Security, governance and compliance in FRIDGE is a shared responsibility between the TRE Operator Organisation and theFRIDGE Hosting Organisation. The Resource Allocator also plays a more minor role in judging the suitability of a project. A summary of the distribution of responsibilities, and their relation to the 5 Safes is shown in Figure 1
Figure 1:A high-level view of the responsibilities shared between the three key organisations. Each responsibility is mapped to one of the 5 Safes.
This shared model helps to distribute operational burden appropriately across parties:
The TRE Operator Organisation assumes responsibility for the research environment including the TRE platform and code, identity and access management, and encryption. Furthermore they retain all responsibility for governance processes such as output management and researcher accreditation.
The FRIDGE Hosting Organisation operates the physical and logical hosting environment for the satellite TRE, providing a secure tenancy to the TRE Operator Organisation.
The Resource Allocator retains responsibility for ensuring that computing resources are allocated to the FRIDGE instance or on a per project basis.
Organisations should carefully consider their role within this model, as responsibilities vary depending on how FRIDGE services are integrated into existing TRE operations and the applicable legal, regulatory and data governance frameworks in place.
Shared Processes¶
While the shared responsibility model clearly delineates ownership, operating safely in practice requires a set of agreed cross-boundary processes. Responsibility for a control does not eliminate the need for coordination with other parties in exercising it. Such shared processes are described in FRIDGE Lifecycle and Data Flow.