2.1.1.
Could specify system clipboard on the local device
These might be a little obvious but ... there is no mandatory requirement to prevent upload and download of files suggest two additional statements
2.1.x
Statement: You must not allow users to download files from the TRE to a user's local device.
Guidance: A TRE user must not be able to download sensitive data out of a workspace.
Importance: Mandatory
2.1.x
Statement: You must not allow users to upload files to the TRE from a user's local device.
Guidance: A TRE user must not be able to upload data or software to a workspace.
Importance: Recommended/Mandatory
2.1.5
Might this belong in the training section i.e. Training Delivery and Management under IG. However, if this about the specific software being used, if the TRE is providing familiar software for users, is it the reponsibility of the TRE to provide guidance on using the data consumer's prefered/own tools?
2.1.6
Should guidance include advice that users should be made aware if workspaces are automatically updated as it might affect reproducibility, either as a direct result of security changes, or aidditional code changes that are enforced by the update?
2.1.8
Guidance: suggest removing 'Poorly designed'. A file system system could be well designed but just isn't appropriate across multiple projects.
2.1.9
Guidance: is it creep for software tools to be responsible for ensuring 'that any network connections are secure'. Perhaps 'and that the connection is only used for licensing purposes.
2.2
The TRE Builder is deploying and managing the TRE infrastructure, in the role definition they only deploy. Point here ties in with comments on roles, that distinguishes between an operator and an admin role. Perhaps this is pushing more into 'Builder' or an operator may be modifying the TRE rather than deploying from scratch, while an admin is working within, configuring the TRE.
2.2.6 Infrastructure Removal Process
Does this need to distinguish between physically removing infrastructure and e.g. in cloud or be made explicit that it is referring to physical infrastructure where appropriate. A e.g. a user can automatically 'remove infrastructure' in TREEHOOSE. It's not documented per se, they just have that capability.
2.2.9
'Your TRE must control and manage all of its network infrastructure. ...' What does all mean in this context. Even on-premise the TRE will likely be deployed on top of a core network infrastructure outwith the control of the TRE.
2.2.10
Statement: query. TRE must not allow connectivity between project seems a repetition but is arguably distinct. Access to different datasets seems to pertain more to a permission or computing provision rather than a networking one.
2.2.11
Should inbound traffic also be blocked from workspaces? This may be specific to how TREEHOOSE/TRE on AWS operates, with a secure desktop in front of the research workspace.
2.2.14.
Guidance: query. If recording usage data is mandatory, should guidance be more prescriptive in the type of data stored.
2.2.15
Guidance: query. Does this mean each time a project is given access to data. Or specifically every time the data is touched?
2.3 Capacity management
2.3.1/2.3.2/2.3.3 Capacity Planning Process
2.3.4 Billing Process
Statement: query. This is at the TRE level. Should there also be a consideration at the project level. Will depend upon funding and cost recovery models employed by the TRE. If TRE are recovering costs from projects perhaps an additional statement with TRE->project and Importance recommended/optional. I believe this is distinct from the guidance referencing projects which is more of how a TRE will prevent overspend.
Other things that might be be considered?
data centre compliance
software stacks that TRE is deployed onto
IAM either running your own or federating to institutional
Backups and data persistence
Accessibility
logging network traffic and activity, to all components of the TRE
2.1.4... End user software tools potential inconsistent capitalisation of component titles
Definition: suggested rephrasing
This application component concerns the tools used by data consumers inside a TRE, such as programming languages, IDEs and desktop applications.
2.1.4
Statement: suggested rephrasing
Your TRE should be accessible via a user interface using common applications.
2.1.10
Statement: suggested rephrasing
Your TRE must provide software applications that are required by the data consumers working in the TRE.
2.3 Capacity management
2.3.1
Statement: suggested rephrasing
You must ensure that all projectsmembers understand what resources are available and what the associated costs will be before the project starts.
