Commit 7dce2fd1 authored by Dillenn Terumalai's avatar Dillenn Terumalai 🏠


parent 6966f430
Pipeline #1217 passed with stage
in 2 minutes and 56 seconds
......@@ -4,6 +4,7 @@ This is the GitLab repo of the official transfer-tool for SPSP.
## Table of Contents
- [How does the Transfer Tool (TT) work?](#how-does-the-transfer-tool-tt-work)
- [Getting Started](#getting-started)
- [Set up a shared drive between users of the same SPSP group](#set-up-a-shared-drive-between-users-of-the-same-SPSP-group)
- [Upload the SSH public key](#upload-the-SSH-public-key)
......@@ -12,7 +13,25 @@ This is the GitLab repo of the official transfer-tool for SPSP.
- [Verify the public key](#verify-the-public-key)
- [Use the transfer-tool](#use-the-transfer-tool)
- [Use the automatic mode](#use-the-automatic-mode)
- [Authors](#authors)
- [Authors](#authors)
## How does the Transfer Tool (TT) work?
To understand how the TT works, it helps to look at a diagram. In the example below, Labo1 wants to send DNA sequences of bacteria/viruses in a protected manner. The SPSP server has a public key and a private key, which are two mathematically related encryption key. The public key can be shared with anyone, but only the SPSP server has the private key.
First, Lab1 uses the TT to compress the sequences files (*.fastq) and metadata file (*.xlsx) into a tar.gz archive.
Then, the TT signs the previously generated archive using SHA-256 algorithm which generates a hash specific to the archive, meaning that if the content changes even slightly, the hash will be completely different.
After that, the TT uses SPSP’s public key to encrypt the archive, turning it into somehting called ciphertext – scrambled, seemingly random characters.
Finally, the encrypted archive and the hash are uploaded using SFTP protocol which runs over the SSH protocol (which provides communication security and strong encryption).
On the server side, once the archive is properly uploaded, the server will try to decrypt the encrypted archive using its own private key. Then, it will compare the uploaded hash to the hash generated by the server from the decrypted archive to ensure that the content was never changed during the transfer. Finally, if everything goes well, the metadata file is parsed and loaded inside the database. As the server cannot guess for which project of the laboratory the uploaded sequences belong to, an assignment task will be generated.
Advantages of the transfer-tool and SFTP services:
- **It keeps the data safe from hackers.** End-to-end encryption means fewer parties have access to the unencrypted data.
- **It uses a secured tunnel.** SFTP protocol protects the integrity of the data using encryption and cryptographic hash functions, and authenticates both the server and the user.
- **It checks that the data is left untouched.** By generating a hash, the TT makes sure that the data was never modified during the whole process.
![Transfer Tool Diagram](.gitlab/diagram.png)
## Getting Started
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment