Support historical data

[mrinnetmaki]

Description

We want the service to support uploader applications and backfill features that upload a bunch of historical data.

Requirement analysis

Known requirements (functional, performance, usability, safety):

• Uploading a lot of data, and especially writing it to Kanta PHR, can take a long time. The implementation should try to avoid timeouts due to this. For instance with providing a chunked response.
• Implementation should separate between when the observation has been made (effective time) and when it has been transferred (issued).
• Should work with maximum amount of data stored in CGM receivers.
• Should work with xDrip backfill feature.
• Should work with Tidepool Universal Uploader / Sensotrend Uploader.

Identified potential risks to the patient:
No medical risks identified.
Privacy related risks are elevated, when more data is being transferred and processed.

Implementation plan:
Target schedule: Q2, 2020.
Dependencies on other issues: None.

OWASP top 10

https://github.com/OWASP/www-project-top-ten/blob/master/index.md

• 1 Injection - [comments]
• 2 Broken Authentication - [comments]
• 3 Sensitive Data Exposure - [comments]
• 4 XML External Entities (XXE) - [comments]
• 5 Broken Access Control - [comments]
• 6 Security Misconfiguration - [comments]
• 7 Cross-Site Scripting XSS - [comments]
• 8 Insecure Deserialization - [comments]
• 9 Using Components with Known Vulnerabilities - [comments]
• 10 Insufficient Logging & Monitoring - [comments]

Verification

Verification plan: According to Kanta PHR veerification process. There are specific tests for historical data.
Verification date:
Verification results: