Monday, July 21, 2014

Gnocchi Research: Week 10

At the end of Week 9, I found that the Mongoose library (in C) was too difficult for me to work with. As a result, I searched for alternatives. Python-as a language-seemed like a good choice. This was because it had high level operations. Furthermore, Python had better documented APIs than C.

Olga suggested I run with Flask or Cherrypy. Both seemed quite similar and fulfilled the same purpose- providing the API for a web server.

Choosing the Flask API, I started implementing several server-side operations at a functional level. I used the server's file system to do storage.

  • PUBLISHER_REGISTER and SUBSCRIBER REGISTER
    • A POST that registers the publisher/subscriber by storing their public key. 
  • CREDENTIAL_QUERY
    • A GET operation that tells a publisher/subscriber information about a target entity. 
  • ADD_MEMBER
    • A POST that allows publishers to add subscribers. 
  • JOIN_GROUP
    • A POST that lets subscribers request to join a group
  • RETRIEVE_MEMBERSHIP_REQUESTS
    • Publishers GET membership requests from the previous JOIN_GROUP for a particular group
  • SUBSCRIBER_UNREGISTER
    • Deletes a subscriber from all of its groups, freeing up space in the server
  • DELETE_MEMBER
    • Publisher POST that removes a member from a group
    • New encrypted group keys must be uploaded eventually via UPDATE_GROUP_KEY
  • GET_GROUP_KEY
    • Subscriber GET request that retrieves his/her encrypted group key for a particular group
  • RETRIEVE_MEMBERSHIP
    • Publisher GET command that retrieves the members of a group he/she created
  • UPDATE_GROUP_KEY
    • Follow-up to DELETE_MEMBER
    • Publisher POST that uploads new encrypted group keys to everyone who wasn't deleted
  • CREATE_GROUP
    • A GET request by publishers to get a unique Group ID for the keyserver.
    • Also registers that group for the publisher
  • SUBSCRIBER_GROUP_LIST
    • GET request by subscribers that shows what groups he/she is a part of
  • PUBLISHER_GROUP_LIST
    • GET request by subscribers that shows what groups a certain publisher is in charge of
All of these are done on some level aside from UPDATE_GROUP_KEY: That function probably needs some thought first. Perhaps we should use a special file structure that contains users and encrypted keys, which could be parsed by the file server

Additionally, verification will have to be implemented: We don't want the key server to allow a non-creator publisher to delete members of a group :)


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)