covid19/cwa-documentation
covid19
/
cwa-documentation
mirror of https://github.com/corona-warn-app/cwa-documentation
1
0
Fork 0
Code Releases Activity

Merge branch 'main' into trl-and-dsos

This commit is contained in:
Maximilian Lenkeit 2022-09-27 08:31:03 +02:00
parent a38945fddc 40cf69cf02
commit c79834af16
13 changed files with 5469 additions and 1115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/checks.yml vendored
View File

@ -14,10 +14,10 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
- name: Setup Node.js environment (v14)
- name: Setup Node.js environment (v16)
uses: actions/setup-node@v2
with:
node-version: 'lts/fermium'
node-version: 'lts/gallium'
- name: Install npm dependencies
if: always()
@ -34,11 +34,6 @@ jobs:
run: |
npm run-script checklinks
#- name: Spellchecking english
# if: always()
# run: |
# npm run-script spellcheck
#- name: Detect inconsiderate language
# if: always()
# run: |

123
.spelling
View File

@ -1,123 +0,0 @@
14-day
24-hour
alex
amongst
analytics
APIs
APNs
backend
Backend
barcode
barcodes
BlackDuck
blacklist
broadcasted
Bundesbeauftragter
Bundesnetzagentur
changelog
Changelog
changelogs
Changelogs
Checkmarx
commonmark
Commonmark
config
Config
coronavirus
Covid-19
cwa-app-android
cwa-app-ios
cwa-server
cwa-testresult-server
cwa-verification-iam
cwa-verification-portal
cwa-verification-server
CxSAST
cyber
Cyber
DDoS
deanonymize
Deutsche
DP-3T
e.g.
en_US
epidemiologically
flyer
focussing
Gesundheitsamt
hacktivism
hardcoded
Hardcoded
how-tos
i.e.
IfSG
Informationsfreiheit
Infrastrukturen
iOS
Kritische
lifecycle
Lifecycle
linter
linters
logfile
logfiles
macOS
markdownlint.json
metadata
Metadata
misconfiguration
natively
npm
onboarding
Onboarding
package.json
PEPP-PT
PostgreSQL
pre-printed
Probenbegleitschein
Protecode
pseudonymized
rebase
reinstall
reinstalls
remediate
Remediate
resize
RPIs
SafetyNet
sap.com
Sarbanes-Oxley
SARS-CoV-2
sexualized
socio-economic
SonarQube
Synopsys
TalkBack
TEK
TEKs
Telekom
teleTAN
TeleTAN
teleTANs
TeleTANs
timeframe
timestamp
timestamping
Timestamping
tl
tl;dr
Tx
UI
uninstallation
Uninstallation
unlinkability
Unlinkability
unobservability
Unobservability
unsecure
up-to-dateness
useable
versioning
Vulas
whitelist
WhiteSource

2
CONTRIBUTING.md
View File

@ -30,7 +30,7 @@ Should you wish to work on an issue, please claim it first by commenting on the
If you have questions about one of the issues, please comment on them, and one of the maintainers will clarify.
We kindly ask you to follow the [Pull Request Checklist](#Pull-Request-Checklist) to ensure reviews can happen accordingly.
We kindly ask you to follow the [Pull Request Checklist](#pull-request-checklist) to ensure reviews can happen accordingly.
## Contributing Code

