Difference between revisions of "APEL/SSMOverview"
< APEL
Jump to navigation
Jump to search
m |
|||
(2 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
* Back to [[APEL/SSM]] | * Back to [[APEL/SSM]] | ||
'''These notes refer to SSM version 1. Please send suggestions and queries to apel-admins | '''These notes refer to SSM version 1. See [[APEL/SSM2Overview]] for notes on SSM2.''' Please send suggestions and queries to apel-admins [at] stfc.ac.uk. | ||
== Introduction == | == Introduction == | ||
Line 36: | Line 36: | ||
** stores the message and the sender's certificate DN (in separate files) in a directory on its filesystem. | ** stores the message and the sender's certificate DN (in separate files) in a directory on its filesystem. | ||
Once the sending and receiving SSMs are configured and running correctly | Once the sending and receiving SSMs are configured and running correctly, to send a message, put a file in the correct outgoing directory and it will disappear. It will promptly appear in the incoming directory of the receiving SSM. | ||
[[Category:Accounting]] | [[Category:Accounting]] |
Latest revision as of 19:13, 1 November 2018
- Back to APEL/SSM
These notes refer to SSM version 1. See APEL/SSM2Overview for notes on SSM2. Please send suggestions and queries to apel-admins [at] stfc.ac.uk.
Introduction
The Secure Stomp Messenger (SSM) is a python package designed to send arbitrary files using ActiveMQ and the STOMP protocol. Its key features are:
- It uses the underlying filesystem to store outgoing and / or incoming messages
- It sends arbitrary files from a client to a server SSM
- It can use any broker configured to use STOMP
- Files are encrypted during transit using X509 certificates
- Files are sent sequentially - the next file is sent only when receipt of the previous file is confirmed
Interface
The SSM is designed to have a simple interface, which isolates it from any other components it may be used with.
Very simplified version
- The sending and receiving SSMs are configured to communicate using a specified topic.
- A file is written to the sending SSM's 'outgoing' directory (by some other process)
- The file disappears from outgoing directory.
- The file appears in receiving SSM's 'incoming' directory along with a second file containing the sending SSM's certificate DN.
Less simplified version
- The sending SSM:
- requests the receiving SSM's certificate
- takes files from a directory on its filesystem
- encrypts (using requested certificate) and signs (using own key) the files
- sends the encrypted files to a specified ActiveMQ topic.
- The receiving SSM:
- receives the message from the topic
- decrypts the message (using own key)
- retrieves the sender's certificate (from signature)
- stores the message and the sender's certificate DN (in separate files) in a directory on its filesystem.
Once the sending and receiving SSMs are configured and running correctly, to send a message, put a file in the correct outgoing directory and it will disappear. It will promptly appear in the incoming directory of the receiving SSM.