Cloud/Data Research Infrastructure

GW Information Technology, GW Libraries Technology-based research services, and the Office of Research Integrity and Compliance, offer regulated environments and data protection, along with risk assessments. 

These are sample frameworks we can use as a foundation for a discussion to better understand the researchers particular needs.  Working together with the RTS team, we can develop potential solutions with cost estimates to build the environment you need. 

Running Custom Software Securely

For  researchers who want to securely host a software application, either that they built or are providing the source code, this Software Application will be able to leverage GW’s high performance computing nodes.  Jobs are submitted to GW on premise services.  Below is a potential solution to this challenge.

Design Pattern - Secure Data Warehouse

The above solution is comprised of the components below:

  • Virtual Private Network
  • Application Server
  • Identity Access Management
  • Database Server

In this solution, the researcher provides the code, the code is deployed onto an existing application server on the VPN, the application is granted permissions to submit jobs to HPC (typically using SLURM).

This framework can be implemented for many potential applications, whether they are applications written by the researcher or hosted software, like Galaxy, to be used by a researcher’s team.

 

Working with Data Securely

Many researchers require a space for working with and managing a repository of their data.  This data usually consists of numerous sources and varying types.  They need the ability to work with and aggregate data in real time.

Design Pattern - Secure Custom App with Secure Data

The above solution is comprised of these components:

  • Virtual Private Network
  • Identity Access Management
  • Database Server
  • Data Factory
  • Storage Solution

Under this solution, the researcher would provide the data and the data use agreement (DUA). Data is brought into a data factory on the VPN in a tiered process. First the data is staged , uploaded or imported data is cached in data storage in accordance with the DUA. Second, the staged, or if external data is being imported in real time, is then aggregated and stored in the secure data warehouse. After the data has been brought into the warehouse, in accordance with the DUA, layers and views are made available. The researcher is allowed to grant explicit permissions to layers and views of data that have been transformed in the warehouse.

Request Technology Services

View the Research Guide from GW Libraries for information on Data Management Plans, best practices, archiving data, data security and data use agreements. 

Data management refers to activities and practices that support the long-term preservation, access, and use of data.

Activities can include:

  • planning
  • documenting 
  • formatting 
  • storing 
  • anonymizing
  • setting access restrictions on data.

Consulting services are available through GW Library Research Services.

Federal funding agencies and government entities may require data to be made available after the completion of a funded research project. These agencies may also require transparency of project operations, which means that data management plans must be outlined, submitted, and approved during the initial proposal process for every research project.

GW IT Information Security Services team is responsible for establishing and maintaining policies and conducting risk assessments to ensure that George Washington University has a secure information technology environment. GW departments and projects can request or be asked to undergo a risk assessment for their information resources.  For more information on security assessments and how to request one, please refer to the GW Information Security Services website.  These formal risk assessments may be conducted in a variety of ways, including:

  • Application Security Assessments or Penetration Testing
  • 3rd Party Application Security Assessments
  • Vulnerability Scans
  • Business Impact Analysis

Note: Fee to be determined