NCCS Introduces CITADEL Security Framework for Open Science Using Protected Data

May 7, 2021

May 7, 2021 — The National Center for Computational Sciences (NCCS) at the US Department of Energy’s (DOE’s) Oak Ridge National Laboratory (ORNL) has unveiled CITADEL, a new framework of security protocols that will enable researchers to harness the NCCS’s supercomputers for open-science projects using protected data.

Although ORNL has a long history of conducting computational analysis on “open-research” data, which is typically easy to publish and disseminate, CITADEL will implement new security controls for handling large datasets that include private information. For example, this new capability will provide unprecedented levels of high-performance computing (HPC) power for research projects in the health care field, which requires patient privacy protection under the Health Insurance Portability and Accountability Act (HIPAA).

The CITADEL framework allows protected health information (PHI), personally identifiable information (PII), data protected under International Traffic in Arms Regulations, and other types of data that require privacy to be securely used on the Summit supercomputer, the upcoming Frontier exascale system, and other systems managed by the Oak Ridge Leadership Computing Facility (OLCF), a DOE Office of Science User Facility at ORNL.

The elevated security was implemented by the Scalable Protected Infrastructure (SPI) team within the NCCS with assistance from ORNL Risk Management and ORNL’s Information Technology Services Division (ITSD). The team began building from a prototype framework originally developed by Edmon Begoli, previous director of the Scalable Protected Data Facilities (SPDF) at NCCS, to enable the large-scale analysis of PHI data from the US Department of Veterans Affairs’ (VA’s) Million Veteran Program. The SPI team refined the prototype and extended the CITADEL capability to accommodate diverse programs and sponsors. The SPI team includes members from several different groups—including HPC Cybersecurity and Information Engineering, HPC Scalable Systems, SPDF, and ITSD—and is led by J. “Robert” Michael, the NCCS’s chief data architect.

“If you’re coming to ORNL, you hope that you’re going to be able to use these large supercomputers that are the best in the world. And so the question is: How do we allow people with highly protected data to leverage this vital resource in a way that’s compliant with the Federal Information Security Management Act?” Michael said. “With CITADEL, we’re utilizing an encrypted parallel file system that improves both performance and security, ensuring that we’re doing this in compliance with all of the regulations that are in place to protect this data.”

CITADEL’s security improvements aren’t just technical—new administrative protocols were also established for handling private data. Although ORNL already adheres to the National Institute of Standards and Technology’s security and privacy controls for moderate Official Use Only data, the SPI team developed extra precautions to manage private data such that it cannot be accessed by other researchers or used by other projects. For example, HIPAA-protected data for a project sponsored by the VA will be kept absolutely separate from HIPAA-protected data for a projected sponsored by the Centers for Medicare and Medicaid Services (CMS).

“The challenge with health data is that to do anything with it, you have huge privacy concerns,” said Jeremy Cohen, a program manager for the VA and CMS at SPDF. “So if you’re going to house this data, you have to treat the system as you would a secure environment in terms of the securities and policies that are wrapped around it—who gets access to the data, what they do with the data, and what can and cannot be moved out of that environment.”

With its new level of security for private data, CITADEL will present many new possibilities for research projects that previously could not access Summit, the nation’s most powerful and smartest scientific supercomputer. For example, using medical records that include handwritten doctor’s notes were problematic before CITADEL; although names and addresses could be automatically stripped out of structured medical records, freeform notes were not as simple.

“When you start talking about notes, where a physician has gone in and just written information, there aren’t really tools out there that reliably and with a high degree of confidence strip out identifying data,” Cohen said. “So that has been a limiting factor on where notes data can be used. It has to be kept in the environment. Now, having this capability to use CITADEL and burst out to Summit is huge because it opens up that resource for the first time ever to identifiable health data.”

Kevin Kerr, chief information security officer for ORNL’s ITSD, advised the SPI team in scoping out potential security issues. He also serves as ITSD’s risk manager.

“I watch what’s going on in the world, and while I may not know every risk or threat that’s out there, I can say, ‘Because you’re doing this, here’s some things that we need to think about,’” Kerr said. As a result, Kerr and his team consider many what-if scenarios.

