Princeton University's Secure Research Infrastructure environment, Citadel, is a NIST 800-171 (CUI), NIST 800-53 (FISMA), and HIPAA compliant environment for sensitive data loads.
Citadel allows researchers to securely analyze and store data, in a user-friendly system, while preventing unauthorized access, change, and distribution of data, enabling alignment with NIST SP 800-171, NIST SP 800-53, HIPAA regulations, and standard Data Use Agreements (DUA) requirements.
Citadel can be used to prevent unauthorized access, change, and distribution of sensitive data such as Controlled Unclassified Information (CUI), ePHI data, Intellectual Property (IP), and Export-Controlled Data (ERA). Sensitive data is fully encrypted with user-owned public/private keys and is not accessible by system administrators. Only those with explicit access have the keys to decrypt the data.

Secure Research Infrastructure Cage at the HPC RC Data Center
Key Features
- Data export control
- Streamlined, secure deployment
- NIST SP 800-171, NIST SP 800-53, and HIPAA regulations-compliant system
- Available on-demand, with minimal maintenance
- Supports collaboration both within and outside of the University
- Post-quantum cryptography ready
Citadel is designed to act as a secure workstation for data storage and computations. Researchers can:
- Securely store restricted data sets such as Controlled Unclassified Information (CUI), Intellectual Property (IP), Personal Health Information (PHI), or Export Controlled Data (EAR).
- Perform work on stored data sets with familiar software tools running on virtual machines securely located at the HPC RC data center.
- Securely work on their data sets using various devices - desktops or laptops.
- Collaborate with other researchers on the same data sets inside and outside of Princeton University.