Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[bioontology-support] [BioPortal] Feedback from Eoin Vaughan

John Graybeal jgraybeal at stanford.edu
Tue Mar 31 22:43:21 PDT 2020


Eoin,

I'm going to restate your request a little bit to make sure we're talking about the same thing. You want to be sure that when REDCap is configured to get data from BioPortal, it is able to do so on a connection secured by SSL, so that the content going back and forth is not in plain text and not capable of being intercepted/rewritten. Correct?

The typical scenario for SSL encryption is that the client—your REDCap service—makes the request using https, and the HTTP server on our end provides a certificate to show it can securely manage the encrypted communication. BioPortal doesn't really know anything about that process, but the web server ensures your end-to-end encryption requirement is met, if your client uses the https protocol.

For this to work, however, I believe your IT service will have to ensure that REDCap makes it requests using the https protocol. You will need to contact the REDCap team if REDCap does not support this option.  I will provide some REDCap contacts offline to facilitate this for you.

(I should mention for the record that the service endpoint URLs provided by BioPortal in its API responses are prefixed with http, not https. This does not affect clients' ability to make the same requests using https, but I'm pretty sure it doesn't matter for the REDCap use case.)

John



On Mar 31, 2020, at 9:41 AM, support at bioontology.org<mailto:support at bioontology.org> wrote:


Name: Eoin Vaughan

Email: eoin.vaughan at ubc.ca<mailto:eoin.vaughan at ubc.ca>

Location: https%3A%2F%2Fbioportal.bioontology.org<http://2Fbioportal.bioontology.org>%2F

Feedback:

I'm just looking into utilising the "Bioportal Ontology Service" within our departments REDCap instance and I'm in the process of writing up the PIA for this request to our IT service, I was hoping to find out whether the Bioportal Service checks/verifies the SSL certificate like curl does in our API calls for R,Python scripts.

I know they will be wary of the 'man in middle' attack that we may be subject to if not, don't want to assume anything.

Thanks,
Eoin.

_______________________________________________
bioontology-support mailing list
bioontology-support at lists.stanford.edu<mailto:bioontology-support at lists.stanford.edu>
https://mailman.stanford.edu/mailman/listinfo/bioontology-support

========================
John Graybeal
Technical Program Manager
Center for Expanded Data Annotation and Retrieval /+/ NCBO BioPortal
Stanford Center for Biomedical Informatics Research
650-736-1632  | ORCID  0000-0001-6875-5360



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/bioontology-support/attachments/20200401/b9110155/attachment-0001.html>


More information about the bioontology-support mailing list