Administration System¶
Overview¶
The adminsitration server must handle the following interactions:
- A user attempts to upload media to the trusted destination's server via Tor-wrapped HTTPS. The server must log this request in its secure database, and respond with an authentication token which must be attached to the user's upload.
- A user, having received its upload token, uploads media to the trusted destination's server over Tor-wrapped HTTPS. The server must monitor the upload, and be sure the received data matches the expected checksum reported in step 1, as well as notify the user once the upload has completed.
- The trusted administrator would like to view the submissions to the server over the past few days. By logging-in to the server, this password is used to decrypt (via PGP) any media contained on the server.
- The administrator would like to contact a user directly to get more information about media received. The server should be able to connect to the original user to send an encrypted message.
Specifications¶
Each trusted destination should maintain a server that can handle secure uploading, viewing, and administration of media. This server should:
- Be Tor-enabled, so as to run Hidden Services (this allows the server to hide its IP address, or appear "offline" and still receive/transmit data to other users)
- Have a lightweight web server to grant permission for uploading files and register users to the app
- Be able to accept https uploading (securely, also via Tor Hidden Services)
- Have the MATLAB Runtime Environment installed to perform image verification tests
- Utilize a JSP-based web interface to view, decrypt and audit media using our custom Java-based libraries.
A server should have the following software installed:
- Tor
- CouchDB
- LightTPD (lightweight, secure webserver)
- PHP-5 (with cURL and GD)
- Maven 3
- Jetty
- FFMPEG
- Truecrypt
- MATLAB Runtime Environment
- Java (depending of server's build/OS, Sun's distro of Java 6 or Oracle's Java 7 -- Jetty/Maven will not run properly using the OpenJDK)
- Git (for pulling recent builds of supported codebases)
- GPG (which should already be installed by default)
A server should also have the following codebases installed
- SagCouch (a CouchDB library for PHP)
- python-daemon (for daemonizing custom python scripts)
Instructions for installing/building these applications can be found here.
Security¶
Special attention should be paid to the security of each of these modules. IPTables should be updated to drop connections from any known malicious IP addresses. Furthermore, certain modules, i.e. those accessible via hidden services, should only accept connections from Tor traffic, meaning all non-tor traffic should be dropped.