.
CREATE TRE Design¶
Although our TRE is in the early stages of development, we have made significant progress in designing and implementing the core elements of our secure environment.
TRE key components:
- Users log in to the e-Research portal using Multi Factor Authentication (MFA)
- Users need to be a member of one or more security groups to access the TRE, the 4 security groups are:
- Standard user:
- Access to the TRE project Virtual Desktop machines (VMs)
- Read-only access to the project dataset directories
- Data manager user (in addition to above):
- Have full access to dataset directories
- Data ingress user:
- Allowed to import data to the TRE project
- Data egress user:
- Allowed to export data from the TRE project
- Data egress details are logged for audit purposes and users with egress access must be trained to appropriately classify and approve data for egress
- Standard user:
- Connection to the TRE web portal is encrypted (HTTPS)
- The portal web server then makes an encrypted (RDP) connection to the TRE project VMs (Virtual Machine)
- A private OpenStack cloud contains the TRE project elements:
- Researchers VMs (contain pre-installed software and access to the project dataset)
- Data mover VMs (dedicated to input and output TRE data by project’s nominated data ingress/egress users)
- SMB server (stores encrypted TRE project dataset and user/project data, backed up outside the environment)
- Security Groups control egress and ingress traffic to the TRE environment
- No Internet access from the project VMs
- Proxy server (to control ingress/egress from TRE projects)
TRE Environment Diagram (subject to change)¶
graph TB A(<font color=white>Data host) A1(<font color=white>Data host) a(<font color=white>Project data mover filtering) a1(<font color=white>Project data mover filtering) B(<font color=white>Data movers) b(<font color=white>Data movers) F(Data storage) f(Data storage) G(<font color=white>Verified TRE Project Researchers) I((<font color=white>Backup)) i((<font color=white>Backup)) J(TRE Project 1) K(<font color=black> Portal) O(Research software) o(Research software) O2(Research software) o2(Research software) P(TRE Project 2) style A fill:#8f1a00 style A1 fill:#8f1a00 style a fill:#8f1a00 style a1 fill:#8f1a00 style G fill:#00758f style K ffill:#00758f style B fill:#8f1a00 style b fill:#8f1a00 style I fill:#1738AA style i fill:#1738AA linkStyle default fill:none,stroke-width:2px,stroke:green a<-->A a1<-->A1 subgraph Researcher computer w/ Internet connection G end subgraph Internet A A1 end subgraph e-Research - Web Portal G --> |<font color=red>Multi factor authentication with King's account| K end subgraph e-Research F---> I f---> i b<---> a B<---> a1 K --> J K --> P subgraph <font color=green>TRE Environment J--> O --> F J--> o --> F F <--> B subgraph Virtual Desktop B end subgraph TRE Project 1 Storage F end subgraph Virtual Desktop O end subgraph Virtual Desktop o end end subgraph <font color=green>TRE Environment P--> O2 --> f P--> o2 --> f f<--> b subgraph VirtualDesktop b end subgraph TRE Project 2 Storage f end subgraph Virtual Desktop O2 end subgraph Virtual Desktop o2 end linkStyle 0,1,5,6,13,18 stroke:red end end