a comprehensive healthcare demo for cancer and disease research with HIPAA/GDPR-aligned control mapping and simulated federated telemetry
This repository is a full-stack platform spanning frontend operations UX and backend federated security enforcement:
- Frontend layer: interactive browser dashboard in
index.html,styles.css, andapp.jswith workflow modules for trials, compliance, metrics, governance, and WAL simulation. - Backend security layer: Python Flower security wrapper in
flower_security_wrapper/security_wrappercovering policy checks, attestation, signature controls, slashing logic, SIEM forwarding, and WAL persistence. - Verification layer: CI/workflow-driven lint, tests, artifact capture, and beta compliance evidence under
docs/beta.
Read the formal onboarding document: The Genesis Manifesto: Sovereign Mohawk Ecosystem
Source markdown: docs/GENESIS_MANIFESTO.md
Key references:
- Protocol implementation: flower_security_wrapper/README.md
- Compliance evidence: docs/beta/COMPLIANCE_EVIDENCE.md
- Global map dashboard: index.html
- Flower Security Wrapper: policy-gated update admission for federated rounds with signed update checks and governance enforcement (wrapper details).
- Attestation Mode Controls: alias-aware attestation mode normalization and signature-algorithm checks for quote-based verification (attestation verifier).
- Governance Readiness Gates: optional readiness signal gates layered into deterministic governance admission checks (governance contract).
- Round Benchmark Hooks: per-round performance and rejection breakdown telemetry with optional callback hook for observability pipelines (wrapper strategy).
- Compliance Mapping: direct evidence links for HIPAA and GDPR controls (Compliance Evidence, Beta Release Plan).
- Interactive Dashboard: built-in 47-node aggregated regional map simulation with click-through interactions across federated regions (dashboard entry point).
- DPIA Generator: built-in GDPR impact assessment workflow with validation and draft report generation (dashboard section in app, compliance evidence).
This platform supports multi-center oncology collaboration where hospitals can jointly improve models for early risk stratification, treatment response estimation, and trial cohort matching without sharing raw patient data.
In this workflow, each site trains locally, submits signed updates through policy-gated federated rounds, and receives governance-audited global improvements. The goal is faster translational learning across institutions while preserving privacy and compliance boundaries.
This repository now includes a standalone interactive dashboard:
index.htmlstyles.cssapp.js
Run it locally with any static file server:
cd /workspaces/Sovereign_Mohawk_Oncology_Global
python3 -m http.server 8080Then open http://localhost:8080 in your browser.
To use the backend-fed HUD state endpoint, run python flower_security_wrapper/example_server.py --serve from flower_security_wrapper/ and open the served site from that process.
- Dashboard with 47-node aggregated regional map simulation and FL stage interaction
- Research Trials view with drill-down rows and disease filtering
- FL Pipeline with live MOHAWK runtime-style log stream and capability allow/block lists
- HIPAA/GDPR control mapping table (10 controls)
- Security architecture cards (Wasmtime, TPM, Ed25519, DP, SecAgg, zero-trust)
- Consent management toggles
- Prometheus metrics simulator:
- Feed switcher: FL Throughput, Epsilon Consumption, Round Latency P95, Node Health
- Time window switcher: 30s / 1m / 5m
- Dynamic alarm state: normal/warn/critical
- Regional availability and sandbox violation indicators
- GDPR DPIA Generator (5 steps):
- Processing description
- Necessity and proportionality checks
- Risk assessment
- Data subject rights
- Supervisory authority consultation trigger
- Validation and report generation
- LLM Input Workflow:
- Model registry form with provider/task/risk profile capture
- Prompt-template validator with placeholder and identifier checks
- Governance gate checklist with readiness evaluation
- Execution audit viewer with simulated trace events
- Helper buttons and auto-tuners for safer defaults and control tuning
- WAL Ledger Integration:
- CockroachDB/etcd-style append-only, hash-chained WAL controls in dashboard UI
- Signed-ack integration mode, term/commit metadata, verification, export, and replay views
- Linked backend implementation in
flower_security_wrapper/security_wrapper/wal_ledger.py
- Assistance Agent + Threat Analysis:
- Assistance agent mode switcher for research planning, protocol review, and compliance review
- Smart helper prompt loader and automated review packet generator
- Confidence-scored assistance output tied to platform status indicators
- STRIDE-style overall threat analysis table with dynamic scoring
- Mitigation auto-tuner that adjusts threat posture based on governance and PHI controls
- Professor Plan:
- 90-day roadmap controller (Weeks 0-2, 3-6, 7-12) with translational milestones
- Plug-and-play equipment matrix for lean, mid-scale, and comprehensive centers
- Standards/governance completion checklist with required-coverage scoring
- Procurement and pilot auto-builder with CAPEX estimates and PI executive brief generation
- Security Gold Standard Operations:
- Today Action Sprint checklist with auto-apply for feasible immediate controls
- Control scorecard across zero trust, attestation, key management, supply chain, runtime, SOC, and LLM safety
- 30/60/90 security roadmap views with phase-specific priorities
- Security SLO tracker and escalation pack generator for critical metric gaps
- Runtime, metrics, and HUD state are simulated in-browser for demo/testing.
- No PHI or external APIs are used in this prototype.
See the contributor guide: CONTRIBUTING.md
- Add tests for governance contract decisions, rejection taxonomy, and adversarial scenarios.
- Improve attestation, nonce-store, and SIEM integration validation with more edge cases.
- Enhance dashboard UX with accessibility improvements and clearer risk/compliance states.
- Improve CI diagnostics and artifact quality checks for faster failure triage.
- Expand docs with architecture diagrams and incident/beta release runbooks.
- Security hardening:
- Stronger poisoning detection heuristics and benchmark datasets.
- More TPM attestation parsing and verification fixtures.
- Compliance automation:
- Additional HIPAA/GDPR evidence mappings and export templates.
- Better DPIA output quality and governance gate evidence capture.
- Developer experience:
- More contributor-friendly examples for local simulation and testing.
- Faster local verification scripts and make-style task shortcuts.
A concrete Flower security wrapper skeleton is included in flower_security_wrapper/README.md.
This wrapper adds policy-gated update admission, rejection taxonomy, and immutable JSONL audit events for federated training rounds.
This repository now includes Beta release automation for CI, package builds, Pages demo deployment, and evidence artifacts.
- CI: lint, tests, pentest simulations, coverage, package build, artifact upload
- Deploy Demo to GitHub Pages: deploys
index.html,styles.css, andapp.js - Beta Artifact Capture: captures release evidence bundles on
beta-*tags or manual dispatch
Python package metadata for the Flower wrapper is in flower_security_wrapper/pyproject.toml.
Local build:
cd flower_security_wrapper
python -m pip install --upgrade pip
pip install -r requirements-dev.txt
python -m buildAfter main workflow deployment, the dashboard is available on GitHub Pages at:
https://<owner>.github.io/Sovereign_Mohawk_Oncology_Global/
Compliance and control-evidence docs:
These capture how Beta controls map to:
- HIPAA 164.502 / 164.514 / 164.312 / 164.312(b)
- GDPR Art.5 / 25 / 30 / 32 / 89
Artifact capture helper:
Generated artifacts include:
- policy snapshots
- git commit/status evidence
- test/build outputs from workflows (
junit.xml,coverage.xml,dist/*)