45
INSTALL.md
View File

@ -10,7 +10,6 @@
## Features
* Linting of markdown documents
* Spell checking
* Link checking
## Specifications
@ -19,15 +18,9 @@ This repository checks against following specification:
* [Markdown Commonmark](https://spec.commonmark.org/)
### Languages
Supported languages are:
* [English US](https://en.wikipedia.org/wiki/ISO/IEC_8859-1)
## Prerequisites
This repository is aligned to the Node.js 14 Maintenance LTS version of [Node.js](https://nodejs.org/en/) (which includes npm). Install the v14 (`lts/fremium`) version of Node.js which is available from [Node.js - Previous Releases](https://nodejs.org/en/download/releases/) page.
Install the Node.js 16 Active LTS version of [Node.js](https://nodejs.org/en/) (which includes npm).
## Installation
@ -41,7 +34,7 @@ This installs all dependencies into a local `node_modules` folder.
## Checks
To enforce good spelling and specification conformity there are several checks defined as `npm run-script` targets. To run all checks please execute:
To enforce specification conformity there are several checks defined as `npm run-script` targets. To run all checks please execute:
```shell
npm test
@ -53,10 +46,10 @@ If you want to run individual checks see the targets and the description below.
Every individual check can be run like so:
```shell
npm runscript my-individual-check
npm run-script my-individual-check
```
See the [package.json](https://github.com/corona-warn-app/cwa-documentation/blob/master/package.json) file for the currently available scripts.
See the [package.json](package.json) file for the currently available scripts.
#### Markdown linter
@ -68,7 +61,7 @@ npm run-script markdownlint
##### Markdown linter overrides
Sometimes it is not possible to be commonmark conform. In this rare cases an inline tag to skip linting is possible.
Sometimes it is not possible to be commonmark conform. In these rare cases an inline tag to skip linting is possible.
Candidates are tables.
@ -99,32 +92,6 @@ like this:
For more information how to tweak overrides consult the markdown linter
documentation mentioned above.
#### Spell checker
##### English
Spell checking in American English (en_US).
```shell
npm run-script spellcheck
```
##### German
Not implemented yet.
##### Spell checker overrides
Add any additional words to the .spelling file and use the target to sort and
clean them before adding these to master.
```shell
npm run-script format-spelling
```
Please note sometimes overriding is not the way to go. Our terminology should be
applied consistently.
#### Link resolver
All cross references and external URLs are resolved.
@ -135,7 +102,7 @@ npm run-script checklinks
#### Inconsiderate language scanner
This checks against profanity and inconsiderate language. This is help full for
This checks against profanity and inconsiderate language. This is helpful for
non-natives to detect words that could be inconsiderate. This utilizes [alex](https://github.com/get-alex/alex)
```shell

