One of Canada’s most powerful high-performance computing labs has deployed software to secure intellectual property and other confidential information while meeting compliance regulations for researchers using its portal.
Computing Virtual Laboratory (HPCVL) Thursday announced it has implemented the Entrust Inc. Authority Security Manager, Roaming Server and TruePass system to provide authentication and encryption capabilities for its Secure Grid Portal. The HPCVL portal allows researchers to access information securely and easily with two levels of authentication — one to confirm the user’s identity and the other to determine what level of access a user has according to his or her title. The deployment of security software follows HPCVL’s earlier work with Sun Microsystems Inc. on a portal (Secure Grid Portal) based on its Grid Engine to secure research information. HPCVL earlier this month also announced a $22-million investment in Sun Sparc-based servers running Solaris that will quadruple its computing power.
Founded by four Ontario universities, including Carleton University, Queen’s University (where the software was deployed and where the lab is based), The Royal Military College of Canada, University of Ottawa, and, more recently, Ryerson university, the HPCVL provides researchers with high-performance computing (HPC) resources to conduct research in numerous areas. These include medicine, engineering, economics and chemistry.
Dr. Ken Edgecombe says most of the threats against a laboratory setting are similar to those that plague enterprises. There are people, for example, who might try to disrupt operations by hijacking sessions and from there, take control of an organization’s computers, Edgecombe said.
“We have researchers that are using confidential data and therefore we have to protect that data,” said Edgecombe, adding encryption is one way to achieve that. “We also have people who have data they would like to protect from prying eyes because they may wish to commercialize some product based on that data later.”
All intellectual property on the portal will be encrypted using Entrust TruePass software so that in the event a rogue employee takes a backup copy of all the data they won’t be able to see it.
Ken Simzer, senior vice-president and chief marketing officer at Entrust, which has done a similar project for Royal Bank of Canada, said HPCVL needed a secure but easy way to share that information.
“From a security standpoint when you have an environment like theirs where you have huge amounts of intellectual property being created every day, collaboration is paramount because it’s cross-university,” said Simzer, who now sits on the lab’s board of trustees.
Edgecombe added data integrity is also an important part of HPCVL’s security strtategy.
“All researchers wish to ensure that the integrity of their data is ensured,” he said. “Data integrity is one of the bigger ones because even if you’re sharing your data with other people, you want to ensure they are able to use the same data that you used to do your original publication.”
Researchers involved in drug design, for example, need to make sure their data meets with Federal Drug Administration regulations. Researchers conducting surveys that include demographic information such as age, sex and income level, for instance, may also be subject to Canadian privacy laws like PIPEDA or, if the source is American, HIPPA in the U.S.
As part of the project, HPCVL also now has obtained a certificate authority (CA) from Entrust following an audit by Deloitte & Touche to ensure all of its policies and practice statements were properly done, said Edgecombe. The CA policy will become public domain once it is posted on HPCVL’s Web site within the next two months. The lab also has CA practice statements, which will remain confidential.
Simzer said to think of the certificate as a passport.
“What the system does is give you an electronic equivalent,” he said. It’s a legitimate, unique electronic document that you’re showing to the Web server and we will authenticate you. Next step is what privileges does person ‘x’ have on that Web site? Is she a researcher within the consortium? Maybe biotech. If so, she gets to see all the biotech stuff.”
With the certificate in place, Edgecombe said researchers now will have a level of assurance that their information will be protected.
“They can be assured that if they’re working with confidential information or information that they may have to reuse or share with people that it is the same data so the data integrity is ensured,” he said.