WIP

TODO: Check all documentation files for TODOs and resolve them

clinical-domain-agent/src/test/resources/application.yaml

@@ -18,7 +18,7 @@ spring:
 runner:
   maxConcurrency: 128
   maxProcesses: 4
-  processTtlSeconds: 86400
+  processTtl: P1D
 
 
 server:

docs/development/index.md

@@ -7,6 +7,48 @@ intended to guide developers through the codebase, architecture, and development
 actively working to enhance and update this guide to provide a more comprehensive and up-to-date
 resource for developers. Your feedback is valuable in this ongoing improvement process.*
 
+```mermaid
+sequenceDiagram
+  box Clinical Domain
+    participant cd_hds
+    participant CDA
+  end
+  box Trustcenter Domain
+    participant TCA
+    participant gICS
+    participant gPAS
+  end
+  box Research Domain
+    participant RDA
+    participant rd_hds
+  end
+
+  CDA ->> TCA: cd/consented-patients/{fetch,fetch-all}
+  TCA ->> gICS: {$allConsentsForDomain,$allConsentsForPerson}
+  gICS ->> TCA: [Patient ID]
+  TCA ->> CDA: [Patient ID]
+
+  loop Patient ID
+    CDA ->> cd_hds: fetch Patient ID
+    cd_hds ->> CDA: Patient
+    CDA ->> CDA: deidentify Patient
+    CDA ->> TCA: cd/transport-mapping(Patient ID, [ID])
+    TCA ->> gPAS: generate Secure ID
+    TCA ->> gPAS: generate ID Salt
+    TCA ->> gPAS: generate Date Shift Salt
+    TCA ->> TCA: generate [Transport ID] and Date Shift
+    TCA ->> CDA: mapName, [ID -> Transport ID] and Date Shift
+    CDA ->> RDA: process/{project}/patient(PatientBundle, mapName)
+    RDA ->> CDA: PROCESS_ID
+    RDA ->> TCA: rd/research-mapping(mapName)
+    TCA ->> RDA: [Transport ID -> Research ID], Date Shift Value
+    RDA ->> RDA: deidentify Patient
+    RDA ->> rd_hds: Bundle
+    CDA ->> RDA: status/PROCESS_ID
+    RDA ->> CDA: return Status
+  end
+```
+
 ## Repository Structure
 
 The project follows a structured organization to enhance readability and maintainability.
@@ -18,7 +60,7 @@ The project follows a structured organization to enhance readability and maintai
   Markdown files with examples and detailed documentation for users and developers. Includes user
   guides, developer guides, release steps, and more.
 
-- [clinical-domain-agent/](clinical-domain-agent)`  
+- [clinical-domain-agent/](clinical-domain-agent)  
   Java code, Dockerfile, CI config snippets, and Maven configuration (`pom.xml`) for the Clinical
   Domain Agent.
 

docs/development/trustcenter-agent.md

@@ -1,11 +1,34 @@
 # Trustcenter Agent (TCA)
 
+## Overview
+
+The TCA is required to ensure that
+
 ## Consent
 
-The TCA offers an endpoint to receive a cohort of consented patients from gICS.
+The TCA offers an endpoint to receive a cohort of consented patients
+from [gICS](https://www.ths-greifswald.de/forscher/gics/).
 
 ## De-identification
 
+The de-identification process maps the original ids (oID) from the clinical domain to
+pseudonyms (sID) in the research domain and shifts all dates by a random (but for each patient
+fixed) amount.
+In the clinical domain, before sending resources the oIDs are replaced with transport IDs (tID),
+which are replaced with their corresponding sIDs in the research domain.
+The dates are shifted two times.
+First in the clinical domain and then a second time in the research domain.
+The date shift value the research domain applies contains the negative date shift value of the
+clinical domain, i.e.
+the first date shift is undone.
+This leads to a uniform distribution (w.r.t. all patients) of the date shift values.
+
+The de-identification process works by generating a pseudonym for the patientID, which can be used
+to re-identify patients.
+The other ids are hashed with sha256.
+Therefore, a second pseudonym is generated that is used as salt for the hashing algorithm.
+Next, for each id a random transport id (tID) is generated and a Map of the oIDs to
+
 The role of the TCA for the de-identification consists of two parts:
 First, the Pseudonym Provider, provides a mechanism that replaces the IDs of the CDA domain with
 pseudonyms for the RDA domain, such that it is, without the TCA, impossible to re-identify
@@ -15,7 +38,8 @@ Second, the Shifted Dates Provider, offers a way to time-shift dates.
 ### Pseudonym Provider
 
 We distinguish between the Patient ID (PID) and other Resource IDs (RID)s.
-The original PID (oPID) from the CDA domain is sent to gPAS where a pseudonym or secure PID (sPID)
+The original PID (oPID) from the CDA domain is sent
+to [gPAS](https://www.ths-greifswald.de/forscher/gpas/) where a pseudonym or secure PID (sPID)
 is created.
 The oRIDs are hashed with sha256 to create secure RIDs (sRID)s.
 Since we have no influence about the ids' length we add salt to the hash function.
@@ -34,9 +58,9 @@ sequenceDiagram
     TCA ->> gPAS: pseudomizeOrCreate oPID, Salt_oPID
     gPAS ->> TCA: oPID ➙ sPID, Salt_oPID ➙ Salt
     TCA ->> Keystore: idMapName & idMap: <Map<oRID, sRID>>
-    TCA ->> CDA: IdMapName & IdMap: <Map<oRID, tRID>> & oPID ➙ tPID
-    CDA ->> RDA: Transport IDs: <Set<tRID>> & tPID
-    RDA ->> TCA: Transport IDs: <Set<tRID>> & tPID
+    TCA ->> CDA: idMapName & IdMap: <Map<oRID, tRID>> & oPID ➙ tPID
+    CDA ->> RDA: idMapName & Bundles
+    RDA ->> TCA: idMapName
     TCA ->> Keystore: idMapName
     Keystore ->> TCA: idMap: Map<tRID, sRID> & sPID
     TCA ->> RDA: idMap: Map<tRID, sRID> & sPID