PARC is pleased to make available two new resources that are intended to increase collaboration in research projects related to the demography of aging. Our core service audience is our local PARC affiliates, but anyone with an interest in learning more about our resources or who has suggestions for potential collaboration is encouraged to contact us. We are particularly interested in hearing from our other NIA Demography Centers.

PARC Shared Terminal Server
The PARC shared terminal server is a 64 bit 4 X quad networked server available to PARC staff, students, and affiliated researchers. The server provides substantial computational and storage capacity for both individual and group projects. It currently contains an archive of commonly used aging data sets available to researchers who have registered with the appropriate data vendor. Allowing multi-user access to one set of core files promotes three main goals:

  1. Prevents redundancy of having each user download, unpack, and organize their own data; this is particularly efficient for large multi-wave survey projects that may contain hundreds of files.
  2. One set of files encourages consistency in coding. As the PARC data manager organizes and updates each set of files, each user will see the same complete set of up-to-date files. This encourages standardization of coding and facilitates collaboration between project partners.
  3. Creation of a library of code saves time for new users and promotes the sharing of ideas between more seasoned researchers.

 

In addition to our primary goal of encouraging innovative research in the demography of aging, the shared terminal server’s collaborative approach saves time and money in several ways:

1. For users without appropriate computers or software, the shared terminal server provides a fully functioning virtual environment that provides resources from the first login. This is especially important for students or temporary collaborators who may not be willing to invest in the latest version of STATA or SAS for a short-term project.
2. For faculty working from multiple sites, including those working from home, the need to heavily invest in redundant equipment and software is eliminated. Even an older computer with limited functionality can harness the full potential of the shared terminal server. Just as PARC inventories data updates and achieves versions of the same dataset on the server, we also upgrade and maintain any necessary hardware or software so that the end user doesn’t have to.
3. The virtual desktop environment of the shared terminal server allows for easy collaboration from both local users and those at a distance. We are currently actively involved with projects in a number of countries across three continents. Quick and easy communication allows for full engagement by all project personnel.

We are constantly trying to improve the shared terminal server experience for all users and welcome suggestions. Besides the analysis software already mentioned, users have the option of working with Microsoft SharePoint.

 

PARC Secure Data Enclave
The PARC secure data enclave is similar to the shared terminal server but it offers additional security measures that make it a safe place to store and analyze restricted or secure data. We introduced the secure data enclave because we realized that many users were avoiding restricted data sets for a variety of reasons:  

  1. Many vendors expect users to host restricted data on a non-networked, stand-alone computer in a private workspace. Few students are able to maintain a private locked office and even for those students and faculty who can, the cost of purchasing an extra computer with any necessary analysis software is too much of a financial burden. 
  2. The designation of “restricted” is generally designated by the project that creates the release file. Requirements for data protection may vary depending on local IRBs, laws and regulations, and project personnel. It is a necessary but sometimes time-consuming process to create and submit a secure data protection plan. For users uncertain of a restricted dataset’s value, this hurdle may be too great to overcome. 
  3. Many users may need to share data, for example, faculty and students working on joint projects. Despite the best intentions, disks are misplaced, copies are filed to multiple machines, and remnant pieces of data remain cached in old machines long after a research project has been completed. As spot checks and audits become more common, faculty and administrators are becoming more concerned about the difficulty of verifying the security of restricted data at all times.

PARC has resolved these issues by creating a centralized work environment that takes away the need for additional hardware or software. The secure data enclave assigns a unique virtual desktop to each user complete with copies of SAS, STATA MP4, and Microsoft Office. Restricted data files are maintained in an encrypted format on the server, and original disks are stored in a locked safe maintained by PARC. Copies of the data are never circulated, and the original disk can be returned to the original distributor at the project’s end or destroyed. For group projects, individual users can easily have their access granted or revoked quickly.

A main concern with hosting data in a networked environment is that even data maintained on a secure server becomes vulnerable once it reaches the end-user’s machine. Following the lead of the NORC Secure Data Enclave (http://www.norc.org/projects/data+enclave+project.htm), PARC has invested in a CITRIX based approach to secure remote computing. The secure data server runs on CITRIX Presentation Server, which is accessed via a CITRIX gateway appliance. Firewalls on either side of the appliance add additional security. The solution works because each user must first download a CITRIX plugin to their local client. When a connection to the secure server is requested, CITRIX essentially locks down the local client so that no secondary data streams are permitted. In addition, no data is cached in memory, and copying and printing are strictly controlled. The end user’s machine essentially becomes a dummy terminal or a thin client. Users can access and analyze data on a terminal but have no ability to transfer data in or out. All data transmitted to and from the server is delivered via an encrypted tunnel.

PARC is committed to creating a collaborative working environment where data can be shared in a safe and secure manner. We do not believe that sharing data and data security are mutually exclusive. Through the process of creating the secure data enclave, we have come to realize that beyond increasing access to restricted data, we have also increased the security of such data. We remain unimpressed with the solution of having individual users maintain non-networked workstations in private offices. Our secure server room has greater physical security than private offices (no housekeeping or maintenance staff has access to it), and there are no extra copies of data ever created outside of the secure server.

For any researcher interested in working on PARC-related projects, please contact us and we will be happy to discuss this further.