Merge pull request #9 from blezek/remove_box_add_readme

Remove box add readme

README.md

@@ -0,0 +1,223 @@
+# DICOM for NiFi
+
+[`nifi-dicom`](https://github.com/blezek/nifi-dicom) adds DICOM features to Apache's [NiFi](https://nifi.apache.org/) package. The new [`Processors`](https://nifi.apache.org/docs/nifi-docs/html/developer-guide.html) reside in a `nar` file and extend NiFi with several new processors. The `Processors` are self-documenting, with some details below.
+
+The `nar` file releases can be [downloaded from GitHub](https://github.com/blezek/nifi-dicom/releases).
+
+## Building
+
+```bash
+# Run tests
+./gradlew test
+# Build the nar file, in build/libs
+./gradlew nar
+```
+
+## Install
+
+To install `nifi-dicom` copy the `nar` file into the `lib` directory of your NiFi install and restart NiFi.
+
+```bash
+cp build/libs/nifi-dicom*.nar $NIFI_HOME/lib
+```
+
+## Notes on Encryption
+
+[DICOM Supplement 55 Attribute Level Confidentiality](http://dicom.nema.org/Dicom/supps/sup55_03.pdf) covers the proper procedure for deidentification of DICOM data, and potential later recovery of the original PHI. The secret sauce is to encrypt a set of tags and embed into the deidentified DICOM. Later, with the proper key or password, the data can be recovered.
+
+A [Nifi controller](https://nifi.apache.org/docs/nifi-docs/html/user-guide.html#Controller_Services) providing deidentification using the [PixelMedNet DICOM Cleaner](http://www.pixelmed.com/cleaner.html) application. Removed or modified attributes are encrypted using the [Bouncy Castle FIPS](https://www.bouncycastle.org/fips_faq.html) code (distributed with the source code).
+
+To keep `UID` remapping consistent, this processor needs to be associated with a `DeidentificationService`.
+
+
+
+`DeidentifyEncryptDICOM` has these relevant properties:
+
+* `Password`: password used to encrypt, needed for decryption
+* `Iterations`: number of iterations to use in encryption, more is better for security but costs CPU cycles
+
+`DecryptReidentifyDICOM` decrypts and reidentifies DICOM data. Must use the same `password` as `DeidentifyEncryptDICOM` or the data will not be recoverable. Has the option (`Accept new series`) to preserve the `SeriesInstanceUID` and `SOPInstanceUID` in the deidentified data. This is mainly useful for analytics that create new series and instances.
+
+Relevant properties:
+
+* `Password`: password for decryption, must match the `DeidentifyEncryptDICOM` password
+* `Accept new series`: if `true`, new series are allowed, otherwise they are rejected
+
+## Processors
+
+### DeidentifyDICOM
+
+This processor implements a DICOM deidentifier. The DeidentifyDICOM processor substitutes DICOM tags with deidentified values and stores the values.
+
+#### Properties:
+
+* `Deidentification controller`: Specified the deidentification controller for DICOM deidentification
+* `Generate identification`: Create generated identifiers if the patient name did not match the Identifier CSV file
+* `Keep descriptors`: Keep text description and comment attributes
+* `Keep series descriptors`: Keep the series description even if all other descriptors are removed
+* `Keep protocol name`: Keep protocol name even if all other descriptors are removed
+* `Keep patient characteristics`: Keep patient characteristics (such as might be needed for PET SUV calculations)
+* `Keep device identity`: Keep device identity
+* `Keep institution identity`: Keep institution identity
+* `Keep private tags`: Keep all private tags. If set to 'false', all unsafe private tags are removed.
+* `Add contributing equipment sequence`: Add tags indicating the software used for deidentification
+
+#### Relationships:
+
+* `success`: All deidentified DICOM images will be routed as FlowFiles to this relationship
+* `not_matched`: DICOM files that do not match the patient remapping are routed to this relationship
+* `failure`: FlowFiles that are not DICOM images
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### ExtractDICOMTags
+
+This processor extracts DICOM tags from the DICOM image and sets the values at attributes of the flowfile.
+
+#### Properties:
+
+* `Extract all DICOM tags`: Extract all DICOM tags if true, only listed tags if false
+* `Construct suggested filename`: Construct a filename of the pattern 'PatientName/Modality_Date/SeriesNumber_SeriesDescription/SOPInstanceUID.dcm' with all unacceptable characters mapped to '_'
+
+#### Relationships:
+
+* `success`: All DICOM images will be routed as FlowFiles to this relationship
+* `failure`: FlowFiles that are not DICOM images
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### ListenDICOM
+
+This processor implements a DICOM receiver to listen for incoming DICOM images.
+
+#### Properties:
+
+* `Local Application Entity Title`: ListenDICOM requires that remote DICOM Application Entities use this AE Title when sending DICOM, default is to accept all called AE Titles
+* `Listening port`: The TCP port the ListenDICOM processor will bind to.
+
+#### Relationships:
+
+* `success`: All new DICOM images will be routed as FlowFiles to this relationship
