SATRE - Standardised Architecture for Trusted Research Environments
Lead Research Organisation:
University of Dundee
Department Name: UNLISTED
Abstract
The need for trusted research environments (TREs) is clear. Personal or sensitive data
which have been collected for operational, commercial or governmental reasons need to be
managed securely and safely for research use in an environment that encourages best
practices. TREs are designed to enable only authorised projects and researchers access
to sensitive data whilst minimising risk of data release or exposure. Influential reports from
HDR UK and DARE together with the UK Government Goldacre review and “Data Saves
Lives” policy paper all have highlighted the need for change in how sensitive/personal
data are handled.
SATRE will compare openly available UK TREs hosting health, manufacturing, commercial,
science and humanities data and bring them into alignment of a standardised reference TRE
architecture. The development teams at HIC and ATI, fully supported by their infrastructure
partners, will lead the reference alignment in collaboration with a consortium of higher
education, charity and industry organisations.
The reference architecture and its implementation will be informed and strengthened by
a programme of community building and engagement with the DARE-sanctioned
working group, stakeholders and an extensive public representation. SATRE outputs will be
an informed reference TRE technical specification, a collection of educational media and
detailed reports; all supporting DARE’s aim of a national research data infrastructure.
which have been collected for operational, commercial or governmental reasons need to be
managed securely and safely for research use in an environment that encourages best
practices. TREs are designed to enable only authorised projects and researchers access
to sensitive data whilst minimising risk of data release or exposure. Influential reports from
HDR UK and DARE together with the UK Government Goldacre review and “Data Saves
Lives” policy paper all have highlighted the need for change in how sensitive/personal
data are handled.
SATRE will compare openly available UK TREs hosting health, manufacturing, commercial,
science and humanities data and bring them into alignment of a standardised reference TRE
architecture. The development teams at HIC and ATI, fully supported by their infrastructure
partners, will lead the reference alignment in collaboration with a consortium of higher
education, charity and industry organisations.
The reference architecture and its implementation will be informed and strengthened by
a programme of community building and engagement with the DARE-sanctioned
working group, stakeholders and an extensive public representation. SATRE outputs will be
an informed reference TRE technical specification, a collection of educational media and
detailed reports; all supporting DARE’s aim of a national research data infrastructure.
Technical Summary
Data required for research can have access restrictions due to legal oversight of personal
data or being commercially/organisationally sensitive data. Technical solutions which
provide secure access to such data are currently neither compatible with each other
nor conducive to collaborative research projects resulting in technical silos across different
sectors and industries. Initiatives from the UK Government, NHS Digital Transformation and
DARE UK are aiming to make data more available for research while increasing data
security (1–4). Technically, there is little reason or benefit to silos and a common, open and
inclusive infrastructure to support collaborative working with sensitive data in a safe
environment is achievable.
Each organisation building or deploying a TRE must independently invest a huge effort in
providing broadly similar security guarantees for the safety of the data held within the TRE
before even getting to spend effort on providing the research capability required by
researchers. The effort required to assure each data provider that their data will be
adequately protected must similarly be repeated for each pairing of data and TRE providers.
The open source TREEHOOSE (5) and Turing Data Safe Haven (6) TREs have been built
over several years and combine the experience and knowledge of working with sensitive
data from healthcare and other sectors and the AzureTRE (7) framework has been used as
the basis of multiple TRE deployments. They are cloud-based with no capital requirements
and can be deployed quickly and at scale. SATRE will use this knowledge to establish a
reference TRE specification and will combine their strengths to co-develop reference
TRE implementations for two cloud platforms. The TREs are open source so they can
be freely modified and adapted to suit the community without needing agreement by a
(proprietary) third party, and SATRE will establish cross-organisational development
collaborations for each reference implementation to support sustainable community-driven
development.
In SATRE we will deliver a reference TRE architecture design which will have been informed
not only by the experience of the underlying codebases, but importantly also stakeholders
from the Society of Research Software Engineering (RSE) TRE working group, as well as
with input from public groups through a programme of listening, education and
reflection to address questions around openness, transparency and security. SATRE will
use the experience of PPIE and co-development learned through leadership experience in
the CO-CONNECT (8), Alleviate (9), GRAIMATTER (10) and TREEHOOSE (11) projects.
SATRE will actively work with other DARE Driver Projects to ensure that their needs and
capabilities are reflected in the reference design and learning from SATRE likewise informs
the other Driver Projects. The core outcome of the reference architecture will be a solution
that can work across the Driver Projects of data ingress, data egress, data federation and
user access.
data or being commercially/organisationally sensitive data. Technical solutions which
provide secure access to such data are currently neither compatible with each other
nor conducive to collaborative research projects resulting in technical silos across different
sectors and industries. Initiatives from the UK Government, NHS Digital Transformation and
DARE UK are aiming to make data more available for research while increasing data
security (1–4). Technically, there is little reason or benefit to silos and a common, open and
inclusive infrastructure to support collaborative working with sensitive data in a safe
environment is achievable.
Each organisation building or deploying a TRE must independently invest a huge effort in
providing broadly similar security guarantees for the safety of the data held within the TRE
before even getting to spend effort on providing the research capability required by
researchers. The effort required to assure each data provider that their data will be
adequately protected must similarly be repeated for each pairing of data and TRE providers.
The open source TREEHOOSE (5) and Turing Data Safe Haven (6) TREs have been built
over several years and combine the experience and knowledge of working with sensitive
data from healthcare and other sectors and the AzureTRE (7) framework has been used as
the basis of multiple TRE deployments. They are cloud-based with no capital requirements
and can be deployed quickly and at scale. SATRE will use this knowledge to establish a
reference TRE specification and will combine their strengths to co-develop reference
TRE implementations for two cloud platforms. The TREs are open source so they can
be freely modified and adapted to suit the community without needing agreement by a
(proprietary) third party, and SATRE will establish cross-organisational development
collaborations for each reference implementation to support sustainable community-driven
development.
In SATRE we will deliver a reference TRE architecture design which will have been informed
not only by the experience of the underlying codebases, but importantly also stakeholders
from the Society of Research Software Engineering (RSE) TRE working group, as well as
with input from public groups through a programme of listening, education and
reflection to address questions around openness, transparency and security. SATRE will
use the experience of PPIE and co-development learned through leadership experience in
the CO-CONNECT (8), Alleviate (9), GRAIMATTER (10) and TREEHOOSE (11) projects.
SATRE will actively work with other DARE Driver Projects to ensure that their needs and
capabilities are reflected in the reference design and learning from SATRE likewise informs
the other Driver Projects. The core outcome of the reference architecture will be a solution
that can work across the Driver Projects of data ingress, data egress, data federation and
user access.
Organisations
People |
ORCID iD |