You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My understanding is that the MONAILabel upload cache location is a single allocation that is shared among potentially multiple api clients. The file names within the cache are as per the original uploaded image without any obfuscation or any assurance of uniqueness.
IMO this has a number of drawbacks in utilising MONAILabel as an API presented service.
There is the possibility of users uploading images with the same name and casing a conflict.
There is the possibility of potentially sensitive images to be accessed via unauthorised users.
This could greatly reduce the potential use cases and operational workflows of MONAILabel.
I would like MONAILabel to implement a level of isolation and/or obvuscation within the cache to ensure access of images is a 1:1 with user access. This could be linked to a specific user session.
ATM we are ensuring that MONAILabel implementations are dedicated to a single individual or group via infrastructure segregation. Either by running the API on a specific host or measures of network microsegmentation and that the implementation is ephemeral in nature.
The text was updated successfully, but these errors were encountered:
My understanding is that the MONAILabel upload cache location is a single allocation that is shared among potentially multiple api clients. The file names within the cache are as per the original uploaded image without any obfuscation or any assurance of uniqueness.
IMO this has a number of drawbacks in utilising MONAILabel as an API presented service.
This could greatly reduce the potential use cases and operational workflows of MONAILabel.
I would like MONAILabel to implement a level of isolation and/or obvuscation within the cache to ensure access of images is a 1:1 with user access. This could be linked to a specific user session.
ATM we are ensuring that MONAILabel implementations are dedicated to a single individual or group via infrastructure segregation. Either by running the API on a specific host or measures of network microsegmentation and that the implementation is ephemeral in nature.
The text was updated successfully, but these errors were encountered: