Embed Size (px)
DESCRIPTION
WP 5: Secure access. C. Ohmann (chair), K. Kuhn ( co -chair). Aim of the presentation. partners objectives description of work deliverables milestones interactions next steps. Objective. - PowerPoint PPT Presentation
Citation preview
BioMedBridges EU FP7-Infra-2011-2.3.2GA No. 284209
WP 5: Secure access
C. Ohmann (chair), K. Kuhn (co-chair)
BioMedBridges Kick-off Meeting 5-6 March 2012, Hinxton, Cambridge
BioMedBridges Aim of the presentation
• partners• objectives• description of work• deliverables• milestones• interactions• next steps
BioMedBridges Objective
WP5 will establish a security framework which is compliant with legal and ethical requirements on the national and European level. It will both use security policies compliant with European regulations, and take into account policies and consent and use agreements of the participating infrastructures. For implementation of authentication and authorization services, existing standards, solutions, and concepts of European e-Infrastructures will be used in adequate way.
BioMedBridges WP-members (preliminary)
• C. Ohmann (Heinrich-Heine-Universitaet Düsseldorf, Germany, partner 5)• K. Kuhn (Klinikum Rechts der Isar der TU München, Germany, partner 7)• J. Ellenberg, D. Arendt, A. Keppler, A. Brazma (European Molecular Biology Laboratory, UK, partner 1)• A. Pollex-Krüger (Technologische und Methodenplattform für die vernetzte Forschung e.V. , Germany, partner 10)• M. Winn (Science and Technology Facilities Council, UK, partner 4)• M. Hrabé, C. Lengger, M. Räß, R. Ludwig, R. Frank (Helmholtz Zentrum Muenchen, Deutsches Forschungszentrum fuer Gesundheit und Umwelt GmbH, Germany, partner 11)• S. Klein, W. Niessen (Erasmus Universitair Medisch Centrum Rotterdam, Netherlands, partner 9) • NN (Forschungsverbund Berlin e.V., Germany, partner 6)• H. Raoul, C. Carbonelle (Institut National de la Santé et de la Recherche Médicale, France, partner 14)
BioMedBridges WP5 tasks
WT1-4: Regulations, requirements and design aspects
WT5-8: Security implementation
BioMedBridges WP5 Tasks / Responsabilities
WT Title Partner Description
1 Regulations and privacy requirements for using the data bridges(M1-M12)
UDUS, EMBL-EBI, ERASMUS MC, HMGU, STFC, TMF, TUM, FVB, INSERM
• analysis of the legal and ethical situation concerning sharing and transfer of data in a trans-European context for all e-Infrastructures
• Legal implications for different types of data (e.g. biobank, genetic, stem cell research, vulnerable populations)
2 Rules and regulations for accessing databases of e-Infrastructures(M6-M18)
UDUS, EMBL-EBI, ERASMUS MC, HMGU, STFC, TMF, TUM, FVB, INSERM
• Analysis of rules, regulations and practices/policies concerning the access to e-Infrastructures (survey)
• Special attention to informed consent, research excemptions, policies, approvals
BioMedBridges WP5 Tasks / Responsabilities
WT Title Partner Description
3.1 Regulations and security issues regarding security of biosamples(M1-M12)
TUM, EMBL-EBI, ERASMUS MC, UDUS, HMGU, STFC, TMF, FVB, INSERM
• Analysis of rules and regulations that affect data protection and security of bio-samples
3.2 Regulations and security issues regarding animal protection(M1-M12)
TMF, EMBL-EBI, ERASMUS MC, UDUS, HMGU, TUM, FVB, INSERM
• Analysis of rules, practices and regulations concerning data protection and protection of animal welfare
BioMedBridges WP5 Tasks / Responsabilities
WT Title Partner Description
3.3 Rules and regualations regarding data connected to intellectual property and licences in e-infrastructures(M1-M12)
EMBL-EBI, ErasmusMC, UDUS, HMGU, TUM, FVB, INSERM
• Analysis of rules, practices and regulations concerning access to databases and sharing of data by intellectual property rights
4 Development of a tool for assessment of ethical and legal requirements and supporting documents(M13-M24)
