Storage Modules
The following diagram shows the architecture of the repository storage framework.
Each storage module implements the Repository API. They differ in what additional functionality they provide and whether or not they delegate the actual storage to another storage module. The areas of focus for the storage models include:
- Local Filesystem Based Storage
- Memory Based Cached Storage
- AWS S3 Bucket Based Storage
- Validated Document Based Storage
- Remote Document Repository Service Based Storage
The local storage module uses the local filesystem as its document repository. This storage module is not considered secure and is generally only used for testing purposes.
The cached storage module maintains a memory based cache in front of another storage module. Only named citations and signed contracts are cached since they are immutable. If a citation or document is not in the memory cache, the backend storage module is called to retrieve it and the result is cached. When the cache is full, the oldest entry in the cache is deleted before another entry is added.
The S3 storage module uses the Amazon Web Services (AWS) Simple Storage Service (S3) as its storage mechanism. Named citations, documents and messages are stored in their own S3 buckets that enforce the access controls required by each type of document.
The validated storage module checks to make sure all notarized documents are valid before forwarding on requests to the backend storage mechanism. When documents are retrieved, they are validated using the cited public certificate before being returned to the client. When documents are being stored, they are validated using the cited public certicate before being stored in the backend storage module.
The remote storage module delegates the document repository capabilities to a remote document repository service that exposes an HTTPS web service interface.