Replacing Sneaker Net with the Internet DRE XE L UNIVE RSIT Y – iSCHOOL INFO6 14 – DISTRIB UT E D COM PUT IN G & NE TWORKING FINA L PROJE CT

Problem Statement • Paper Routing of Proposals

• Slow

• Opaque

• Financial Reporting • Information not current

• Network Infrastructure Lacking • Licensing

• Hardware

Problem – Paper Proposal Routing

Vice Provost for Research Administration

College of Arts and Sciences Dean

Biology Chair

Primary Investigator

Chemistry Chair

Co-Investigator

(1)

Co-Investigator

(2)

College of Medicine Dean

Biochemistry Chair

Co-Investigator

(3)

Microbiology and

Immunology Chair

Co-Investigator

(4)

Requirements • Deliver user specific electronic action item list for grant proposals

queued for electronic signatures

• Must be 21CFR11 Compliant Electronic Signature and Records

• Deliver user specific COEUS® and Banner Financial Reporting

• Use Hyperion 11 Interactive Reporting Web Server/Client Technology

• Use SSL Encryption for COEUS and Banner Financial data.

• Use the VPN as required by Drexel University.

• Support 1,300 users.

In Scope • Application Access and Security for:

• COEUS® Research Administration System

• Hyperion® 11 Interactive Reporting Web Server/Client Technology

• On Campus Network Access and Security

• Off Campus Network Access and Security

• Digital Signatures • Code of Federal Regulation Title 21 Part 11

• Drexel University’s Acceptable Use Policy

Out of Scope • The discussion of fund level security as administered by the Banner

Financial System based on department level hierarchy.

• The discussion of module specific security as administered the COEUS System.

• Drexel University and Drexel College of Medicine Financial Merger

• Drexel’s migration to Central Authentication Service (IRT, 2013)

Security • User Access

• LDAP - Lightweight Directory Access Protocol

• VPN – Virtual Private Network

• Electronic Signatures • Code of Federal Regulations Title 21 Part 11 – Electronic Records; Electronic

Signatures

• Drexel University's Acceptable Use Policy

User Access • On Campus

• Authenticate on the Network • LAN • Wi-Fi

• Authenticate in Hyperion

• Authenticate in COEUS

• Off Campus • VPN

• Authenticate in Hyperion

• Authenticate in COEUS

Electronic Signatures • Definitions:

• Digital signature means an electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified. • RFC 3112 LDAP Authentication Password Schema • RFC 1321 MD5 Hash (Message-Digest Algorithm that produces a 128-bit hash value)

• Electronic signature means a computer data compilation of any symbol or series of symbols executed, adopted, or authorized by an individual to be the legally binding equivalent of the individual's handwritten signature. • RFC 4519 LDAP Schema for User Applications • Drexel University’s Acceptable Use Policy

Drexel University’s Acceptable Use Policy

“…the password used with an account, is the equivalent of an electronic signature. The use of User ID and password authenticates an identity and gives on-line affirmations the force of a legal document.”

(Drexel University Office of the General Council, 2013)

Technology – Internet Protocols • Lightweight Directory Access Protocol (LDAP) employed at the

Application Layer

• Virtual Private Network (VPN) is employed at the Network Layer (aka: Tunneling Protocol)

• Internet Protocol Security (IPsec) is employed at the Network Layer

• Secure Sockets Layer (SSL) is used at the Application Layer

• Hypertext Transfer Protocol (HTTP) is utilized at the Application Layer

• Transmission Control Protocol (TCP) is a Transport Layer

• Internet Protocol (IP) is a Network Layer

Technology - Hardware • LDAP Server

• Active Directory Server

• Firewall Security Appliance

• Storage Area Network Servers (SANS)

• Oracle Database Servers

• SSL Encrypted Application Servers

• Load Balancing Switches

• Desktops

• Laptops

• Tablets

• Smart Phones

Technology - Software • Cisco AnyConnect Secure Mobility Client Application

• COEUS® Application

• Hyperion® 11 Application

CISCO AnyConnect Secure Mobility Client

Network Design

Financial Analysis – Research Revenue

Institutional Research

Statistics for FY 2012 Dollars

Project

Count

Average Dollars Per

Project

Awarded Research $97,483,828.00 614 $158,768.45

Overhead Recovered on Active

Awards $22,472,023.88 983 $22,860.66

Proposed Research Projects

Submitted $734,581,698.00 1,328 $553,148.87

Financial Analysis – Network Expenses

Description Costs

Hyperion Interactive Reporting - Per Processor License $69,000.00

Software License & Support $15,180.00

Application Server (2) $2,378.00

Load Balancer (1) $1,899.00

Total Setup Expenses $88,457.00

Financial Analysis – Estimated Labor Costs

Description Costs

Federal Work-study Rate Per Hour $7.25

Average Labor Hours per Proposals 8.00

Labor Cost per Proposal $58.00

Total Annualized Labor Cost (Based on FY 2012 Proposals

Submitted 1,328) $77,024.00

Financial Analysis - Summary • Labor Cost Recovery ROI Analysis

• Network Setup Expenses $88,457.00 divided by the Estimated Annualized Labor Cost $77,024.00 yields an ROI of 14 months

• Overhead Recovery ROI Analysis • For every $7.54 dollars Proposed we yield $1.00 in Grant Award Revenue

• Our Effective Overhead Recovery Rate for FY 2012 was 23.5%

• We need $384,596 Award Revenue to generate $88,457 in Overhead Recovery

• We would need to increase the Annually Proposed Amount by $2,898,092 or 4/10ths of a percent or by six (6) proposals.

COEUS Approval Dashboard

https://coeus.drexel.edu/coeus/displayProposal.do?proposalNo=00003141

COUES Electronic Proposal Approval Page

Financial Reporting Dashboard Mockup

Thank you. INFO 6 14 – B E ST DRE XE L CLA SS E VE R