[![Documentation Status](https://readthedocs.org/projects/train-container-library/badge/?version=latest)](https://train-container-library.readthedocs.io/en/latest/?badge=latest)
![coverage](https://gitlab.com/PersonalHealthTrain/implementations/germanmii/difuture/train-container-library/badges/master/coverage.svg)
# Train Container Library
Python library for pht-train images/containers.
## Docker Images
The docker images defined by the Dockerfiles in the `docker` are the master images that need to be used when building
train images.
## Tests
Run the tests to validate the security protocol is working as intended. From this projects root directory run
`pytest train_lib`
### Available Images
- `master/python:slim`: Alpine linux image with python 3.8 and the security protocol installed.
- `master/python:ubuntu`: Ubuntu 20.04 image also with python 3.8 and the security protocol installed
- `master/python:dl`: GPU enabled Ubuntu 18.04 image with tensorflow and pytorch and the SP preinstalled
- `master/python:ml`: Ubuntu 20.04 image with additional ml libraries (sklearn, pandas, etc) installed
- `master/r:ml`: Ubuntu 20.04 image with R and r machine learning packages installed
## Security Protocol
The pht security protocol adapted from `docs/Secure_PHT_latest__official.pdf` performs two main tasks:
1. Before executing a train-image on the local machine, unless the station is the first station on the route, the
previous results need to be decrypted and the content of the image needs to be validated based on the configuration
of the individual train -> `pre-run`.
2. After executing the train the updated results need to be encrypted and the train configuration needs to be updated to
reflect the current state ->`post-run`.
To function the protocol expects two environment variables to be set:
1. `STATION_ID` String identifier that has public key/s registered with the central service
2. `RSA_STATON_PRIVATE_KEY` Hex string containing the private key to be used for decryption and signing.
### Pre-run protocol
The pre-run protocol consists of the following steps
1. The hash of the immutable files (train definition) is verified making sure that the executable files did not change
during the the train definition.
2. The digital signature is verified ensuring the correctness of the results at each stop of the train.
3. The symmetric key is decrypted using the provided station private key
4. The mutable files in `/opt/pht_results` are decrypted using the symmetric key obtained in the previous step
5. The decrypted files are hashed and the hash is compared to the one stored in the train configuration file.
Once these steps have been completed the image is ready to be executed.
### Post-run protocol
1. Calculate the hash of the newly generated results
2. Sign the hash of the results using the provided `RSA_STATION_PRIVATE_KEY`
3. Update the the train signature using the session id that is randomly generated at each execution step
4. Encrypt the resulting files using a newly generated symmetric key
5. Encrypt the generated symmetric key with the public keys of the train participants
6. Update the train configuration file
With the completion of these steps the train is ready to be pushed into the registry for further processing
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
共37个文件
py:28个
txt:5个
pkg-info:2个
资源分类:Python库 所属语言:Python 资源全名:pht-train-container-library-0.9.0.tar.gz 资源来源:官方 安装方法:https://lanzao.blog.csdn.net/article/details/101784059
资源推荐
资源详情
资源评论
收起资源包目录
pht-train-container-library-0.9.0.tar.gz (37个子文件)
pht-train-container-library-0.9.0
PKG-INFO 4KB
train_lib
train
NfcoreTrain.py 3KB
ExampleTrain.py 4KB
FHIRAverageAgeTrain.py 2KB
__init__.py 47B
ISICTrain.py 17KB
HIV_Train.py 6KB
build_test_train.py 5KB
__init__.py 0B
docker_util
docker_ops.py 4KB
validate_master_image.py 5KB
__init__.py 0B
security
HomomorphicAddition.py 2KB
SecurityProtocol.py 23KB
Hashing.py 2KB
__init__.py 47B
SecurityErrors.py 247B
SymmetricEncryption.py 2KB
KeyManager.py 7KB
Primes.py 2KB
clients
rabbitmq.py 18KB
__init__.py 87B
pht_client.py 7KB
fhir
fhir_query_builder.py 4KB
FhirLoading.py 10KB
fhir_client.py 18KB
__init__.py 38B
fhir_k_anonymity.py 2KB
setup.cfg 86B
setup.py 1KB
pht_train_container_library.egg-info
PKG-INFO 4KB
requires.txt 154B
SOURCES.txt 1KB
top_level.txt 10B
dependency_links.txt 1B
README.md 3KB
LICENSE.txt 1KB
共 37 条
- 1
资源评论
挣扎的蓝藻
- 粉丝: 13w+
- 资源: 15万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功