Overview of CitadelPrinceton University's Secure Research Infrastructure environment, Citadel, is designed to house and process restricted research data, including NIST 800-171 Controlled Unclassified Information (CUI) data, NIST 800-53 Federal Information Security Management Act (FISMA) data, HIPAA-regulated data, and data covered by certain Data Use Agreements (DUAs).Citadel offers a secure and user-friendly system for researchers to analyze and store data while preventing unauthorized access, changes, and distribution. This infrastructure supports alignment with with stringent cybersecurity standards such as NIST SP 800-171, NIST SP 800-53, HIPAA regulations, and certain Data Use Agreement (DUA) requirements. Secure Research Infrastructure Cage at the HPC RC Data Center Resources Citadel OverviewPrinceton's new research data environment offers security, collaborationSecure Research Infrastructure Technical OverviewSecure Research at Princeton: Social Sciences Key Features of Citadel Data Security and Encryption: Citadel is designed to prevent unauthorized access, changes to and distribution of restricted data such as CUI, ePHI, Intellectual Property (IP), Export-Controlled Data (EAR) or International Traffic in Arms Regulations (ITAR). All sensitive data is fully encrypted with user-owned public/private keys, making it inaccessible to system administrators. Only authorized users with the decryption keys can access the data. Additionally, Citadel ensures that all data, whether at rest or in transit, is encrypted end-to-end, guaranteeing that data remains secure from unauthorized access throughout its lifecycle.Secure Virtual Workstations: Researchers utilize secure virtual workstations, allowing them to work on sensitive data from anywhere with the same level of security as if they were on-site. Multi-Factor Authentication (MFA): Citadel employs multi-factor authentication to add an extra layer of security. Audit Logging and Monitoring: Citadel includes comprehensive audit logging and monitoring capabilities. Physical Security: The Citadel cage, located in the HPCRC data center, is the designated space for computing and storing sensitive data. Data Hosting and Management: Citadel is designed to host data subject to stringent data security standards, including to NIST SP 800-171, NIST SP 800-53, HIPAA, and other data regulations. Streamlined Deployment and Maintenance: Citadel is available on-demand with minimal maintenance requirements, supporting seamless and secure deployment for researchers. The infrastructure is designed to be user-friendly, reducing the burden of applying data security controls and allowing researchers to focus on their work.Collaboration and Accessibility: Citadel enables collaboration both within and outside of Princeton University. Researchers can securely work on data sets using desktops and laptops to access secure virtual machines. The system supports the use of familiar software tools on virtual machines located at the HPCRC data center, facilitating efficient and secure collaborative research.Future-Ready Security: Citadel is prepared for post-quantum cryptography, ensuring resilience against future threats posed by quantum computing. It aligns with emerging NIST standards for quantum-resistant encryption and is continuously evaluated to integrate quantum-safe protocols, ensuring long-term data security. Get Started by completing the Citadel Tenancy Application Request.
