What is Citadel? Princeton University's Secure Research Infrastructure environment, Citadel, is designed to handle and process restricted research data, including NIST 800-171 Controlled Unclassified Information (CUI), NIST 800-53 Federal Information Security Management Act (FISMA) data, and HIPAA-regulated information. Citadel supports alignment with these standards to ensure the secure management of sensitive data. Who can use Citadel? All faculty of Princeton University, members of their research groups, and collaborators at other institutions are allowed to use the system. All users must pass the required training and be sponsored by a faculty member. To get started, complete the tenancy application for a new project Citadel Tenancy Application Request. What are the requirements to use Citadel? All users requesting access to Citadel must complete training and sign the Rules of Behavior. Additional information is available in the ServiceNow Article. Can students use Citadel? Yes, graduate students can use Citadel for research purposes. Authorized undergraduate students can also use it as part of a registered course. All students must satisfy the same training requirements as other researchers before they are granted access to Citadel. Additional information is available in the ServiceNow Article Can remote collaborators use Citadel? Yes, authorized non-Princeton collaborators who are authorized can access Princeton's Citadel resources. Collaborators are assigned Princeton NetID (RCU or DCU) accounts and must follow the same policies, standards, and procedures as Princeton users. How long does it take to receive approval and implement a new project? Approval and on-boarding for a new project typically take between 1-2 weeks. What types of data can be stored in Citadel? Citadel is designed to handle various types of restricted data, including:Controlled Unclassified Information (CUI)Electronic Protected Health Information (ePHI)Intellectual Property (IP)Export-Controlled Data (EAR)Citadel can accommodate other forms of restricted data. To ensure compatibility, please include applicable data regulations in your tenancy application. Does Citadel offer storage and compute for restricted data? Yes, Citadel offers both storage and compute capabilities, with a Secure Vault for storage and Secure Virtual Machines for collaborative work on data. What applications can I use in Citadel? Citadel images are available for Linux and Windows Operating Systems with standard tools for research. Additionally, if you need a particular tool, it can be made available for your project upon request, following necessary testing and certification to ensure compatibility and stability. Does Citadel have internet access? Projects in Citadel do not have access to the internet. Data can be securely imported through several methods, and there is an NFS mirror to provide additional packages. How is data security managed in Citadel? Citadel employs robust security measures, including:Full encryption of sensitive data with user-owned public/private keysSecure virtual workstations for remote data accessMulti-factor authentication (MFA) to ensure only authorized users can access the systemComprehensive audit logging and monitoring capabilities to track data access and activity How does Citadel support alignment with regulatory standards? Citadel supports alignment with NIST SP 800-171, NIST SP 800-53, and HIPAA regulations. Additional Information is available in the ServiceNow Article.