TMF, EMBL-EBI, ErasmusMC, UDUS, HMGU, STFC, TUM, FVB, INSERM
• Development of a requirements matrix, covering kind of data, kind of data protection, regulations and rules for secure acccess
• Development of templates and generic texts to support legal and sound cooperation for data exchange
BioMedBridges WP5 Tasks / Responsabilities
WT Title Partner Description
5 Security requirements for an e-infrastrucutre addressing the use cases(M6-M30)
TUM, EMBL-EBI, ERASMUS MC, UDUS, HMGU, STFC, TMF, FVB, INSERM
• Identification of security requiremetns for aggregated or shared data, including confidentiality, integrity ,and availability
• Specification of the use of de-identification and (k-) anonymity
6 Threat and risk analysis for sharing data or biomaterials(M9-M30)
TUM, EMBL-EBI, ERASMUS MC, UDUS, HMGU, STFC, TMF, FVB, INSERM
• Performance of a threat and risk analysis based on the security requirements
• Identification of attacker models, origins of threats and points of attack
• Risk analysis with weighting of different threats
BioMedBridges WP5 Tasks / Responsabilities
WT Title Partner Description
7 Design of security architecture and framework(M18-M30)
EMBL-EBI, TUM
• Design of security framework, comprising authentication, authorization and accounting services
• Specification of access layers and approved workflows
• Design of authentication mechanisms using standards and concepts from European initiatives
• Definition of a repository of authorization rules as part of a metadata repository
6 Implementation of a pilot for the security framework(M24-48)
EMBL-EBI, TUM, UDUS, STFC, TMF
• Implementation of the security framework for use cases, including policy administration repository
BioMedBridges Deliverables
Del. Title Due5.1 Report on regulations, privacy and security
requirements (UDUS)M18
5.2 Tool for assessment of regulatory and ethical requirements, including supportive documents (TMF)
M24
5.3 Report describing the security architecture and framework (TUM)
M30
5.4 Implementation of a pilot for the security framework (EMBL-EBI)
M48
BioMedBridges Milestones
Del. Title Due5.1 Report has been completed on regulations,
privacy, security, and IP requirements M18
5.2 Tool has been realized for assessment of regulatory and ethical requirements
M24
5.3 Security architecture and framework have been specified, security requirements and risks identified
M30
5.4 Security framework successfully implemented
M48
BioMedBridges Resources (PM)
Partner PM
UDUS 54
TMF 34
TUM-MED 58
STFC 15
HMGU 10
EMBL 55
ErasmusMC 5
FVB 6
INSERM 4
total 241
BioMedBridges Interaction
• Strong interaction with other WPs from the beginning, especially WP3,4 and 5 and the use cases (WP6-WP10)
• Close link to the BMS infrastructures via the partners involved
(BBMRI, EATRIS, ECRIN, ELIXIR, Infrafrontier, INSTRUCT, EMBRC, ERINHA, EU-Openscreen, Euro-Bioimaging)
• Interaction with other EU-projects in order to learn from existing/ongoing activities (e.g. Transform, p-medicine, EHR4CR)
BioMedBridges Next steps
• identification of WP-members from the participating partners
• regular telephone conferences of WP 5 (at least every 4 weeks)
• face-to-face meeting of WP 5 (e.g. June 2012)
• in the first half year of 2012 concentration on- WT1- WT3.1- WT3.2- WT3.3
BioMedBridgesWP5Questions for the dialogue between use cases and infrastructures
• What can be shared– What are the categories of available data
• Genetic, omics• Clinical: diagnoses, med histories, medication
– What does the legal and/or contractual situation allow?• Open / anonymous / derived data?• informed consent available? • Access restrictions?
– What is the technical basis offered• See WP4: browsing, programmatic access, RDF
• What is needed, what is the purpose– individual data (anonymized?) vs summaries/derived data– How will data be aggregated?– Are access tiers needed, e.g. for members only?