98
README.md
View File

@ -1,5 +1,5 @@
<p align="center">
<a href="https://www.coronawarn.app/en/"><img src="https://raw.githubusercontent.com/corona-warn-app/cwa-documentation/master/images/CWA_title.png" width="400"></a>
<a href="https://www.coronawarn.app/en/"><img src="https://raw.githubusercontent.com/corona-warn-app/cwa-documentation/main/images/CWA_title.png" width="400"></a>
</p>
<hr />
@ -71,11 +71,11 @@ The technical documents are intended for a technical audience and represent the
- [Corona-Warn-App Mobile Client (iOS) Architecture](https://github.com/corona-warn-app/cwa-app-ios/blob/main/docs/architecture-overview.md)
- [Criteria for the Evaluation of Contact Tracing Apps](pruefsteine.md)
- [Corona-Warn-App Security Overview](overview-security.md)
- [Corona-Warn-App Backend Infrastructure Architecture Overview](https://github.com/corona-warn-app/cwa-documentation/blob/master/backend-infrastructure-architecture.pdf)
- [Corona-Warn-App Backend Infrastructure Architecture Overview](backend-infrastructure-architecture.pdf)
- [How does the Corona-Warn-App identify an increased risk?](solution_architecture.md#mobile-applications)
- [Epidemiological Motivation of the Transmission Risk Level (PDF)](https://github.com/corona-warn-app/cwa-documentation/blob/master/transmission_risk.pdf), [(Rmd file)](https://github.com/corona-warn-app/cwa-documentation/blob/master/transmission_risk.Rmd), [(bib references)](https://github.com/corona-warn-app/cwa-documentation/blob/master/transmission_risk_references.bib)
- [Epidemiological Motivation of the Transmission Risk Level (PDF)](transmission_risk.pdf), [(Rmd file)](transmission_risk.Rmd), [(bib references)](transmission_risk_references.bib)
- [Corona-Warn-App Data Privacy Impact Assessment/DPIA (PDF, German)](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung.pdf), [DPIA Annex 1a](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage1a.pdf), [DPIA Annex 1b](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage1b.pdf), [DPIA Annex 1c](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage1c.pdf), [DPIA Annex 2](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage2.pdf), [DPIA Annex 3](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage3.pdf), [DPIA Annex 4](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage4.pdf), [DPIA Annex 5](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage5.pdf), [DPIA Annex 6](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage6.pdf), [DPIA Annex 7](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage7.pdf) and [DPIA Annex 8](https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung-anlage8.pdf)
- [Exposure Notification API Testing](https://github.com/corona-warn-app/cwa-documentation/blob/master/2020_06_24_Corona_API_measurements.pdf)
- [Exposure Notification API Testing](2020_06_24_Corona_API_measurements.pdf)
- [Event Registration](event_registration.md)
To be published:
@ -88,47 +88,65 @@ For an easier understanding of the used acronyms and special terms in our docume
## Repositories
| Repository | Description     |
| -------------------------- | ------------------------------------------------------------------------------------------- |
| [cwa-documentation] | Project overview, general documentation and white papers.            |
| [cwa-app-ios] | Native iOS app using the Apple/Google exposure notification API.           |
| [cwa-app-android] | Native Android app using the Apple/Google exposure notification API.           |
| [cwa-website] | The official website for the Corona-Warn-App.     |
| [cwa-wishlist] | Community feature requests.           |
| [cwa-server] | Backend implementation for the Apple/Google exposure notification API.           |
| [cwa-ppa-server] | Backend implementation for the privacy-preserving analytics server.           |
| [cwa-verification-server] | Backend implementation of the verification process.           |
| [cwa-verification-portal] | The portal to interact with the verification server.           |
| [cwa-verification-iam] | The identity and access management to interact with the verification server.            |
| [cwa-testresult-server] | Receives PCR test results from connected laboratories.     |
| [cwa-log-upload] | Counterpart of the log upload in the app.           |
| [cwa-quicktest-onboarding] | Documentation about onboarding procedure for rapid antigen test partners. |
| [cwa-quick-test-frontend] | Frontend implementation of the rapid antigen test portal for participating partners.        |
| [cwa-quick-test-backend] | Backend implementation of the rapid antigen test portal and API for participating partners. |
| [cwa-event-landingpage] | Landing page for CWA which opens if the user does not have the app installed.   |
| [cwa-event-qr-code] | Utility to generate QR codes for Event Registration.   |
| [cwa-map-public-frontend] | Public frontend of map.schnelltestportal.de. |
| [cwa-hotline] | Contains all issues reg. the hotlines of the CWA. |
| Repository | Description |
| ---------------------------- | ------------------------------------------------------------------------------------------- |
| [cwa-app-android] | Native Android app using the Apple/Google exposure notification API. |
| [cwa-app-ccl] | Common Covid Logic (CCL) for Android and iOS. |
| [cwa-app-ios] | Native iOS app using the Apple/Google exposure notification API. |
