3. Tryggve – collaboration for sensitive biomedical data
3
• Project aims to strengthen Nordic biomedical research by
facilitating use of sensitive data in cross-border projects
• Partners and funders are NeIC and ELIXIR Nodes in Denmark,
Finland, Norway and Sweden
• Project will build on strong existing capacities and resources in
Nordic countries
4. Mission and goals
Tryggve develops services for biomedical researchers on Nordic scale
to allow secure, efficient and easy utilization of sensitive data for
research
What this means in practice:
• Provide secure and efficient analysis environments for sensitive
research data
• Support the process for accessing and moving the data
• Provide access to Nordic secure systems
• Empower Nordic research through use cases
• Transfer knowledge within Nordic developers and service providers
4
5. Nordic perspective
• Tryggve is a project in NeIC project portfolio
– NeIC = Nordic e-Infrastructure Collaboration
– Organization that facilitates the development and operation of high-
quality e-infrastructure solutions in areas of joint Nordic interest
– Organizational unit under NordForsk
• Collaboration between NeIC Tryggve and NordForsk funded projects
brings added opportunities to support joint Nordic interests. For
example
– NordForsk funded projects defining use cases for the Tryggve project.
– Tryggve providing access, advice and support on using secure systems
for processing data across borders
5
6. Tryggve works on 6 themes
1. Technical development
2. Interoperability of systems
3. Process development
4. Legal framework
5. Use cases
6. Communication and outreach
6
8. 1. Technical development
Provide secure computing environment for analysis of sensitive data.
• “Building blocks”
– TSD 2.0 service at USIT, Norway
– Mosler service at BILS, Sweden
– ePouta IaaS at CSC, Finland
– Computerome at DTU, Denmark
• All of the above have been launched for users
• Variety in the systems involved offers flexibility to handle different
user demands
• Legal issues for accessing and/or moving data across countries
under investigation
8
9. 1. Secure systems – Control and ownership of data
• Where the data is analyzed or stored; and who has the control over
the data are different things.
• The user stays in control. Service providers offer secure
environment for storing and analyzing the data.
• Data handler contract defines the roles.
Taking into use some of the secure systems does not imply
transferring the control over, or ownership of the data
9
10. 1. Secure systems – How to access
• The secure systems are available now.
• Access through Tryggve use cases, or directly from the providers
• Tryggve use case:
– gives access free-of-charge for limited time (to pilot use the system)
AND include support / development activities
– users are from several Nordic countries (“Nordic solution”)
– need access to a system in another country
• More information at Tryggve home page wiki.neic.no/tryggve
10
12. 2. Interoperability of systems
Improve joint use of Nordic secure systems.
• Development supporting interoperability:
– Data transfer service
– Portable software installations (Dockers and Virtual Machines)
– Accessing computing backend across countries
– Investigate common authentication and authorization mechanisms
• Existing tools will be utilized to support interoperability, including:
– Tool and Resource Registry at ELIXIR Denmark
– REMS authorization management system at ELIXIR Finland
12
13. 2. Interoperability: Portable software installations
• Users must be able to bring own software in the secure systems
• Important to be sure that exactly same workflow is executed at
different environments
• Service providers have limited resources for installing software
• Solution: Portable easy to deploy software installations
• Docker Containers within secure environments are being tested
13
14. • Secure file transfer based
on secure FTP
• No need to store
temporary copies on
user’s local computer
• Can be used for moving
data between Tryggve
systems, or to interface
with external repositories
14
2. Interoperability:
Data transfer
15. 2. Interoperability: Shared computing resources
• Aim: Enable use of secure IaaS resources across Nordics.
• Case: Provide computing resources from ePouta (Finland) for
Mosler service (Sweden)
• Mosler offers remote desktop for processing sensitive data, and
ePouta offers cloud infrastructure
– Connect systems with dedicated network
– ePouta provides secure private virtual cluster for Mosler to
utilize
• Proof-of-concept for future cases
15
17. 3. Process development
Improve accessibility of services and share best-practices in service
operations
• Tasks supporting development of processes:
– improving (or harmonizing) customer contract processes
– joint code of conduct for managing sensitive data
– sharing knowledge on technologies and software components
– sharing experiences in IT security and security reviews
– interacting with register data holders, biobanks, etc.
17
19. 4. Legal environment
Assess legal framework relevant for use of sensitive data in research,
and provide guidelines to fulfill legal requirements for trans-Nordic
studies.
• Activities include:
– assessing relevant legislation in Nordic and EU level
– analyzing legal requirements and conditions in some of the use cases
– preparing guidelines for researchers on the regulations
– looking into specific questions, such as moving data across countries
19
21. 5. Use cases
Implement and support concrete use cases to facilitate great
research and to connect project to actual user demands.
• Tryggve use case is part of a real research project aimed to
support the researchers in handling and analysis of sensitive data.
– at the same time, development of services in Tryggve is influenced by
the experiences gained from the pilot users / use cases.
• Use cases can be proposed at any time.
• (simple) process for proposing use cases documented at
wiki.neic.no/Tryggve#Use_cases
21
22. What does Tryggve offer for pilot users?
• The proposers of accepted use cases will receive:
– Access to secure data processing systems (for a limited time, and up
to a reasonable amount of disk space and computing resources)
– Expert assistance from Tryggve
– Possibility for targeted service development to enable the use case
• All this will be provided free of charge for the use cases
– No funding for proposers of accepted use cases is included
• What we expect from researchers involved in a use case
– Participation in discussions to specify the users’ needs
– Feedback for services
22
23. 5. Use Case proposal form available on web site
23
More information at https://wiki.neic.no/Tryggve#Use_cases
24. Tryggve and Nordic Biobanks
• Tryggve as a Nordic project can have a role in bridging the gap
between researchers and IT services.
• Including further development of the underlying systems.
• Services for Nordic Biobank community could include
– efficient and secure processing environment for sensitive data
– extending Biobanks own resources
– project-based storing and sharing of data
– packaging software stack for easier installation
– etc.
Use cases defined by Biobanks would be a way forward.
24
25. Thank you
25
Antti Pursula
Tryggve Project Manager
NeIC / CSC – IT Center for Science
antti.pursula@csc.fi
Twitter: @AnttiPursula
Web site: wiki.neic.no/Tryggve
Subscribe to Tryggve monthly
newsletter on the web site