Howto: Connecting Two Private Instances using a Public Mediator

A common wish is to send anonymized image data between hospitals for research purposes. Since most healthcare providers implement strict data network policies, slicebox instances inside hospital networks must be private. They will not be reachable from the outside, they must initiate all network communication, and can only transfer data to and from public slicebox instances. Therefore it is typically not possible to transfer images between hospitals directly. The slicebox solution is to set up a public instance outside the hospital networks which is reachable from all collaborating hospitals. Low-cost server instances can be easily set up via a range of cloud services providers. If the public instance is set up to use SSL, all traffic between hospitals will be encryptfed. Once the public server is set up, it is easy to connect arbitrality many private slicebox instances at any number of hopitals. Using forwading rules (see Automating Data Transfer using Forwarding), the administrators of the public instance can choose which slicebox connections should be used to forward image data. Typically one opts to remove all transferred data automatically to avoid running out of storage space on the public server.

The image below shows the schematic setup of using a mediator public instance to pass data between three collaborating hospitals.

The following image shows the corresponding forwarding rules for this setup.