github.com/google/exposure-notifications-server
The Exposure Notifications Server projects are scheduled to move into archive status on July 1, 2023.
v1.17.0 is the last planned regular release. Maintenance releases may be published before the public archive date if necessary to address issues that may arise.
The Exposure Notifications Authors want to thank everyone who contributed to this project either directly or indirectly
COVID‑19 Exposure Notifications API
Exposure Notification Reference Key Server Documentation
In our continued effort to help governments and health authorities during the COVID-19 pandemic, we have authored an open source reference implementation of an Exposure Notification Key Server.
The server reference in this repository implements the Exposure Notifications API and provides reference code for working with Android and iOS apps that are built by public health authorities. The reference server source code is available on GitHub and can be deployed on any infrastructure or cloud provider selected by a public health authority.
Our hope is by making this privacy-preserving server implementation available to health authorities, we can enable their developers to use the open source code to get started quickly.
The server is responsible for the following functions:
Accepting the temporary exposure keys of affected users from mobile devices.
Validating the temporary exposure keys using the device attestation API.
Storing the temporary exposure keys in a database.
Periodically generating incremental files that will be downloaded by mobile devices to perform the key matching algorithm on the mobile device.
Sending a public key to devices, and digitally signing the incremental files with a private key.
Periodically deleting old temporary exposure keys. After 14 days, or configured time period, the exposure keys can no longer be matched to a device.
You can read tutorials on deploying and using the reference Exposure Notification Key Server here:
If you have a question about Exposure Notifications in your region, please contact your local public health authority directly.
You can open a GitHub Issue. Please be sure to include as much detail as you can to help aid in addressing your concern. If you wish to reach out privately, you can send an e-mail exposure-notifications-feedback@google.com.
Contributions to this project are welcomed. For more information about contributing to this project, see the contribution guidelines.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