| [cwa-dcc-server] | Backend implementation of the process to issue EU Digital Covid Certificate. |
| [cwa-documentation] | Project overview, general documentation and white papers. |
| [cwa-event-landingpage] | Landing page for CWA which opens if the user does not have the app installed. |
| [cwa-event-qr-code] | Utility to generate QR codes for Event Registration. |
| [cwa-hotline] | Contains all issues reg. the hotlines of the CWA. |
| [cwa-icao-transliteration] | A simple transliteration of non-latin letters into latin for the CWA. |
| [cwa-kotlin-jfn] | JsonFunctions Engine - DCC Logic. |
| [cwa-log-upload] | Counterpart of the log upload in the app. |
| [cwa-parent] | Repository containing Maven files for parent project and dependency building blocks. |
| [cwa-map-backend] | Backend of map.schnelltestportal.de. |
| [cwa-map-operators-frontend] | Frontend for test center operators to manage their test centers in a simple way. |
| [cwa-map-public-frontend] | Public frontend of map.schnelltestportal.de. |
| [cwa-ppa-server] | Backend implementation for the privacy-preserving analytics server. |
| [cwa-quick-test-backend] | Backend implementation of the rapid antigen test portal and API for participating partners. |
| [cwa-quick-test-frontend] | Frontend implementation of the rapid antigen test portal for participating partners. |
| [cwa-quicktest-onboarding] | Documentation about onboarding procedure for rapid antigen test partners. |
| [cwa-registrierung] | Registration portal for the rapid antigen test portal |
| [cwa-server] | Backend implementation for the Apple/Google exposure notification API. |
| [cwa-testresult-server] | Receives PCR test results from connected laboratories. |
| [cwa-verification-iam] | The identity and access management to interact with the verification server. |
| [cwa-verification-portal] | The portal to interact with the verification server. |
| [cwa-verification-server] | Backend implementation of the verification process. |
| [cwa-website] | The official website for the Corona-Warn-App. |
| [cwa-wishlist] | Community feature requests. |
| [dcc-rule-translation] | Translations of Booster Notification Rules. |
[cwa-documentation]: https://github.com/corona-warn-app/cwa-documentation
[cwa-app-ios]: https://github.com/corona-warn-app/cwa-app-ios
[cwa-app-android]: https://github.com/corona-warn-app/cwa-app-android
[cwa-website]: https://github.com/corona-warn-app/cwa-website
[cwa-wishlist]: https://github.com/corona-warn-app/cwa-wishlist
[cwa-server]: https://github.com/corona-warn-app/cwa-server
[cwa-ppa-server]: https://github.com/corona-warn-app/cwa-ppa-server
[cwa-verification-server]: https://github.com/corona-warn-app/cwa-verification-server
[cwa-verification-portal]: https://github.com/corona-warn-app/cwa-verification-portal
[cwa-verification-iam]: https://github.com/corona-warn-app/cwa-verification-iam
[cwa-testresult-server]: https://github.com/corona-warn-app/cwa-testresult-server
[cwa-log-upload]: https://github.com/corona-warn-app/cwa-log-upload
[cwa-quicktest-onboarding]: https://github.com/corona-warn-app/cwa-quicktest-onboarding
[cwa-quick-test-frontend]: https://github.com/corona-warn-app/cwa-quick-test-frontend
[cwa-quick-test-backend]: https://github.com/corona-warn-app/cwa-quick-test-backend
[cwa-app-ccl]: https://github.com/corona-warn-app/cwa-app-ccl
[cwa-app-ios]: https://github.com/corona-warn-app/cwa-app-ios
[cwa-dcc-server]: https://github.com/corona-warn-app/cwa-dcc-server
[cwa-documentation]: https://github.com/corona-warn-app/cwa-documentation
[cwa-event-landingpage]: https://github.com/corona-warn-app/cwa-event-landingpage
[cwa-event-qr-code]: https://github.com/corona-warn-app/cwa-event-qr-code
[cwa-map-public-frontend]: https://github.com/corona-warn-app/cwa-map-public-frontend
[cwa-hotline]: https://github.com/corona-warn-app/cwa-hotline
[cwa-icao-transliteration]: https://github.com/corona-warn-app/cwa-icao-transliteration
[cwa-kotlin-jfn]: https://github.com/corona-warn-app/cwa-kotlin-jfn
[cwa-log-upload]: https://github.com/corona-warn-app/cwa-log-upload
[cwa-parent]: https://github.com/corona-warn-app/cwa-parent
[cwa-map-backend]: https://github.com/corona-warn-app/cwa-map-backend
[cwa-map-operators-frontend]: https://github.com/corona-warn-app/cwa-map-operators-frontend
[cwa-map-public-frontend]: https://github.com/corona-warn-app/cwa-map-public-frontend
[cwa-ppa-server]: https://github.com/corona-warn-app/cwa-ppa-server
[cwa-quick-test-backend]: https://github.com/corona-warn-app/cwa-quick-test-backend
[cwa-quick-test-frontend]: https://github.com/corona-warn-app/cwa-quick-test-frontend
[cwa-quicktest-onboarding]: https://github.com/corona-warn-app/cwa-quicktest-onboarding
[cwa-registrierung]: https://github.com/corona-warn-app/cwa-registrierung
[cwa-server]: https://github.com/corona-warn-app/cwa-server
[cwa-testresult-server]: https://github.com/corona-warn-app/cwa-testresult-server
[cwa-verification-iam]: https://github.com/corona-warn-app/cwa-verification-iam
[cwa-verification-portal]: https://github.com/corona-warn-app/cwa-verification-portal
[cwa-verification-server]: https://github.com/corona-warn-app/cwa-verification-server
[cwa-website]: https://github.com/corona-warn-app/cwa-website
[cwa-wishlist]: https://github.com/corona-warn-app/cwa-wishlist
[dcc-rule-translation]: https://github.com/corona-warn-app/dcc-rule-translation
## Licensing