The ITSD is responsible for ensuring ORNL’s compliance with all federal regulations and orders, so Kerr was ultimately responsible for vetting CITADEL’s proposed security processes. After months of evaluation within the current federal approval—as well as having the system tested by a “red team” of security professionals—Kerr approved the enhancements and the use of CITADEL on ORNL computers. CITADEL has also undergone comprehensive technical-, legal-, and policy-oriented reviews and received third-party accreditation.

UT-Battelle LLC manages Oak Ridge National Laboratory for DOE’s Office of Science, the single largest supporter of basic research in the physical sciences in the United States. DOE’s Office of Science is working to address some of the most pressing challenges of our time. For more information, visit https://energy.gov/science.


Source: COURY TURCZYN, ORNL

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industry updates delivered to you every week!

ARM, Fujitsu Targeting Open-source Software for Power Efficiency in 2-nm Chip

July 19, 2024

Fujitsu and ARM are relying on open-source software to bring power efficiency to an air-cooled supercomputing chip that will ship in 2027. Monaka chip, which will be made using the 2-nanometer process, is based on the Read more…

SCALEing the CUDA Castle

July 18, 2024

In a previous article, HPCwire has reported on a way in which AMD can get across the CUDA moat that protects the Nvidia CUDA castle (at least for PyTorch AI projects.). Other tools have joined the CUDA castle siege. AMD Read more…

Quantum Watchers – Terrific Interview with Caltech’s John Preskill by CERN

July 17, 2024

In case you missed it, there's a fascinating interview with John Preskill, the prominent Caltech physicist and pioneering quantum computing researcher that was recently posted by CERN’s department of experimental physi Read more…

Aurora AI-Driven Atmosphere Model is 5,000x Faster Than Traditional Systems

July 16, 2024

While the onset of human-driven climate change brings with it many horrors, the increase in the frequency and strength of storms poses an enormous threat to communities across the globe. As climate change is warming ocea Read more…

Researchers Say Memory Bandwidth and NVLink Speeds in Hopper Not So Simple

July 15, 2024

Researchers measured the real-world bandwidth of Nvidia's Grace Hopper superchip, with the chip-to-chip interconnect results falling well short of theoretical claims. A paper published on July 10 by researchers in the U. Read more…

Belt-Tightening in Store for Most Federal FY25 Science Budets

July 15, 2024

If it’s summer, it’s federal budgeting time, not to mention an election year as well. There’s an excellent summary of the curent state of FY25 efforts reported in AIP’s policy FYI: Science Policy News. Belt-tight Read more…

SCALEing the CUDA Castle

July 18, 2024

In a previous article, HPCwire has reported on a way in which AMD can get across the CUDA moat that protects the Nvidia CUDA castle (at least for PyTorch AI pro Read more…

Aurora AI-Driven Atmosphere Model is 5,000x Faster Than Traditional Systems

July 16, 2024

While the onset of human-driven climate change brings with it many horrors, the increase in the frequency and strength of storms poses an enormous threat to com Read more…

Shutterstock 1886124835

Researchers Say Memory Bandwidth and NVLink Speeds in Hopper Not So Simple

July 15, 2024

Researchers measured the real-world bandwidth of Nvidia's Grace Hopper superchip, with the chip-to-chip interconnect results falling well short of theoretical c Read more…

Shutterstock 2203611339

NSF Issues Next Solicitation and More Detail on National Quantum Virtual Laboratory

July 10, 2024

After percolating for roughly a year, NSF has issued the next solicitation for the National Quantum Virtual Lab program — this one focused on design and imple Read more…

NCSA’s SEAS Team Keeps APACE of AlphaFold2

July 9, 2024

High-performance computing (HPC) can often be challenging for researchers to use because it requires expertise in working with large datasets, scaling the softw Read more…

Anders Jensen on Europe’s Plan for AI-optimized Supercomputers, Welcoming the UK, and More

July 8, 2024

The recent ISC24 conference in Hamburg showcased LUMI and other leadership-class supercomputers co-funded by the EuroHPC Joint Undertaking (JU), including three Read more…

Generative AI to Account for 1.5% of World’s Power Consumption by 2029

July 8, 2024

Generative AI will take on a larger chunk of the world's power consumption to keep up with the hefty hardware requirements to run applications. "AI chips repres Read more…

US Senators Propose $32 Billion in Annual AI Spending, but Critics Remain Unconvinced

July 5, 2024

Senate leader, Chuck Schumer, and three colleagues want the US government to spend at least $32 billion annually by 2026 for non-defense related AI systems.  T Read more…

