Trusted Research Environment and Enclave for Hosting Open Original Science Exploration (TREEHOOSE)

Trusted Research Environments (TREs) are used by many organisations to securely manage sensitive data for research. Despite the commonality of need there is currently little standardisation of infrastructure or deployment between operators, leading to duplication of effort and impeding service improvement. TREEHOOSE aims to build on our experience of migrating a TRE hosting NHS data to public cloud for the benefit of other operators. We will also to include a new capability of Enclave computing to achieve mutually trust-free computation, protecting users’ IP and code as well as the data.

We will release open-source tooling to streamline building and operating TREs on public cloud infrastructure whilst maintaining security and trust. Secure Enclaves go beyond the traditional TRE infrastructure by adding additional barriers to prevent software algorithms from leaking data. A kit will be developed into which researchers can add their AI or other analytical code for execution within a cloud TRE, safe in the knowledge that their code is protected from reverse-engineering or unauthorised sharing even by the TRE operators, with cryptographically-verified repeatable dependencies.

TREEHOOSE will enable wider adoption of TREs and increased security modes of working thereby making possible research data analysis at scale while maintaining maximum data protections.

TREs are necessary for the ethical and secure management of sensitive data. Traditionally, they require large, up-front capital, investment in specialist infrastructure and potentially procurement delays. The need for increased power and flexibility in TREs has driven increased adoption of cloud services in place of on-premise equipment. Cloud has matured in provision and security to the point where several security conscious organisations (e.g. Police, Government, Defence, Health) are employing them to allow for scaling efficiencies and on-demand access to leading edge hardware.

Designing and operating a TRE in the cloud requires considerable custom work, with a challenging learning curve for operations staff. The implementation, maintenance and development of TREs requires unique skillsets for which there is a current shortage. Upskilling of new and existing staff is crucial for the continued growth and development of Data Science in the UK.

Recent technical advances in Trusted Computing and cloud equipment such as AWS Nitro Enclaves allows the creation of a cryptographic ‘enclave’, within which code can execute free from tampering or inspection by the host environment: a ‘black box’, into which sensitive data can be passed, producing output which is captured and scrutinised before release to the user, without exposing the code itself to analysis or potential reverse-engineering by the TRE operators. This also provides enhanced, cryptographically-verified reproducibility of the container environment in which the code was executed.

We have been running a TRE for over a decade and have recently collaborated with AWS to develop a Cloud TRE which is now in production. TREEHOOSE will share open-source code and documentation for both operating and performing research within a modern cloud TRE with enclave facilities. This will
• Reduce the learning curve for TRE operators and users alike.
• Reduce the cost of migration to the cloud for other TREs.
• Aid portability of code between TREs.
• Make federation more straightforward through the use of common cloud deployments.

TREEHOOSE will also upskill project team members for the benefit of future research projects.

None of this work is possible nor sensible without engagement with the public and patients as they are the final arbiters of acceptable reuse of their data. We will embed workshops on trustworthiness of cloud computing with research data and report on our findings.