*Guidance: missing fullstop 'used. Projects'
Summary
Suggestions/Comments on Computing Technology
Source
Personal contribution
Detail
2.1. End user computing
2.1.1/2.1.2/2.1.3 End user computing interfaces
2.1.1. Could specify system clipboard on the local device
These might be a little obvious but ... there is no mandatory requirement to prevent upload and download of files suggest two additional statements
2.1.x Statement: You must not allow users to download files from the TRE to a user's local device. Guidance: A TRE user must not be able to download sensitive data out of a workspace. Importance: Mandatory
2.1.x Statement: You must not allow users to upload files to the TRE from a user's local device. Guidance: A TRE user must not be able to upload data or software to a workspace. Importance: Recommended/Mandatory
2.1.5 Might this belong in the training section i.e. Training Delivery and Management under IG. However, if this about the specific software being used, if the TRE is providing familiar software for users, is it the reponsibility of the TRE to provide guidance on using the data consumer's prefered/own tools?
2.1.6 Should guidance include advice that users should be made aware if workspaces are automatically updated as it might affect reproducibility, either as a direct result of security changes, or aidditional code changes that are enforced by the update?
2.1.8 Guidance: suggest removing 'Poorly designed'. A file system system could be well designed but just isn't appropriate across multiple projects.
2.1.9 Guidance: is it creep for software tools to be responsible for ensuring 'that any network connections are secure'. Perhaps 'and that the connection is only used for licensing purposes.
2.2
The TRE Builder is deploying and managing the TRE infrastructure, in the role definition they only deploy. Point here ties in with comments on roles, that distinguishes between an operator and an admin role. Perhaps this is pushing more into 'Builder' or an operator may be modifying the TRE rather than deploying from scratch, while an admin is working within, configuring the TRE.
2.2.6 Infrastructure Removal Process Does this need to distinguish between physically removing infrastructure and e.g. in cloud or be made explicit that it is referring to physical infrastructure where appropriate. A e.g. a user can automatically 'remove infrastructure' in TREEHOOSE. It's not documented per se, they just have that capability.
2.2.9 'Your TRE must control and manage all of its network infrastructure. ...' What does all mean in this context. Even on-premise the TRE will likely be deployed on top of a core network infrastructure outwith the control of the TRE.
2.2.10 Statement: query. TRE must not allow connectivity between project seems a repetition but is arguably distinct. Access to different datasets seems to pertain more to a permission or computing provision rather than a networking one.
2.2.11 Should inbound traffic also be blocked from workspaces? This may be specific to how TREEHOOSE/TRE on AWS operates, with a secure desktop in front of the research workspace.
2.2.14/2.2.15/2.2.16 Infrastructure analytics application
2.2.14. Guidance: query. If recording usage data is mandatory, should guidance be more prescriptive in the type of data stored.
2.2.15 Guidance: query. Does this mean each time a project is given access to data. Or specifically every time the data is touched?
2.3 Capacity management
2.3.1/2.3.2/2.3.3 Capacity Planning Process
2.3.4 Billing Process Statement: query. This is at the TRE level. Should there also be a consideration at the project level. Will depend upon funding and cost recovery models employed by the TRE. If TRE are recovering costs from projects perhaps an additional statement with TRE->project and Importance recommended/optional. I believe this is distinct from the guidance referencing projects which is more of how a TRE will prevent overspend.
Other things that might be be considered?
Where
https://satre-specification.readthedocs.io/en/latest/pillars/computing_technology.html
Proposal
2.1.4... End user software tools potential inconsistent capitalisation of component titles
Definition: suggested rephrasing This application component concerns the tools used by data consumers inside a TRE, such as programming languages, IDEs and desktop applications.
2.1.4 Statement: suggested rephrasing Your TRE should be accessible via a user interface using common applications.
2.1.10 Statement: suggested rephrasing Your TRE must provide software applications that are required by the data consumers working in the TRE.
2.3 Capacity management
2.3.1 Statement: suggested rephrasing You must ensure that all project
smembers understand what resources are available and what the associated costs will be before the project starts. *Guidance: missing fullstop 'used. Projects'Who can help
No response