Routing for Standalone Infrastructure

SOFiE Routing Mechanism

SOFiE allows the usage of encryption/sending and receipt/decryption functionalities independantly from each other.
Standalone infrastructures have therefore a simple and secured way to exchange files with others SOFiE participants.
The following picture illustrates the SOFiE routing mechanism:



Transfer From User 999900203 To CCSS

The SOFiE participant 999900203 wants to transmit data to the CCSS but does not have an internet connection, and therefore has to work in standalone mode.
His collegue having the user 999900201 has nevertheless a SOFiE installation in connected mode.

The user 999900203 uses the encryption function and selects the CCSS as a destinator of his file.
SOFiE detects that the user 999900203 is not in connected mode (offline) and save the securized file on the disk.
The user 999900203 transmits the file to his collegue having the user 999900201 by the intermediary of a disk or USB-stick or any other means.
The user 999900201 uses the sending functionality to transmit the file to the CCSS.
As the user 999900201 does not have the private key of the CCSS, he can’t access the contents of the file.
Only the CCSS can access to the contents,using his private key.


Transfer From CCSS to User 999900203

The CCSS responds to the user 999900203, by sending back a response file.
The CCSS selects the user 999900203 as a destinator.
SOFiE automatically detects, that the user 999900201 is declared as an intermediary for every communication with user 999900203.

SOFiE encrypts the file using the certificate of the user 999900203, but sends the file to the user 999900201.
Again the user 999900201 does not have the private key of the user 999900203 so he isn’t able to decrypt the contents of the file.
After the receipt, the crypted file is put in a special directory(see SOFiE folder hierarchy) from which it can be transfered via disk or USB-stick (or any other medium) to user 999900203.
Only the user 999900203 has the corresponding private key and therfore is able to decrypt the file.