Virtual Organisations for Trials and - National e

Download Report

Transcript Virtual Organisations for Trials and - National e

Virtual Organisations for Trials and
Epidemiological Studies (VOTES) –
Experiences & Prototypes after 1 year
Prof Richard Sinnott
Technical Director National e-Science Centre
University of Glasgow
[email protected]
E-Science Institute Neuro- workshop,
28th November 2006
Clinical Trials 101
Need to answer questions such as
How many men in Scotland between the ages of 45-65 had a
heart attack in the last 5 years? Of those that did, would they be
interested in trialling a new drug to prevent possible further
serious major events?

Recruitment!
For recruited men, are they regularly taking the new drug (or
placebo)? Do they visit their GP/hospital regularly for the
drug/placebo, to give samples, for monitoring purposes? Did they
have any further major events (or side-effects) in taking the
drug?

Data collection!
Who can see the information associated with this trial? Can a
hospital doctor, nurse see all of given patients data? Only their
GP? A clinical trials researcher? Who ensures that a study is in
the patients interest? Can we simplify the ethical review process?
Who checks the validity of trial results?

Study management!
E-Science Institute Neuro- workshop,
28th November 2006
VOTES
Virtual Organisations for Trials and Epidemiological Studies
3 year (£2.8M) MRC funded project started October 2005
Plans to develop framework for producing Grid infrastructures to
address key components of clinical trial/observational study



Recruitment of potentially eligible participants
Data collection during the study
Study administration and coordination
– Involves Glasgow, Oxford, Leicester/Nottingham, Manchester, Imperial
» Strong links with UK Biobank
Clinical Virtual Organisation Framework
Used to realise
CVO-1
(e.g. for data
collection)
CVO-2
(e.g. for
recruitment)
LeiNott
GLA
Transfer
Grid
GPs
OX
IMP
Clinical trial
data sets
E-Science Institute Neuro- workshop,
28th November 2006
Disease
registries
Hospital
databases
Grid Background
What is a Grid?
Data Grid vs Compute Grid vs Information
Grid vs Campus Grid vs Enterprise Grid vs
…
Technologies for Grids
Web services
Globus
OMII-UK
EGEE/gLite
…
E-Science Institute Neuro- workshop,
28th November 2006
E-Health Grids…
Essential that they offer
Fine grained security

AAAA
Access/integration of rich variety of clinical data sets
Ease of use for end users
Single sign-on to various remote resources
Site autonomy/manageability for local admins
Scalability for large scale virtual organisations
Controlled dynamicity of users, resources, policies…
…
– HYPOTHESIS: Shibboleth + Grid + advanced
authorisation infrastructures can address these issues
E-Science Institute Neuro- workshop,
28th November 2006
Usability
Grid Security
AAA A
Users like usernames/passwords
Provide them (once!)
Users don’t like/understand X.509
based PKI
Forget training, education for most users!

$> openssl pkcs12 -in cert.p12 -clcerts -nokeys -out usercert.pem!
The vast majority most certainly won’t jump
through hoops to get on the Grid

“me-Science” culture
E-Science Institute Neuro- workshop,
28th November 2006
“A”AAA
Identity management issues
Certificate Revocation Lists
When revoked? By whom? How timely?
Strong passwords for private keys
Users write them down, share them, forget them
Privilege Management
Numerous domains where never get access to
local account to “do stuff”

I need to access your NHS DB to run queries, change tables,
run arbitrary code…
At NeSC Glasgow we have focused on

improving
AAA
A
and AAAA
E-Science Institute Neuro- workshop,
28th November 2006
Improving “A”AAA
Best to exploit local authentication
Sites know best if users still at institution and
are best placed to state what their privileges
are/should be
Introducing Shibboleth
E-Science Institute Neuro- workshop,
28th November 2006
Introducing Shibboleth
Shibboleth (http://shibboleth.internet2.edu)
Definition
Shibboleth [Hebrew for an ear of corn, or a stream or flood]
1. A word which was made the criterion by which to
distinguish the Ephraimites from the Gileadites. The
Ephraimites, not being able to pronounce sh, called the
word sibboleth. See --Judges xii.
2. Hence, the criterion, test, or watchword of a party; a
party cry or pet phrase. ]

