Using sciCORE+

sciCORE+ Portal

Your sciCORE+ secure project space (alson known as sciCORE+ tenant or B-space) is best accessible through the dedicated portal that was assigned to your project as agreed during the onboarding process.

At sciCORE, we offer two portals:

• The National Portal (BioMedIT or DCC Portal) supports national projects and facilitates collaboration with partners from across Switzerland and around the globe.
• The Local Portal is tailored to university-based projects and primarily serves local research teams.

Access to the portal is secured via SWITCH edu-ID login and two-factor authentication (2FA).

Through both Portals, authorized users can:

• access and manage their research projects,
• assign and manage the project users and
• keep track of data transfers.

Info

The information each user can access and manage depends on the role they have been assigned.

---

sciCORE+ Project user roles

Project user roles are set for each project. Each authorized sciCORE+ user can have several user roles and can be assigned access to several projects.

Role	Permissions
Project Leader (PL)	Responsible for overall project. Oversees data lifecycle management. Primary contact for escalations/security incidents Coordinates with BioMedIT Node on setup. Authorizes data transfers out of B-space.<.li> Default Permissions Manager (can assign others). Ensures at least one Data Manager is assigned. May act as PM, DM, or User. Revokes user access rights. Receives notifications on user changes. Multiple PLs can be assigned.
Permissions Manager (PM)	Accountable to Project Leader. At least one PM required per project. Assigns User and Data Manager roles. Grants/revokes project access. Main contact for onboarding new users
Data Manager (DM)	Accountable to Project Leader. At least one DM required per project. Unpacks/decrypts data in B-space Extracts data only with PL authorization. Submits Data Transfer Requests (DTRs)
User	Accountable to Project Leader Access to project spaces after authorization. Conducts data processing in B-space.
Unassigned Role	Accountable to Project Leader Can view project details in Portal. No access to B-space. Mutually exclusive with other roles.

Login

Before you begin, please make sure that you have an active SWITCH edu-ID account:

• To create a SWITCH edu-ID click here.
• For more information and help regarding creating a SWITCH edu-ID, please visit the SWITCH edu-ID FAQs.
• To enable 2FA for your SWITCH Edu-ID account visit this link and follow the instructions under “Security - Multi-factor Authentication (MFA).

Once your SWITCH edu_ID is setup, you can login to the portal assigned to your project:

• To login to the National portal, go to https://portal.dcc.sib.swiss/.
• For the local portal, go to: https://portal.scicore.unibas.ch/. The SWITCH edu-ID authentication button will appear. Click on the button and follow the instructions on the screen. Upon successful login the Portal Home will be displayed.

---

Home

As soon as you log in with your SWITCH edu-ID, the home page displays the menu bar of the left side, the Quick Access Panel with shortcuts to central services in the middle, and the BioMedIT Feed on the right, where you may find news and announcements from the BioMedIT Team.

Info

The Portal classifies user accounts by role, and the menu options visible for each user will depend on the role assigned. A Data Provider, a Project Leader, or a visitor without a specific role will all see different default menu options.

---

Profile

In the Profile section you can view and manage your account details, as well as configure OpenPGP and SSH keys. Keys are needed for encrypting and decrypting the data for transfer. Below you can find a description on the information in each tab:

My Profile

The My Profile tab displays your account information:

• Name: Your full name
• Username: Your SWITCH edu-ID identifier
• Local Username: The username you set during your first Portal login
• Email: Your currently selected contact email from SWITCH edu-ID
• Affiliations: Organizations linked to your edu-ID
• IP Address: The IP address you’re currently using to access the Portal
• Flags: Flags activated for your account
• Groups: List of user groups you belong to

Important

All personal information is sourced from your SWITCH edu-ID account. To update personal details or affiliations, please use the SWITCH edu-ID portal.

OpenPGP Keys

The OpenPGP Keys tab lists the PGP keys you’ve registered in the Portal and their status.

