Producer Architecture¶

Overview¶

The producer ingests data, converts it into NDN-named packets, attaches attributes, applies NAC-ABE encryption, and publishes encrypted data, CKs, and manifests to the NDN network. It loads configuration, certificates, ABE parameters, and stream settings at startup and then runs continuously as the system’s data source.

Configuration Inputs¶

• producerPrefix – NDN identity for naming and signing packets
  
• aaPrefix – Prefix where AA publishes ABE parameters
  
• dbName – Lookup database for semantic-location attributes
  
• producerCertPath – Certificate for signing outgoing data
  
• aaCertPath – Certificate for validating AA material
  
• trustSchemaPath – Producer’s trust schema
  
• attributeMappingFilePath – Maps streams to attribute rules
  
• granularity – CK rotation granularity (sec/min/hr)
  
• streams – Stream prefixes + per-stream certificates
  
• port – port that Reciever listens to get the data

DataAdapter¶

A Receiver listens on port 15000. Data arrives either from the data-generator or from pre-generated file insertion.
Each incoming JSON payload provides: streamName , metaData, streamContent CSV payload containing all rows. DataAdapter converts the logical name into an NDN-style stream prefix and begins processing.
When the semantic-location stream arrives, its rows are inserted into the lookup DB. to generate timestamp-based attributes for all other streams.
Metadata is published once per stream.
Each Data Row is then made into NDN Names with its attribute list. Each data row is then sent to the Publisher as <name, rawRow, attributeList>.

Publisher¶

The Publisher receives each data row and its attribute list from the DataAdapter . For every data packet:
The Publisher sends the raw data and its attributes to NAC-ABE .
NAC-ABE returns two things: ** encrypted DATA & encrypted CK segments** generated for that data.
The Publisher hands all encrypted segments to the QueueManager for paced publishing.

QueueManager¶

The QueueManager receives encrypted DATA, CK, and MANIFEST packets from the Publisher and places them into a disk-backed queue for reliable delivery.
It controls publishing through a fixed-size window , ensuring the repo is not overwhelmed by high-rate streams.
Each queued item is retried with exponential backoff on timeout and acknowledged only after the repo confirms insertion.
As DATA is inserted, the QueueManager tracks per-stream batches, g enerates MANIFEST packets , and enqueues those as well.
Once a MANIFEST is successfully inserted into the repo, the QueueManager triggers a PSync update so consumers learn that new data is available.

RepoPublisher¶

RepoPublisher is the component that actually inserts DATA, CK, and MANIFEST packets into the repo using the NDN repo-insert command flow.
It registers the necessary prefixes, serves the Data packet once the repo asks for it, and sends the repo ** “notify”** Interest that triggers the insert.
All outgoing insert commands are wrapped under /producerPrefix/msg/<repo>/insert/<nonce> and signed before transmission.
It retries notify Interests with backoff until the repo acknowledges the insert.

Validation¶

Bootstrap
Producer loads: trust schema, trust anchor, producer cert, AA cert, per-stream certs.

NAC-ABE
Producer’s NAC-ABE instances fetch /ndn/md2k/mguard/aa/PUBPARAMS and AA KEY.
Validate PUBPARAMS against AA cert + trust schema .

Data plane
NAC-ABE uses stream cert + AA cert to generate signed encrypted DATA + CK
QueueManager creates signed MANIFESTs using stream cert , passes all to RepoPublisher.
RepoPublisher uses producer cert to sign repo insert control Data and drives notify/msg/insert to the repo.

Sync + discovery
Publisher serves the producer cert and per-stream certs on KEY Interests.
QueueManager + PSync publish manifest updates (name/seq) signed by the producer’s identity context .