2
backend-infrastructure-architecture.md
View File

@ -4,6 +4,6 @@
The file ``backend-infrastructure-architecture.pdf`` complements the "CWA Solution Architecture" document. It is intended as a technical overview document of Corona Warn App (CWA) and its underlying infrastructure and network.
This description of the **CWA backend infrastructure architecture** is not published as MD file, because it is not intended to be developed together with the community. Whoever takes the sources and sets up their own "Corona-Warn-App" may use another backend structure. Nevertheless, it might be helpful to know how the current project is implemented in a data center. Therefore, we publish this document as a [PDF](https://github.com/corona-warn-app/cwa-documentation/blob/master/backend-infrastructure-architecture.pdf) file.
This description of the **CWA backend infrastructure architecture** is not published as MD file, because it is not intended to be developed together with the community. Whoever takes the sources and sets up their own "Corona-Warn-App" may use another backend structure. Nevertheless, it might be helpful to know how the current project is implemented in a data center. Therefore, we publish this document as a [PDF](backend-infrastructure-architecture.pdf) file.
More CWA-Server Documentation can be found [here](https://github.com/corona-warn-app/cwa-server/tree/main/docs).

3
glossary.md
View File

@ -48,5 +48,8 @@ This overview provides a description for all acronyms and special terms which ar
To access the glossaries, scroll down the page to the Glossary / Glossar section:
<!-- markdown-link-check-disable -->
<!-- avoids HTTP 503 error due to security measures of https://www.bundesregierung.de -->
- [English FAQs](https://www.bundesregierung.de/corona-warn-app-faq-englisch)
- [German FAQs](https://www.bundesregierung.de/corona-warn-app-faq)
<!-- markdown-link-check-enable -->

6276
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

12
package.json
View File

@ -1,24 +1,20 @@
{
"name": "docs",
"version": "1.0.0",
"version": "1.1.0",
"description": "Corona-Warn-App: Documentation repository",
"main": "README.md",
"dependencies": {
"alex": "^8.2.0",
"markdown-link-check": "^3.8.1",
"markdown-spellcheck": "^1.3.1",
"markdown-link-check": "~3.8.7",
"markdownlint": "^0.20.4",
"markdownlint-cli": "^0.23.2",
"npm-run-all": "^4.1.5"
},
"devDependencies": {},
"scripts": {
"test": "run-s markdownlint checklinks format-spelling",
"spellcheck": "mdspell '**/*.md' --en-us -t -n -a --report '!**/node_modules/**/*.md' '!**/.github/**/*.md' '!**/translations/**/*.md'",
"test": "run-s markdownlint checklinks",
"markdownlint": "markdownlint '**/*.md' --ignore node_modules",
"checklinks": "find . -not -path \"*node_modules*\" -not -path \"*.github*\" -name \"*.md\" | xargs -n 1 markdown-link-check",
"detect-inconsiderate-language": "alex",
"format-spelling": "sort < .spelling | sort | uniq | tee .spelling.tmp > /dev/null && mv .spelling.tmp .spelling"
"detect-inconsiderate-language": "alex"
},
"repository": {
"type": "git",

2
pruefsteine.md
View File

@ -4,7 +4,7 @@ The Chaos Computer Club (CCC) proposed minimum privacy [requirements](https://ww
The CCC is a well-reputed European hacker collective dealing with ["technical and societal issues, such as surveillance, privacy, freedom of information, hacktivism, data security, and many other interesting things around technology and hacking issues."](https://www.ccc.de/en)
This document describes the compliance of the [current architecture](https://github.com/corona-warn-app/cwa-documentation/blob/master/solution_architecture.md) of the Corona-Warn-App with the *technical* criteria as outlined in the CCC's contact tracing requirements. For *political* and *epidemiological* criteria, we refer to the German Ministry of Health or the Robert-Koch-Institute, respectively.
This document describes the compliance of the [current architecture](solution_architecture.md) of the Corona-Warn-App with the *technical* criteria as outlined in the CCC's contact tracing requirements. For *political* and *epidemiological* criteria, we refer to the German Ministry of Health or the Robert-Koch-Institute, respectively.
We are confident that the concept of the Corona-Warn-App is compliant with the CCC's technical requirements. We invite all members of the public to assess the ongoing implementation and discuss any issues or concerns [directly in the development repositories](https://github.com/corona-warn-app) in an open and transparent manner.

