Mr. Stephen Bird1
1Queensland Cyber Infrastructure Foundation, St Lucia, Australia
Biography:
Stephen Bird is the Executive Manager for Advanced Computing at the Queensland Cyber Infrastructure Foundation. QCIF is a non-profit organisation that provides cutting-edge digital infrastructure capabilities for research and innovation across Queensland and Australia. QCIF draws investment from its Members, the Queensland Government, and the Australian Government’s National Collaborative Research Infrastructure Strategy (NCRIS) program. We are an NCRIS node for the Australian BioCommons (Bioplatforms Australia), and the Australian Research Data Commons and its Nectar Research Cloud.
Abstract:
Background: Sensitive data is increasingly common in research, including in fields as disparate as population health, biosecurity, food-security and agriculture, environmental science and biodiversity, defence, humanities, Indigenous studies, and social science. All involve the production, use, analysis, and management of sensitive data. To unlock the full potential of data sets in such sectors, researchers need secure and trusted digital environments allowing them to hold sensitive data they produce or receive from third parties (e.g., government and industry) and/or collaborate at scale on sensitive data whilst always ensuring the security of that data.
QCIF, in conjunction with ARDC and The University of Queensland, has developed a purpose-built trusted research environment named KeyPoint.
Method: KeyPoint was built to leverage the Australian Access Federation to enable researchers to use their institutional identity and credentials when using the service, to meet institutional requirements to use institutional identities when conducting research.
KeyPoint developed a novel approach to associate KeyPoint roles to an AAF identity, which we called personas. This presentation will describe this approach in detail and demonstrate how it achieves strict role and project separation, which is particularly relevant at the virtual desktop layer to eliminate inadvertent opportunities for data linkage or masquerading data ingress and data egress via different projects.
For Delegates: Delegates should develop an appreciation of the persona model within KeyPoint and understand how it ensures strict role-based access control and strict project separation, which are vital elements to a trusted research environment.