ResVault system security plan (SSP)

View the front matter of the approved ResVault SSP with signature page

GatorVault

ResVault Flyer

ResVault is a secure computing environment where scientists and collaborators can conduct research on restricted and confidential data. The software portion, tiCrypt, was developed by Tera Insights in collaboration with the University of Florida (UF) to address the specific needs of researchers working with restricted data, specifically projects requiring compliance with NIST 800-171 and NIST 800-53 standards.

A brief overview of the what, why, and how of ResVault was presented at ResVault Day on November 9, 2017; the hour-and-a-half video of the event gives a good overview of the ResVault system, and includes a demo of the ResVault program.

A training session on the research administration for restricted data was given on Oct 12, 2018. The recording is available from the UF Media Website. It describes how the requirement for using special IT infrastructure is handled and how the right environment for each project is determined, as well as the training requirements for project participants.

The system is modeled on a bank vault where you receive:

  • An individual deposit box with secure storage for valuables
  • Privacy from other users and bank staff
  • A secure area within the vault to privately access your valuables

What does it do?

ResVault is designed to act as a workstation that is secure and pre-approved with the capacity for large-scale data storage and computation. Researchers can:

  • Securely store restricted data like:
    • electronic protected health information (ePHI) (HIPAA)
    • export-controlled data (ITAR/EAR)
    • student data (FERPA)
    • controlled unclassified information (CUI)
    • intellectual property data (IP)
  • Store and work with larger data sets than is possible on a regular workstation
  • Perform work on stored data sets with familiar software tools running on virtual machines located in the UF data center
  • Concurrently run more programs than on a regular workstation
  • Display work results on a graphical interface that is securely transmitted to remote devices such as desktops, laptops, or iPads
  • Work collaboratively with other researchers on the same data sets using different workstations

Features

properties

Read about the phases of ResVault deployment and what features will be offered.

Technical Details

wiki

Read the technical details and view a technical sketch of the ResVault system.

Laws & Regulations

regulations

Details about the laws and regulations for working with restricted data.

Use

properties

Read about the basic user interaction with ResVault.

Training Requirements

wiki

Read the training requirements for using the system.

FAQ

regulations

Frequently asked questions about ResVault.

Request ResVault Account

fisma

Request a ResVault account.