+
+#### FlowFile attributes:
+
+* `dicom.calling.aetitle`: The sending AE title
+* `dicom.calling.hostname`: The sending hostname
+* `dicom.called.aetitle`: The receiving AE title
+* `dicom.called.hostname`: The receiving hostname
+* `dicom.called.hostname`: The receiving hostname
+
+### PutDICOM
+
+This processor implements a DICOM sender, sending DICOM images to the specified destination.
+
+#### Properties:
+
+* `Remote Application Entity Title`: 
+* `Remote hostname of remote DICOM destination`: 
+* `Remote Port`: The TCP port to send to.
+* `Local Application Entity`: 
+* `batch size`: maxmium number of DICOM images to send at once, 0 is unlimited
+
+#### Relationships:
+
+* `success`: FlowFiles that are successfully sent will be routed to success
+* `reject`: FlowFiles that are not DICOM images
+* `failure`: FlowFiles that failed to send to the remote system; failure is usually looped back to this processor
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### ModifyDICOMTags
+
+This processor modifies DICOM tags. 
+
+#### Properties:
+
+
+#### Relationships:
+
+* `success`: All modified DICOM images will be routed as FlowFiles to this relationship
+* `failure`: FlowFiles that are not DICOM images
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### DeidentifyEncryptDICOM
+
+This processor implements a DICOM deidentifier. Deidentified DICOM tags are encrypted using a password for later decription and re-identification.
+
+#### Properties:
+
+* `Encryption password`: Encryption password, leave empty or unset if deidintified or removed attributes are not to be encripted
+* `Encryption iterations`: Number of encription rounds. Higher number of iterations are typically more secure, but require more per-image computation
+* `Keep descriptors`: Keep text description and comment attributes
+* `Keep series descriptors`: Keep the series description even if all other descriptors are removed
+* `Keep protocol name`: Keep protocol name even if all other descriptors are removed
+* `Keep patient characteristics`: Keep patient characteristics (such as might be needed for PET SUV calculations)
+* `Keep device identity`: Keep device identity
+* `Keep institution identity`: Keep institution identity
+* `Keep private tags`: Keep all private tags. If set to 'false', all unsafe private tags are removed.
+* `Add contributing equipment sequence`: Add tags indicating the software used for deidentification
+
+#### Relationships:
+
+* `success`: All deidentified DICOM images will be routed as FlowFiles to this relationship
+* `failure`: FlowFiles that are not DICOM images
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### DecryptReidentifyDICOM
+
+This processor implements a DICOM reidentifier. Previously deidintified DICOM files with Supplement 55 encrypted tags have the original tags decrypted and the reidentified image is written as a FlowFile.
+
+#### Properties:
+
+* `Encryption password`: Encryption password, leave empty or unset if deidintified or removed attributes are not to be encripted
+* `Accept new series`: If the encrypted, generated Series and Instance UIDs do not match the DICOM object, assume this DICOM image is a new series generated from a deidentified, encrypted DICOM image. Decrypt the original tags, but do not replace the Series and SOPInstance UIDs, effectively creating a new series
+* `Batch size`: Number of DICOM files to process in batch
+
+#### Relationships:
+
+* `success`: All deidentified DICOM images will be routed as FlowFiles to this relationship
+* `failure`: FlowFiles that are not DICOM images
+* `not decrypted`: DICOM images that could not be sucessfully decrypted
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+
+### DeidentifyEncryptDICOM
+
+This processor implements a DICOM deidentifier. Deidentified DICOM tags are encrypted using a password for later decription and re-identification.
+
+#### Properties:
+
+* `Encryption password`: Encryption password, leave empty or unset if deidintified or removed attributes are not to be encripted
+* `Encryption iterations`: Number of encription rounds. Higher number of iterations are typically more secure, but require more per-image computation
+* `Keep descriptors`: Keep text description and comment attributes
+* `Keep series descriptors`: Keep the series description even if all other descriptors are removed
+* `Keep protocol name`: Keep protocol name even if all other descriptors are removed
+* `Keep patient characteristics`: Keep patient characteristics (such as might be needed for PET SUV calculations)
+* `Keep device identity`: Keep device identity
+* `Keep institution identity`: Keep institution identity
+* `Keep private tags`: Keep all private tags. If set to 'false', all unsafe private tags are removed.
+* `Add contributing equipment sequence`: Add tags indicating the software used for deidentification
+
+#### Relationships:
+
+* `success`: All deidentified DICOM images will be routed as FlowFiles to this relationship
+* `failure`: FlowFiles that are not DICOM images
+
+#### FlowFile attributes:
+
+* **N/A**: does not set attributes
+

