Cornell University Cornell University CISER

CISER Secure Data Services:  CRADC

What is CRADC?

The Cornell Restricted Access Data Center (CRADC) was established in October 1999 as a pilot site sponsored by the National Science Foundation to provide secure access to confidential research data. In May 2005, the Office of the Vice-Provost for Research designated CRADC as the University custodian of restricted access data sets.

Cornell researchers can acquire, house, and use restricted data in CRADC's secure computing environment. It is a customized, state-of-the-art research facility to manage access restrictions required by data providers. We provide the following services.

Assistance with preparing data security plans

CRADC staff have considerable experience working with data providers. Our environment houses datasets distributed by the following agencies, among many others:

  • Healthcare Cost and Utilization Project
  • Inter-university Consortium for Political and Social Research (ICPSR)
  • U.S. Bureau of Labor Statistics, National Longitudinal Surveys Program
  • U.S. Equal Employment Opportunity Commission
  • University of Michigan's Institute for Social Research

Staff work with researchers to tailor and implement security plans meeting provider requirements. A restricted access data agreement is also a formal contract between the University and a provider. We work with Cornell's Office of Sponsored Programs and Institutional Review Board for Human Participants to ensure compliance with University policies. See our recommended procedures for obtaining data.

CRADC houses both Restricted access data:

Data that must be used with appropriate confidentiality protections as specified in a formal agreement.

restricted access and Licensed data:

Data used within an agreement that protects the provider's intellectual property (e.g., copyright).

limited use licensed data products. As a general policy, it does not house public-use data products unless their access is an integral part of an approved CRADC project.

Secure computing environment

CRADC’s secure computing environment consists of a Windows domain which is secured by a firewall and meets or exceeds U.S. Defense Department C-2 standards for trusted computing environments. CRADC computing accounts are limited to those using restricted data for scientific research. Features of the CRADC environment include:

  • Three 64-bit computing servers and a file server
  • Access by Remote Desktop Connection or Terminal Services Client
  • A domain controller employing user-based authentication
  • Strictly enforced protocols for selecting and changing user passwords
  • No connection to the outside world via FTP, e-mail, Web, print, or disk mapping facility

As determined by use agreements, data custodians may remove non-confidential summary data and programming at the request of an authorized user. Files removed comply with the data use agreement governing the confidential data product.

Access to sophisticated statistical tools

Our goal is to provide a research computing environment tailored to the needs of social science researchers. CRADC servers support many software packages for data analysis and other tools for organizing researchers' work. All software is installed so that temporary files created by an application are saved in the data user's private disk space, not in areas where unauthorized users may have access. Listed below is a selection of software installed in the CRADC environment.

See what software is available on the CRADC system