Stream: smart
Topic: Imaging Integration Security
Brian Wright (Mar 26 2019 at 19:30):
If creating a provider facing Smart on FHIR application supporting DICOM WEB integration for image viewing, is expectation that DICOM WEB endpoint auth is independent of SOF auth? Or is auth integration using OAuth2 token introspection to validate SOF token at DICOM endpoint something to consider if our infrastructure supports it?
Josh Mandel (Mar 26 2019 at 19:39):
It's definitely something to consider using a single authorization server with two resource servers (clinical + imaging)
Josh Mandel (Mar 26 2019 at 19:40):
We've been building prototypes in this direction and trying to socialize the idea within this community and also within the DICOM security community.
Josh Mandel (Mar 26 2019 at 19:41):
bit.ly/bof-s4s has an overview of the approach
Josh Mandel (Mar 26 2019 at 19:42):
And https://imaging.demo.syncfor.science has a demo
Last updated: Apr 12 2022 at 19:14 UTC