8
solution_architecture.md
View File

@ -38,7 +38,7 @@ To reduce the spread of [COVID-19](https://www.ecdc.europa.eu/en/covid-19-pandem
|:--:|
| **Figure 1: High-level architecture overview**|
The Corona-Warn-App (see [scoping document](https://github.com/corona-warn-app/cwa-documentation/blob/master/scoping_document.md )), shown centrally in *Figure 1*, enables individuals to trace their personal exposure risk via their mobile phones. The Corona-Warn-App uses a new framework provided by Apple and Google called [Exposure Notification Framework](https://www.apple.com/covid19/contacttracing). The framework employs [Bluetooth Low Energy (BLE)](https://en.wikipedia.org/wiki/Bluetooth_Low_Energy) mechanics. BLE lets the individual mobile phones act as beacons meaning that they constantly broadcast a temporary identifier called Rolling Proximity Identifier (RPI) that is remembered and, at the same time, lets the mobile phone scan for identifiers of other mobile phones. This is shown on the right side of *Figure 1*.
The Corona-Warn-App (see [scoping document](scoping_document.md)), shown centrally in *Figure 1*, enables individuals to trace their personal exposure risk via their mobile phones. The Corona-Warn-App uses a new framework provided by Apple and Google called [Exposure Notification Framework](https://www.apple.com/covid19/contacttracing). The framework employs [Bluetooth Low Energy (BLE)](https://en.wikipedia.org/wiki/Bluetooth_Low_Energy) mechanics. BLE lets the individual mobile phones act as beacons meaning that they constantly broadcast a temporary identifier called Rolling Proximity Identifier (RPI) that is remembered and, at the same time, lets the mobile phone scan for identifiers of other mobile phones. This is shown on the right side of *Figure 1*.
Identifiers are ID numbers sent out by the mobile phones. To ensure privacy and to prevent the tracking of movement patterns of the app user, those broadcasted identifiers are only temporary and change constantly. New identifiers are derived from a Temporary Exposure Key (TEK) that is substituted at midnight (UTC) every day through means of cryptography. For a more detailed explanation, see *Figure 10*. Once a TEK is linked to a positive test result, it remains technically the same, but is then called a Diagnosis Key.
The collected identifiers from other users as well as the device's own keys, which can later be used to derive the identifiers, are stored locally on the phone in the secure storage of the framework provided by Apple and Google. The application cannot access this secure storage directly, but only through the interfaces the Exposure Notification Framework provides. To prevent misuse, some of these interfaces are subjected to [rate limiting](https://developer.apple.com/documentation/exposurenotification/enmanager/3586331-detectexposures). If app users are tested positive for SARS-CoV-2, they can update their status in the app by providing a verification of their test and select an option to send their recent keys from up to 14 days back. On the Corona-Warn-App back-end server, all keys of individuals that have tested positive are aggregated and are then made available to all mobile phones that have the app installed. Additionally, the configuration parameters for the framework are available for download, so that adjustments to the risk score calculation can be made, see the *Risk Scores* section.
@ -145,7 +145,7 @@ The Corona-Warn-App Server needs to fulfill the following tasks:
- Accept upload requests from clients
- Verify association with a positive test through the Verification Server and the associated workflow as explained in the “Retrieval of Lab Results and Verification Process” section and shown in the center of the left side of *Figure 7*.
- Accept uploaded diagnosis keys and store them (optional) together with the corresponding information (days since onset of symptoms/transmission risk level ) into the database. Note that the transport of connection metadata (e.g. IP) of the incoming connections for the upload of diagnosis keys is removed in a dedicated actor, labeled “Transport Metadata Removal” in *Figure 7*.
- Accept uploaded diagnosis keys and store them (optional) together with the corresponding information (days since onset of symptoms/transmission risk level) into the database. Note that the transport of connection metadata (e.g. IP) of the incoming connections for the upload of diagnosis keys is removed in a dedicated actor, labeled “Transport Metadata Removal” in *Figure 7*.
- Provide [configuration parameters](#data-format) to the mobile applications
- Threshold values for [attenuation buckets](#attenuation-buckets)
- Encoding and mapping of the Transmission Risk Level
@ -215,7 +215,7 @@ The data on all involved servers is only retained as long as required. Diagnosis
## MOBILE APPLICATIONS
The functional scope of the mobile applications (apps) is defined in the corresponding [scoping document](https://github.com/corona-warn-app/cwa-documentation/blob/master/scoping_document.md). The apps are developed natively for Apples iOS and Googles Android operating systems. They make use of the respective interfaces for the exposure notification, i.e. broadcasting and scanning for Bluetooth advertisement packages, see *Figure 8*.
The functional scope of the mobile applications (apps) is defined in the corresponding [scoping document](scoping_document.md). The apps are developed natively for Apples iOS and Googles Android operating systems. They make use of the respective interfaces for the exposure notification, i.e. broadcasting and scanning for Bluetooth advertisement packages, see *Figure 8*.
For Apple devices an OS version of at least 12.5 (for older devices) or 13.7 is required for the system to work, as the framework is integrated into the operating system (see Figure 10).
@ -285,7 +285,7 @@ Those parameters are regularly downloaded from the CWA Server, which means they
As mentioned before, the individual scan instances from the exposure windows are weighted according to the weight attached to the individual bucket. When those individual instances are summed up, they can be multiplied with a transmission risk value (which in turn is derived from the TRL described before). The result is one normalized exposure time per day. If those times are summed up, the overall risk can be determined, as shown in *Figure 16*.
Note that the transmission risk level plays a special role in the above calculations: It can be defined by the app and be associated with each individual diagnosis key (i.e. specific for each day of an infected person) that is being sent to the server. It contains a value from 1 to 8, which can be used to represent a calculated risk defined by the health authority. As an example it could contain an estimate of the infectiousness of the potential infector at the time of contact and, hence, the likelihood of transmitting the disease. The specific values are defined as part of the [app](https://github.com/corona-warn-app/cwa-app-android/blob/master/Corona-Warn-App/src/main/java/de/rki/coronawarnapp/util/ProtoFormatConverterExtensions.kt) - a motivation of the parameter choices is found in the document [Epidemiological Motivation of the Transmission Risk Level](https://github.com/corona-warn-app/cwa-documentation/blob/master/transmission_risk.pdf).
Note that the transmission risk level plays a special role in the above calculations: It can be defined by the app and be associated with each individual diagnosis key (i.e. specific for each day of an infected person) that is being sent to the server. It contains a value from 1 to 8, which can be used to represent a calculated risk defined by the health authority. As an example it could contain an estimate of the infectiousness of the potential infector at the time of contact and, hence, the likelihood of transmitting the disease. The specific values are defined as part of the [app](https://github.com/corona-warn-app/cwa-app-android/blob/master/Corona-Warn-App/src/main/java/de/rki/coronawarnapp/util/ProtoFormatConverterExtensions.kt) - a motivation of the parameter choices is found in the document [Epidemiological Motivation of the Transmission Risk Level](transmission_risk.pdf).
### Data Transfer and Data Processing

