| Resumo: | Healthcare data is more available than ever through the power of the internet: a researchercan access the healthcare record of a person, information that could even include his DNAsequence, from his computer. Each country and even each organization might have theirown repository with this information, with varying levels of access control, if they haveany, and without a unified interface to access this information. Accessing healthcare dataacross various repositories, even if given access for each system, is complicated and timeintensive because of all the different repository access control systems, the authenticationschemes they use and the different legislation regulating data access for each country.This thesis is developed as part of the iReceptor+ project which aims to improve se-curity in DNA healthcare repositories. The aim of this thesis is to implement an accesscontrol system with federated authentication on top of an unified HTTP+JSON API in-terface: AIRR ADC API defined by the AIRR community (miairr-api, n.d.), for the mainrepository types in use for DNA based medical data, such as iReceptor Turnkey (ireceptor-repositories, n.d.), sciReptor (scireptor-docs, n.d.) and immuneDB (Lab, 2018), allowinga researcher, authenticated through an Identity Provider in a Federated Login system, toaccess different levels of information, such as public data, statistics about DNA informa-tion and DNA sequences. Each level of information can have different access control,generally the more aggregated the information the easier the access, to each level, accessis granted to the researcher by the owner of that information.Each organization may have their own repository with DNA data exposing an ADCinterface so a search engine exists to be able to search these repositories and so this inter-face and others need to be able to search repositories protected as part of this project.
|
|---|