Key Information Displayed:

• Fingerprint: Unique identifier for the PGP key. Verify this matches your local key.
• User ID: Typically includes your full name (and optionally affiliation).
• Email: Associated email address.
• Status: Approval stage of your key:

Status	Description
PENDING	Key submitted, waiting for manual approval (may take a few days)
APPROVED	Key is verified and can be used for BioMedIT data operations
APPROVAL-REVOKED	Approval has been removed by the key authority
KEY-REVOKED	Key was revoked by its owner
REJECTED	Key is not trusted by BioMedIT
DELETED	Key was removed from the keyserver
UNKNOWN KEY	Key not registered; owner must register it

Registering a New PGP Key

You can create and register your PGP key using the sett tool. Please refer to the sett user guide for detailed steps.

To Register your key:

1. Go to Profile > OpenPGP Keys
2. Click +OPENPGP KEY
3. In the dialog, enter your key’s fingerprint
4. Click the green search icon
5. If found, verify the retrieved User ID and Email
6. Click CONFIRM

Your key will be registered and a manual approval request sent to the DCC. While waiting for approval, the status remains PENDING.

SSH Keys

The SSH Keys tab allows you to add a public SSH key for specific project access.

Registering an SSH Key:

1. Click +SSH KEY
2. Choose the appropriate project from the dropdown
3. Paste the contents of your public SSH key
4. Click SAVE

---

Projects

The Projects section in the BioMedIT Portal offers users a centralized view and management interface for their project-related activities and resources.

• Project Members can view project details, monitor data transfers and access tools and services linked to their projects.
• Project Leaders and Permission Managers have the ability to manage project members.
• Data Managers can initiate data transfer requests.

Project Tabs

The Projects menu displays a list of projects the user is involved in. Projects can be filtered using the search functionality.

Clicking on a project opens a detailed view with multiple tabs:

1. Project Details
2. Data Transfers
3. Resources
4. Services
5. Users
6. Additional Information
7. User Role History

Tabs	Description
Project Details	Code: Unique identifier of the project Hosting Node: The node hosting the project (name and code) Archived: Indicates if the project is archived (Yes/No) Expiration Date: When the project access will expire Legal Approval Group: Responsible for verifying legal compliance and approving production data transfers Data Specification Approval Group: Reviews and approves data specifications in transfer requests Legal Support Contact: Email address for legal or ethical support inquiries Enable SSH Access: States whether SSH access is active for the project Enable Resources / Services: Indicates whether the respective tabs should be shown Identity Provider: Typically SWITCH edu-ID, though other pre-approved identity sources may apply IP Ranges: Lists allowed IP ranges for accessing B-spaces
Data Transfers	Shows all data transfer requests submitted within the project. Use the Search field to locate specific transfers by keywords +DATA TRANSFER button (visible only to Data Managers) allows initiating a new request. For details please check the Submitting a Data Transfer Request (DTR) chapter. This tab mirrors the functionality found in the Data Transfers menu
Resources	Displays tools and applications specific to the hosting node for the selected project. Each entry includes: Name Location: URL to access the tool Contact: Email for support Description: Brief explanation of the resource Resources are project-specific and do not support user-level assignment. Use the Services tab for more flexibility.
Services	A more flexible alternative to Resources, this tab includes tools and services that can be assigned both at the project level and to individual users. Please contact the sciCORE+ administrators if you need to add extra services in this tab for your project
Users	Lists all project participants and their assigned roles. Authorized Flag: If a user has completed the required BioMedIT Information Security Awareness Training, a badge labeled biomedit_training_flag is displayed. Terms of Use Accepted: Shows the version number of the Terms of Use accepted by the user (e.g., 2.3)
Additional Information	Contains notes, comments, and other relevant details about the project.

Info

If accessing from an unlisted IP, users see: “Your IP address is not within the valid IP address ranges of the project.”

Info

The Additional Information tab is editable only by administrators (Node Managers and BioMedIT Support).

---

Managing Project Users

Info

This functionality is only available to users with the Project Leader and/or Permissions Manager role.

When you click the Edit project button in the top-right corner of the project page, you’ll be redirected to the project editing interface.

Adding Users to a Project

Info

The user must already have a registered account in the Portal.

1. In the Users field, enter the full email address of the user and click +USER.
2. A confirmation dialog will appear showing the user’s details.
3. Review the information and click ADD to confirm.
4. You’ll be returned to the project users list.
5. Assign a role to the new user by selecting the appropriate checkbox(es).
6. Click SAVE to apply the changes.