Shibboleth will replace Athens as access mgt system across UK
academia
– i.e. this is main stream and not (weird) Grid solutions!
Federations based on trust


or more accurately trust but verify
numerous international federations exist MAMS, SWITCH, HAKA, SDSS…
E-Science Institute Neuro- workshop,
28th November 2006
Typical Shibboleth Scenario
Identity Provider
LDAP
AuthN
Home Institution
Federation
Service provider
5. User accesses resource
W.A.Y.F.
User
1.
User points browser at Grid
resource/portal (or non-Grid
resource)
E-Science Institute Neuro- workshop,
28th November 2006
Grid resource
/ portal
It’s a start, but…
Benefit from local authentication but really
want finer grained control…
I know you have authenticated, but I need to
know that you have sufficient/correct
privileges to access my VO resources
can also return various other information
needed to support authorisation decisions

At NeSC we have been working extensively with PERMIS
E-Science Institute Neuro- workshop,
28th November 2006
Role Based Access Controls
Basic idea is to define:
roles applicable to specific VO

roles often hierarchical
– Role X ≥ Role Y ≥ Role Z
– Manager can do everything (and more) than an employee can do
who can do everything (and more) than a trainee can do
actions allowed/not allowed for VO members
resources comprising VO infrastructure (computers, data
resources etc)
A policy then consists of sets of these rules


{ Role x Action x Target }
– Can user with VO role X invoke service Y on resource Z?
Policy itself can be represented in many ways, e.g. XML, XACML, …
Tools available for policy editing, associating users
with roles, signing policies etc
Policies stored as attribute certificates in LDAP server

Digitally signed/tamper proof!
E-Science Institute Neuro- workshop,
28th November 2006
Finer Grained Shibboleth Scenario
Identity Provider
Service provider
LDAP
AuthN
Shib
Frontend
Home Institution
6. Make final AuthZ decision
Federation
5. Pass authentication info and
attributes to authZ function
W.A.Y.F.
User
1. User points browser at Grid
resource/portal
E-Science Institute Neuro- workshop,
28th November 2006
Grid Portal
Ok, but…
I can do authorisation but I want singlesign on to lots of distributed resources
Browser allows to keep session information so
can access other resources without signing in
again


Provided authorisation information valid for different
service providers
– Each service provider completely autonomous
Can configure attribute release/attribute acceptance
policies per identity provider/service provider
E-Science Institute Neuro- workshop,
28th November 2006
Trials & Tribulations of Scottish
Clinical Data Space
Scottish Data Space…
Scottish Care Information (SCI) Store
Scottish Morbidity Records (SMR)
General Practitioners Administration System
for Scotland (GPASS)
Data dictionary
…
Consent database
E-Science Institute Neuro- workshop,
28th November 2006
SCI Store
Batch-type system that regional health
authorities use
Includes







lab results,
biochemical,
haematology,
pathology,
microbiology,
radiology
…
Front end web based tools


input data,
querying
E-Science Institute Neuro- workshop,
28th November 2006
SCI Store…ctd
16 SCI stores across Scotland
Atos Origin commercial supplier of technology
each have their own schemas collecting
different data sets
NeSC been given SCI store software
Includes training data sets

These data sets are partial at best right now
– ~100 tables in schema, but only 10 tables used in data
provided
SQLServer back-end database
E-Science Institute Neuro- workshop,
28th November 2006
A Quick Tour of SCI Store
E-Science Institute Neuro- workshop,
28th November 2006
Scottish Morbidity Records
Scottish Morbidity Records
Good quality data sets put together by ISD







