APEL/SSM2Overview

From EGIWiki
< APEL
Revision as of 16:54, 17 December 2012 by Wrogers (talk | contribs) (Created page with "* Back to APEL/SSM '''These notes refer to SSM version 2. See APEL/SSM1Overview for notes on SSM1.''' Please send suggestions and queries to apel-admins@mailtalk.ac.uk....")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

These notes refer to SSM version 2. See APEL/SSM1Overview for notes on SSM1. Please send suggestions and queries to apel-admins@mailtalk.ac.uk.

Introduction

The Secure Stomp Messenger (SSM) is a python package designed to send arbitrary files using ActiveMQ and the STOMP protocol. Its key features are:

  • It uses the underlying filesystem to store outgoing and / or incoming messages
  • It sends arbitrary files from a client to a server SSM
  • It can use any broker configured to use STOMP
  • Files are signed and may be encrypted during transit using X509 certificates

Interface

The SSM is designed to have a simple interface, which isolates it from any other components it may be used with.

Very simplified version

  1. The sending and receiving SSMs are configured to communicate using a specified topic.
  2. A file is written to the sending SSM's 'outgoing' directory (by some other process) - see APEL/SSM2AddingFiles.
  3. The file disappears from outgoing directory.
  4. The file appears in receiving SSM's 'incoming' directory.

Less simplified version

  • The sending SSM:
    • requests the receiving SSM's certificate
    • takes files from a directory on its filesystem
    • encrypts (using requested certificate) and signs (using own key) the files
    • sends the encrypted files to a specified ActiveMQ topic.
  • The receiving SSM:
    • receives the message from the topic
    • decrypts the message (using own key)
    • retrieves the sender's certificate (from signature)
    • stores the message and the sender's certificate DN (in separate files) in a directory on its filesystem.

Once the sending and receiving SSMs are configured and running correctly (this is not yet a trivial process), the details of this process are not important. If you are sending a message, put a file in the correct outgoing directory and it will disappear. It will promptly appear in the incoming directory of the receiving SSM.