2
translations/README.de.md
View File

@ -1,5 +1,5 @@
<p align="center">
<a href="https://www.coronawarn.app/de/"><img src="https://raw.githubusercontent.com/corona-warn-app/cwa-documentation/master/images/CWA_title.png" width="400"></a>
<a href="https://www.coronawarn.app/de/"><img src="https://raw.githubusercontent.com/corona-warn-app/cwa-documentation/main/images/CWA_title.png" width="400"></a>
</p>
<hr />

2
translations/pruefsteine.de.md
View File

@ -4,7 +4,7 @@ Der Chaos Computer Club (CCC) hat einige [Minimalanforderungen](https://www.ccc.
Der CCC ist eine renommierte europäische Hackervereinigung, die sich mit dem [Spannungsfeld technischer und sozialer Entwicklungen](https://www.ccc.de) befasst: „Die Aktivitäten des Clubs reichen von technischer Forschung und Erkundung am Rande des Technologieuniversums über Kampagnen, Veranstaltungen, Politikberatung, Pressemitteilungen und Publikationen bis zum Betrieb von Anonymisierungsdiensten und Kommunikationsmitteln.“
Dieses Dokument beschreibt, inwieweit die [aktuelle Architektur](https://github.com/corona-warn-app/cwa-documentation/blob/master/solution_architecture.md) die *technischen* Anforderungen erfüllt. In Bezug auf die *politischen* und *epidemiologischen* Anforderungen verweisen wir an das deutsche Bundesministerium für Gesundheit bzw. das Robert Koch-Institut.
Dieses Dokument beschreibt, inwieweit die [aktuelle Architektur](../solution_architecture.md) die *technischen* Anforderungen erfüllt. In Bezug auf die *politischen* und *epidemiologischen* Anforderungen verweisen wir an das deutsche Bundesministerium für Gesundheit bzw. das Robert Koch-Institut.
Wir sind davon überzeugt, dass das Konzept der Corona-Warn-App die technischen Anforderungen des CCC erfüllt. Es sind alle dazu eingeladen, die laufende Implementierung der App zu prüfen und jegliche Probleme, Bedenken oder sonstige Themen offen und transparent [direkt in den Entwicklungs-Repositories](https://github.com/corona-warn-app) zu diskutieren.