Historic SMR1 Discharges January 1981 - March 1997
COPPISH SMR01 Discharges April 1997 onwards
Historic SMR4 Discharges 1981 – March 1997
COPPISH SMR04 Admissions April 1996 onwards
GRO Death Records January 1980 - December1995
GRO Death Records January 1996 onwards
SOCRATES (Cancer Registrations) 1980 onwards
(Still) negotiating access to anonymised SMR
data sets
E-Science Institute Neuro- workshop,
28th November 2006
GPASS
General Practice Administration System for
Scotland (GPASS)
used by over 85% of GPs in Scotland

links from SCI Store to GPASS
access to GPASS software with training data
sets

XML API available for querying
– www.gpass.co.uk
E-Science Institute Neuro- workshop,
28th November 2006
Data Dictionary
Includes vocabulary for
SMR data
Clinical data
Social care data


Negotiating access to
DB back end or web
service front end to this
Will link to data
federation framework
/ tools
E-Science Institute Neuro- workshop,
28th November 2006
Consent…
E-Science Institute Neuro- workshop,
28th November 2006
Data Linkage
Achieved through Community Health
Index (CHI) number
10-character code consisting of




6-digit date of birth (DDMMYY)
two digits
9th digit which is always even for females and odd for
males
arithmetical check digit
Was scheduled for complete roll-out by 6-6-6
E-Science Institute Neuro- workshop,
28th November 2006
Distributed Data Framework
Portal
Grid Server
Access
Security
Policies
Data Server
Authorisation
Access Matrix
Security Policies
Globus
Container
OGSA-DAI
Service
User
Glasgow
Authentication
SCI Store 1
(SQL Server)
Driving
DB
SCI Store 2
(SQL Server)
Local
Trust
Policies
Remote
Trust
Policies
Consent DB
(Oracle 10g)
RCB Test
Trials DB
(SQL Server)
E-Science Institute Neuro- workshop,
28th November 2006
Local
Trust
Policies
Local
Trust
Policies
Other
Transfer
Grid
Nodes
VOTES Demonstrator(s)
Various proof of concept clinical trials
linking SCIStore, GPASS, Consent DBs
Brain Trauma network (www.brainit.org)
Collecting various data sets from brain trauma
patients across Europe
Centrally maintained repository in Glasgow
Southern General Hospital
MRI images
Physiological data sets
We have been given anonymised versions of
these data sets
E-Science Institute Neuro- workshop,
28th November 2006
E-Science Institute Neuro- workshop,
28th November 2006
E-Science Institute Neuro- workshop,
28th November 2006
E-Science Institute Neuro- workshop,
28th November 2006
E-Science Institute Neuro- workshop,
28th November 2006
E-Science Institute Neuro- workshop,
28th November 2006
Dynamicity, Scalability…?
UK Shibboleth federation based around small set of
pre-agreed attributes based on eduPerson schema
eduPersonScopedAffiliation: indicates the user’s relationship
(e.g., staff, student, etc) within the institution;
eduPersonTargetedID: needed when an SP is presented with
an anonymous assertion only, e.g.
eduPersonScopedAffiliation. This attribute provides a
persistent user pseudonym;
eduPersonPrincipalName: used where a persistent user
identifier consistent across different services is needed;
eduPersonEntitlement: enables an institution to assert that a
user satisfies an additional set of specific conditions that
apply for access to a particular resource
Grid vision for dynamic virtual organisations
Add, remove, change people, institutes, their privileges on
the fly for changing sets of resources as required by the VO
E-Science Institute Neuro- workshop,
28th November 2006
Dynamicity, Scalability…?
Dynamic Virtual Organisations for e-Science
Education (DyVOSE) project
Delegation issuing service

Remote Source of Authority trusts me to assign their roles to
my users
– Also allows me to delegate to someone else potentially at a
remote site
– I trust them to assign roles to my users directly
E-Science Institute Neuro- workshop,
28th November 2006
Future Plans
Several other projects looking to exploit
these kinds of things
Major EPSRC pilot project (£5.3M) on “Meeting the
Design Challenges of nanoCMOS Electronics”
(project just started)

Security essential in this domain including support for IP of
data, simulations, processes, licenses,…
Many other life science projects



Grid Enabled Microarray Expression Profile Search
Scottish Bioinformatics Research Network
Biochemical Pathway Simulator
Further proposals building on these solutions

Scottish Grid Service
E-Science Institute Neuro- workshop,
28th November 2006
Questions?
E-Science Institute Neuro- workshop,
28th November 2006