Just curious of Orthanc has some sort of procedure to perform a data integrity check (e.g. Postgres Database and image files stored either in Postgres or the file system). That would be a really nice feature if there were a way to check the database and the file system to check for any errors or data corruption. I know that Postgres has some tools for the database, but that doesn’t check the linked files on the file system.
Also, is there a feature to allow encryption of the database and/or the filesystem data, or is that something that should/could be handled at the OS level. It would be nice if the Config.json file could handle all of that with just some sort of encryption key in the Config file rather than doing that at the DB or filesystem level.
Thanks.
It usually doesn’t make sense to unnecessarily expose encryption to an application. It means you either are forced to do it the way the application authors envisage it, or you need to turn it off and do it another way anyway. Putting a symmetric encryption key in a configuration file is also an easy way to accidentally leak that key, undoing the benefits of encryption.
If you are self-hosting a database or filesystem and want to encrypt it, you might use a loopback device to make an encrypted block-level device, and then use that instead of the filesystem directly. You then need to somehow provide the key when your server starts up, but assuming the key is not stored on the server, you then have your data safely encrypted at rest. So if someone takes the physical hardware, the data is useless.
If you are using a cloud provider, you can do a lot better, where you can take advantage of the execution roles your systems implicitly have, together with being able to click a checkbox to enable encryption at rest. For example, if you use AWS with S3 or EFS to hold your data, you can explicitly assign the IAM role of Orthanc as the only role able to access that data, which affords you quite good protection.
Be aware that none of this protects your data from other users of Orthanc: whatever you do, by the time a person logs into Orthanc, they have bypassed all the above encryption, and it’s just up to the application logic to restrict who can access what.