Atos Outlines Plans to Get Acquired, and a Path Forward

May 21, 2024

Atos – via its subsidiary Eviden – is the second major supercomputer maker outside of HPE, while others have largely dropped out. The lack of integrators and Atos' financial turmoil have the HPC market worried. If Atos goes under, HPE will be the only major option for building large-scale systems. Read more…

Everyone Except Nvidia Forms Ultra Accelerator Link (UALink) Consortium

May 30, 2024

Consider the GPU. An island of SIMD greatness that makes light work of matrix math. Originally designed to rapidly paint dots on a computer monitor, it was then Read more…

Comparing NVIDIA A100 and NVIDIA L40S: Which GPU is Ideal for AI and Graphics-Intensive Workloads?

October 30, 2023

With long lead times for the NVIDIA H100 and A100 GPUs, many organizations are looking at the new NVIDIA L40S GPU, which it’s a new GPU optimized for AI and g Read more…

Shutterstock_1687123447

Nvidia Economics: Make $5-$7 for Every $1 Spent on GPUs

June 30, 2024

Nvidia is saying that companies could make $5 to $7 for every $1 invested in GPUs over a four-year period. Customers are investing billions in new Nvidia hardwa Read more…

Nvidia Shipped 3.76 Million Data-center GPUs in 2023, According to Study

June 10, 2024

Nvidia had an explosive 2023 in data-center GPU shipments, which totaled roughly 3.76 million units, according to a study conducted by semiconductor analyst fir Read more…

AMD Clears Up Messy GPU Roadmap, Upgrades Chips Annually

June 3, 2024

In the world of AI, there's a desperate search for an alternative to Nvidia's GPUs, and AMD is stepping up to the plate. AMD detailed its updated GPU roadmap, w Read more…

Some Reasons Why Aurora Didn’t Take First Place in the Top500 List

May 15, 2024

The makers of the Aurora supercomputer, which is housed at the Argonne National Laboratory, gave some reasons why the system didn't make the top spot on the Top Read more…

Intel’s Next-gen Falcon Shores Coming Out in Late 2025 

April 30, 2024

It's a long wait for customers hanging on for Intel's next-generation GPU, Falcon Shores, which will be released in late 2025.  "Then we have a rich, a very Read more…

Leading Solution Providers

Contributors

Google Announces Sixth-generation AI Chip, a TPU Called Trillium

May 17, 2024

On Tuesday May 14th, Google announced its sixth-generation TPU (tensor processing unit) called Trillium.  The chip, essentially a TPU v6, is the company's l Read more…

Nvidia H100: Are 550,000 GPUs Enough for This Year?

August 17, 2023

The GPU Squeeze continues to place a premium on Nvidia H100 GPUs. In a recent Financial Times article, Nvidia reports that it expects to ship 550,000 of its lat Read more…

IonQ Plots Path to Commercial (Quantum) Advantage

July 2, 2024

IonQ, the trapped ion quantum computing specialist, delivered a progress report last week firming up 2024/25 product goals and reviewing its technology roadmap. Read more…

Choosing the Right GPU for LLM Inference and Training

December 11, 2023

Accelerating the training and inference processes of deep learning models is crucial for unleashing their true potential and NVIDIA GPUs have emerged as a game- Read more…

The NASA Black Hole Plunge

May 7, 2024

We have all thought about it. No one has done it, but now, thanks to HPC, we see what it looks like. Hold on to your feet because NASA has released videos of wh Read more…

Nvidia’s New Blackwell GPU Can Train AI Models with Trillions of Parameters

March 18, 2024

Nvidia's latest and fastest GPU, codenamed Blackwell, is here and will underpin the company's AI plans this year. The chip offers performance improvements from Read more…

Q&A with Nvidia’s Chief of DGX Systems on the DGX-GB200 Rack-scale System

March 27, 2024

Pictures of Nvidia's new flagship mega-server, the DGX GB200, on the GTC show floor got favorable reactions on social media for the sheer amount of computing po Read more…

MLPerf Inference 4.0 Results Showcase GenAI; Nvidia Still Dominates

March 28, 2024

There were no startling surprises in the latest MLPerf Inference benchmark (4.0) results released yesterday. Two new workloads — Llama 2 and Stable Diffusion Read more…

  • arrow
  • Click Here for More Headlines
  • arrow
HPCwire