Secure Research Infrastructure

Princeton University's Secure Research Infrastructure environment, Citadel, is intended to house and process NIST 800-171 (CUI), NIST 800-53 (FISMA), HIPAA, and other extremely sensitive data loads.

Citadel allows researchers to securely analyze and store data, in a user-friendly system, while preventing unauthorized access, change, and distribution of data, enabling alignment with NIST SP 800-171, NIST SP 800-53, HIPAA regulations, and standard Data Use Agreements (DUA) requirements. 

Citadel can be used to prevent unauthorized access, change, and distribution of sensitive data such as Controlled Unclassified Information (CUI), ePHI data, Intellectual Property (IP), and Export-Controlled Data (ERA). Sensitive data is fully encrypted with user-owned public/private keys and is not accessible by system administrators. Only those with explicit access have the keys to decrypt the data.

Citadel

Secure Research Infrastructure Cage at the HPC RC Data Center

Key Features

  • Data export control 
  • Streamlined, secure deployment
  • Hosts NIST SP 800-171, NIST SP 800-53, HIPAA, and other extremely sensitive data.
  • Available on-demand, with minimal maintenance
  • Supports collaboration both within and outside of the University
  • Post-quantum cryptography ready 

Citadel is designed to act as a secure workstation for data storage and computations. Researchers can:

  • Securely store restricted data sets such as Controlled Unclassified Information (CUI), Intellectual Property (IP), Personal Health Information (PHI), or Export Controlled Data (EAR).
  • Perform work on stored data sets with familiar software tools running on virtual machines securely located at the HPC RC data center.
  • Securely work on their data sets using various devices - desktops or laptops.
  • Collaborate with other researchers on the same data sets inside and outside of Princeton University.