ACCORD Approach: balancing between Security, Compliance, and Accessibility
Successful balancing between security (protecting data), compliance (meeting policy requirements), and accessibility (reducing user burden) underpins ACCORD's approach. While it's relatively simple to implement the most stringent security measures, or deploy the most comprehensive process to assure compliance, doing so tends to be detriment to the system's accessibility and scalability. To address the competing priorities of mechanism, policy, and people, ACCORD implements two key mechanisms: (1) establish an ACCORD liaison at partner institutions, and (2) implement a secure architecture for data transfer and access.
Institutional ACCORD Liaison - Compliance must be assured end-to-end, and verified to the satisfaction of the researcher's home institution. Therefore, ACCORD establishes a liaison at each partner institution. The liaison interfaces between the researcher, institutional OSP/contract/legal entities, and the ACCORD program. The liaison supports researchers to configure and test his/her ACCORD container to assure: (1) meeting researcher needs, and (2) meets/receive institutional compliance approval. Ultimately, the ACCORD liaison balances compliance with accessibility for both the researcher and the home institution.
ACCORD secure access architecture - Assuring system security is the central to ACCORD's design; yet, user accessibility must also be prioritized. To address these competing objectives, ACCORD leverages industry's latest tools and best practices, including Science DMZ, GLOBUS, InCommon/CoManage, and containers. We also develop our own utilities such as the data transfer client that coordinates a whitelist controller (poke through firewall) with the GLOBUS data transfer engine. ACCORD assures security by isolating and rigorously managing data ingress/egress processes; concurrently, ACCORD support accessibility by streamlining the user's process into an automated back-end process. Ultimately, the ACCORD security architecture balances security with accessibility for both the ACCORD system and its users.