python - Django trusted server for file processing-distributing-retrieving -
i newbie in django having project in mind accomplish , wondering proper architecture , path take towards following scenario:
i have trusted server has following duties: 1. authenticates user 2. receives file user , transforms n segments performing algorithm of mine (presume 1 rabin's ida or all-or-nothing transform (aont)), , stores each produced segment on other pre-defined distinct servers. 3. in downloading phase, server authenticates user, retrieves segments of corresponding requested file storage servers, combines segments construct file , delivers user.
what opaque me needed elements on storage sides: how trusted server communicate storage severs , retrieves segments? how can provide trusted server request storage servers file x belongs user y?
what had in mind provide each segment specific metadata generated using hash function has file id , users id inputs.
i grateful if provided me road map , elements need consider on each side project. on view suffices. thank much.
there many ways go this, each strengths , weaknesses.
common solutions comes me setup:
- the trusted server (ts) receives file in first place (upload server)
- ts applies algorithm , list of segments (also files)
- segments may individually encrypted(?)
ts stores metadata in database so:
| user |--<| file |--<| segment |>-<| server |
a file gets id, say: 338977fe-36f3-4397-bd60-a9ce94146af0 (uuid) , whatever metadata needed
- a segment gets uuid too, foreignkey file belongs to, , servers it's stored on
- the database stores segments in order can assembled file again
the file id may returned user future retrieval, or can list of files ts.
i think of 2 ways ts can send , retrieve segments storage servers (let's call them sa, sb, sc ...):
use simple web service on storage servers read , write segments, e.g. write https post:
sa.storagesyste.com/segments/7fd960e2-7c77-4a17-bb67-813377a83443/
to read segment, https same url. requires simple web service running on each storage server. whether want authentication on storage servers you, need know exact key file, may enough. approach, have desktop client retrieve segments - on download list of segment ids , download them.
alternatively, if you're on unix or linux, use scp
transfer files between ts , storage servers. way can use ssh
pki infrastructure of unix/linux add security in manageable way. approach ts need collect segments , regenerate file, user can download.
Comments
Post a Comment