build.gradle

@@ -1,31 +1,32 @@
 buildscript {
- repositories {
- mavenCentral()
- maven {
- url 'http://dl.bintray.com/sponiro/gradle-plugins'
- }
- }
- dependencies {
- classpath group: 'de.fanero.gradle.plugin.nar', name: 'gradle-nar-plugin', version: '0.1'
- }
+ repositories {
+ mavenCentral()
+ maven {url 'http://dl.bintray.com/sponiro/gradle-plugins'}
+ }
+ dependencies {
+ classpath group: 'de.fanero.gradle.plugin.nar', name: 'gradle-nar-plugin', version: '0.1'
+ }
 }
 
+plugins {
+ id "com.github.breadmoirai.github-release" version "2.0.1"
+}
 apply plugin: 'java'
 apply plugin: 'eclipse'
 apply plugin: 'de.fanero.gradle.plugin.nar'
-
+apply plugin: 'project-report'
 
 ext {
  nifiVersion = '1.7.1'
 }
 
 group = 'com.blezek.nifi.dicom'
-version = '1.2'
+version = '1.3'
 
 sourceCompatibility = 1.8
 targetCompatibility = 1.8
-
 
+// Adds the NAR taget for NIFI
 nar {
  manifest {
  attributes (
@@ -37,36 +38,30 @@ nar {
 }
 
 test {
- useJUnitPlatform()
- testLogging {
- events "passed", "skipped", "failed"
- }
- reports {
- html.enabled = true
- }
+ useJUnitPlatform()
+ testLogging {
+ events "passed", "skipped", "failed"
+ }
+ reports {
+ html.enabled = true
+ }
 }
 
 repositories {
- // Use 'maven central' for resolving your dependencies.
- // mavenLocal()
  mavenCentral()
+ // DCM4CHE has their own Maven...
  maven { url "https://www.dcm4che.org/maven2/" }
  maven { url "http://jcenter.bintray.com/" }
- flatDir {
- dirs 'libs'
- }
 }
 
 dependencies {
  testCompile('org.junit.jupiter:junit-jupiter-api:5.2.0')
  testCompile('org.junit.vintage:junit-vintage-engine:5.2.0')
- testRuntime('org.junit.jupiter:junit-jupiter-engine:5.2.0')
  testCompile (
  "org.apache.nifi:nifi-mock:" + project.nifiVersion,
  'org.hamcrest:hamcrest-library:1.3',
  )
 
- compile 'com.box:box-java-sdk:2.18.0'
  compile group: 'javax.json', name: 'javax.json-api', version: '1.0'
  compile group: 'com.google.guava', name: 'guava', version: '23.0'
 
@@ -77,7 +72,6 @@ dependencies {
  compile group: 'org.apache.nifi', name: 'nifi-api', version: project.nifiVersion
  compile group: 'org.apache.nifi', name: 'nifi-utils', version: project.nifiVersion
 
-
  // These are extra PixelMed libraries that hopefully could be removed
  // https://mvnrepository.com/artifact/javax.vecmath/vecmath
  compile group: 'javax.vecmath', name: 'vecmath', version: '1.5.2'
@@ -88,21 +82,29 @@ dependencies {
  // https://mvnrepository.com/artifact/javax.jmdns/jmdns
  compile group: 'javax.jmdns', name: 'jmdns', version: '3.4.1'
 
+ // Database and misc
  compile 'org.apache.derby:derby:10.14.1.0'
  compile group: 'org.apache.derby', name: 'derbynet', version: '10.14.1.0'
-
  compile 'org.jdbi:jdbi3-core:3.1.0'
  compile "com.h2database:h2:1.3.170"
  compile "com.google.guava:guava:23.0"
  compile "org.flywaydb:flyway-core:5.0.7"
  compile 'com.google.code.gson:gson:2.8.2'
 
  // Encryption
- // compile name: 'bc-fips-1.0.1'
- compile 'org.bouncycastle:bcprov-jdk15on:1.60'
- compile 'org.bouncycastle:bcprov-ext-jdk15on:1.60'
+ compile 'org.bouncycastle:bcprov-jdk15on:1.52'
+ compile 'org.bouncycastle:bcpkix-jdk15on:1.52'
 
- // handle CSV files
+ // CSV
  compile "com.opencsv:opencsv:4.0"
 
 }
+
+FilenameFilter filter = { dir, filename -> filename.contains(".nar") && filename.contains(project.version)}
+
+githubRelease {
+ token System.getenv( 'GITHUB_TOKEN' )
+ owner "blezek"
+ repo "nifi-dicom"
+ releaseAssets = jar.destinationDir.listFiles filter
+}

doc/architecture/2018-05-08 Box Integration.md

@@ -2,14 +2,16 @@
 
 ## Status
 
-accepted
+rejected
 
 ## Context
 
 [Box](https://www.box.com) is cloud data storage platform. The `nifi-dicom` project desires the ability to upload `FlowFiles` to Box. This feature is not limited to DICOM, and is independent of DICOM.
 
 ## Decision
 
+**2018-10-23** Removing Box features. Could be extracted into a different project.
+
 The Box upload feature will include these components:
 
 ### Box Controller