Presentation is loading. Please wait.

Presentation is loading. Please wait.

An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland."— Presentation transcript:

1 An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland

2 Data Confidentiality and ICPSR Tradition of ICPSR until about 10 years ago was to only handle data that could be put into the public domain Substantial change in focus due to changes in data collection methods and the demands of sponsors Rethink how we handle confidential data both internally and externally.

3 Confidential Data Two new initiatives at ICPSR Reorient how we process all data as we do not know which data files may include data the pose disclosure risk Large expansion in restricted use licenses and data that require special dissemination instructions.

4 Handling Confidential Data Data with identified disclosure risk need to be handled differently Need a secure environment in which to clean, process, and store data Serves as an processing system for all data in the future

5 Secure Processing Initiative Technical Requirements Solution for Windows Environment

6 Technical Requirements Network isolation Operating system and application isolation Separate data storage Accessible on-site or remotely through VPN Processing tools for *nix and Windows environments Seamless integration with existing workflow

7 Windows Environment Three ways to access Citrix Applications are isolated Familiar Windows look and feel Agent Desktop Web

8 Access provided through Start Menu Desktop Icon Citrix Agent

9 Citrix Program Neighborhood Agent Applications can be accessed from system tray Applications cannot access any files on host system Citrix application folders also added to Start menu Folders available while Agent active

10 Citrix Desktop Client Self-contained environment Runs in a separate window Isolated from host computer Familiar look and feel

11 Automating restricted use contracting Current practice is a paper based with all documents from the contract held in paper Data are transmitted through encrypted CD Administrators monitor contracts through ACCESS, Excel, or some other method Very time consuming for data systems with a large number of contract holders

12 Innovations in the RCS All electronic signatures except institutional representatives Changes in security evaluation Behavioral checklist Network scan conducted by ITSS, Michigan Freeware workstation audits

13 Innovations in the RCS Secure download of data 2-factor authentication Triggered by contract approval Single download with manual override

14 Contract Database Secure Storage Automated Reminder System Contract Management System ITSS Nessus Scanner Researcher workstation MyData Login & Password Security Audit Software Token Researcher workstation MyData Login & Password Security Audit Software Token Download Database Contract Application System Secure Online Analysis (SSDA) Secure Download System

15 Method of Access to Contracting System

16 Application flow Based on ICPSR’s authentication system MYDATA for the applicant Allows for return to upload additional components IRB approval Scanned signature pages Revised contract terms

17 USER INTERFACE

18 Signature Process Two approaches -for primary investigator and research staff, we will accept electronic signature. Each will be sent an email that directs them to a signature page. - for institutional representative, the p.i. will be sent an email with a signature page that will need to be signed, scanned, and uploaded.

19 Signature for researchers Add researchers and send email for signature

20 Researchers’ email signature page Lists all of the researchers, provides agreement terms, and a clickable signature field

21 Institutional representatives signature There will be a document attached to the email to be sent to PI that will be signed by Institutional Representative.

22 Security orientation Current orientation is a “trust me” orientation with very high burden for users to assess computer security New orientation ---provide users with tools to assess security

23 Security Process Three components Behavioral components Network Security Workstation security

24 How we approach security Two security focuses Where the data are stored Where users will be analyzing the data

25 Behavioral questions Allows users to justify some departures from appropriate secure data behaviors.

26 Setting up storage location

27 Setting up user locations

28 Using the security dashboard

29 What this tells us The NAS storage device and the workstation will need a SCAN (which is a NESSUS scan conducted by ITSS at the University of Michigan). The button request will run it and generate results that our staff will evaluate. If the block turns green, the system passes. If it is yellow, it means that you will need to retrieve response, remedy security issues, and rescan.

30 What this tells us The Audit is only required for the workstation. The clickable instructions will provide the users with instructions about how to download freeware and run it. The results of the audit will be emailed to our staff. The block again will turn green if no changes are necessary. The block will be red and a clickable link will provide users with instructions on how to resolve security issues

31 Navigation panel for user interface

32 Backend system Administrative portal Reporting System Automated email system to send reminders Secure Download System

33

34

35 Future Roll out with the Panel Study of Income Dynamics in September 2009 and the National Longitudinal Study of Adolescent Health in January 2010. Proposal into NIH to move data storage and analysis to the “computing cloud” -- that is utility computing on the internet.

Download ppt "An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland."

Similar presentations

Publication Module using back end interface. Institution Data Entry Add Documents. Edit/Delete Documents that are added but not yet sent to Institution.

Publication Module using back end interface. Institution Data Entry Add Documents. Edit/Delete Documents that are added but not yet sent to Institution.
Instructors: Connie Hutchison & Christopher McCoy

Instructors: Connie Hutchison & Christopher McCoy
Presentation on 3CD welcomes you to a Winman Software Pvt. Ltd.

Presentation on 3CD welcomes you to a Winman Software Pvt. Ltd.
A Producer’s Guide to Chubb’s SMART Application Platform

A Producer’s Guide to Chubb’s SMART Application Platform
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.
E-Gov Presented by Technical Services An electronic imaging system for accessing Harris County case records.

E-Gov Presented by Technical Services An electronic imaging system for accessing Harris County case records.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
The Application for Renewal Accreditation: Electronic Submissions.

The Application for Renewal Accreditation: Electronic Submissions.
1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.

1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
S ECURITY M ADE S IMPLE Technology leader in modern two-factor authentication via SMS Morten Skovsgaard Sales Manager 21 19 21 49

S ECURITY M ADE S IMPLE Technology leader in modern two-factor authentication via SMS Morten Skovsgaard Sales Manager
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
JOIN A COMMUNITY OF 80,000 E-COMMERCE SITES WORLDWIDE.

JOIN A COMMUNITY OF 80,000 E-COMMERCE SITES WORLDWIDE.
Advanced Workgroup System. RED Advanced Workgroup Systems: Scan Features Copy Print Scan DNSG Software Our Customers Documents Our Customers Documents.

Advanced Workgroup System. RED Advanced Workgroup Systems: Scan Features Copy Print Scan DNSG Software Our Customers Documents Our Customers Documents.
Advanced Email Last Updated: May 2008. 2 Class Outline Part 1 - Review –Review of email basics –Review of files and folders Part 2 - Attachments –Sending.

Advanced Last Updated: May Class Outline Part 1 - Review –Review of basics –Review of files and folders Part 2 - Attachments –Sending.
Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.

Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.
The Internet & The World Wide Web Notes

The Internet & The World Wide Web Notes

Similar presentations

Ads by Google