Trusted research environments (TREs) are used by many organisations to securely manage sensitive data for research. Despite the commonality of need, there is currently little standardisation of infrastructure or deployment between operators, leading to duplication of effort and hindering service improvement.
TREEHOOSE aims to build on the research team’s experience of migrating a TRE hosting anonymised patient data over to ‘public cloud’ – meaning the data is accessible over a secure internet connection rather than in a local data centre – for the benefit of other operators. The project will include a new capability of ‘enclave computing’ to TREs, which will add a layer of software encryption to protect intellectual property and code in addition to the data itself.
The researchers will release open-source software to streamline building and operating TREs on public cloud infrastructure whilst maintaining security and trust. Secure enclaves go beyond the traditional TRE infrastructure by adding additional barriers to prevent software algorithms from leaking data.
A kit will be developed into which researchers can add their artificial intelligence (AI) or other analytical code for execution within a cloud TRE, safe in the knowledge that their code is protected from reverse-engineering or unauthorised sharing even by the TRE operators.
TREEHOOSE will enable wider adoption of TREs and increased security modes of working, thereby making possible research data analysis at scale while maintaining maximum data protections.
Principal investigator: Dr Christian Cole, University of Dundee
Funded amount: £202,664
- Final project report: TREEHOOSE: Trusted Research Environment and Enclave for Hosting Open Original Science Exploration
- Public involvement and engagement report: Trusted Research in the Public Eye: A toolkit for public engagement for trusted research environments (TREs)
- Initial public release of the TREEHOOSE beta