I'm starting a project to add some OAuth-based authentication and
authorization basics to FreedomBox. It's called HIE of One and it's
conceived around privacy-sensitive APIs for health records and IoT

As a consumer-owned and standards-based server, the goals of HIE of One are
completely aligned with FreedomBox. By using FreedomBox as the platform,
I'm hoping to inherit the consumer-y configuration features of plinth and
the enthusiasm of the FreedomBox community. Conversely, HIE of One can
enhance the utility of FreedomBox with essential services for securely
managing RESTful APIs based on OAuth, OpenID Connect, and UMA. These
standard protocols are built on top of SSL and I hope to use Let's Encrypt
(and possibly Monkeysphere) certificates together with FreedomBox. HIE of
One will use Django as a framework with the Django public pages as the
OAuth, OIDC, and UMA machine-to-machine endpoints and the Django admin
pages as the UI for administering API authorization settings, client apps,
and identity providers.

HIE of One will support both owned hardware and owned virtual machines. My
initial target for the VM is the lowest-cost Digital Ocean droplet. At
$5/mo, it's convenient for development, accessible to SSL, easily shared
with actual patient-testers, and affordable as a "production" target. I'm
sure we will come up with better deployment options as this evolves but
this seems like a place to start.

The 0.7 getting started instructions are not obvious to me. I booted a
Digital Ocean droplet with Debian 8.2 x64 and could not figure out what to
do next. Do I need to convert to another version of Debian before I can
proceed? Will I have networking issues with FreedomBox in the Digital Ocean

I'm reasonably technical but haven't hacked much in many years. I will try
to keep careful notes of my experience and feed back to this thread.

Thank you in advance for your help with these questions!



Adrian Gropper MD

HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/
Freedombox-discuss mailing list

Reply via email to