Once a new user has been added to the project, please contact scicore-admin@unibas.ch so that the access to the secure environment can be enabled in the backend. This only needs to be done for new project users; existing users with new roles, will be updated automatically.

Removing Users from a Project

To remove a user, a Project Leader or Permissions Manager should:

1. Click the x next to the user’s name.
2. After making any changes, click SAVE.

---

Data Transfers

This section describes the Data TRansfers menu in the portal. For information on how to prepare your data for transfer, as well as for methods to transfer the data, please refer to the Data Transfers section on the left of this page.

Submitting a Data Transfer Request (DTR)

Only users with the Data Manager role can submit a DTR. To submit a DTR, follow the steps below:

1. Navigate to the Data Transfers Tab within your project
2. Click +DATA TRANSFER to open the creation form.

3. Complete the following fields:

   • Transfer Type: Choose Unlimited or One Package
   • Data Provider: Select from the dropdown
   • Mode: Select TEST for mock data or PRODUCTION for real patient data
   • Additional Recipients: Enter the email(s) of any additional Data Managers that can act as data recipients for the transfer and click +USER
   • Legal Basis (optional, for PRODUCTION data): Provide the name of the legal agreement (e.g., DTUA, DTPA)
   • Data Specification (optional, for PRODUCTION data): Add a link to the data specification

4. Click SAVE.

Info

If you need to onboard a new data provider for your project, that is not in the dropdown list, please contact us at scicore-admin@unibas.ch

Warning

Providing a Legal Basis and a Data Sepcification is currently mandatory for SPHN projects.

A new DTR will be created with the INITIAL status. Email confirmations will be sent to the requester, recipients, and approvers.

DTR Approvals

When a Data Transfer Request (DTR) is created, the following approvals are triggered in parallel:

1. Node(s) Approval
   The involved BioMedIT Node(s) confirm the legal basis for the transfer and verify technical readiness.

2. Legal Compliance Approval
   Required for SPHN/NDS projects. Verified by the DCC ELSI Help Desk. Non-SPHN projects may define a local Legal Compliance group.

3. Data Specification Approval
   For SPHN projects, the DCC reviews the data specification to ensure compliance with the SPHN Semantic Interoperability Framework.

4. Data Provider Coordinator Approval
   Triggered only after the above approvals are submitted. Confirms internal governance clearance for the data delivery.

When all approvals are granted, the DTR status becomes AUTHORIZED, and data transfer may begin. Notification emails are sent to all parties involved.

If any approver rejects the request, the status changes to UNAUTHORIZED.

Monitoring DTR Approval Status

The status of each DTR appears in the last column of the DTR list.

Status	Description
INITIAL	DTR submitted, pending approval
AUTHORIZED	All approvals received; data can be transferred
EXPIRED	Data transfer limit reached; no further transfers allowed
UNAUTHORIZED	DTR revoked or rejected due to legal, technical, or user issues

Viewing DTR Details

Clicking a DTR opens a window with three tabs:

• Details
  Displays the values submitted in the DTR form, including the number of Transferred Packages sent under this DTR ID.

• Logs
  Displays the transfer logs and routing information. For each package, the following information is shown:

  • Package Name: Filename of the data package
  • Sender: User who signed the data, including (at least) their fingerprint
  • Arrived: Date/time the package was sent and received in the landing zone
  • Deleted: Date/time the package was deleted from the landing zone
  • Recipients (in ‘detailed view’): User(s) the data was encrypted for, including (at least) their fingerprint

• Approvals
  Shows the current approval status by group.

Download data transfer list

By clicking on the download icon at the top-right corner, users can download the list of DTRs in csv format.

---

Terms of Use

In the Terms of Use menu, chose the sciCORE+ tab. You will see a READ AND ACCEPT button next to any Terms of Use if you have not accepted them yet. Clicking this button opens the Terms of Use page, which includes:

• The full text of the sciCORE+ Terms of Use
• A checkbox:
  [x] I have read and understood the node’s terms of use
• A CONFIRM button

Once confirmed:

• The sciCORE+ administrator is notified by email
• The accepted version is shown in the Users tab of the Projects overview table

Info

Once accepted, the Terms of Use cannot be rejected again.