Producer Architecure » History » Revision 3
Revision 2 (Suravi Regmi, 11/26/2025 07:41 PM) → Revision 3/4 (Suravi Regmi, 11/28/2025 04:07 PM)
# Producer Architecure ## Overview The producer ingests data, converts it into NDN-named packets, attaches attributes, applies NAC-ABE encryption, and publishes encrypted data, CKs, and manifests to the NDN network. It loads configuration, certificates, ABE parameters, and stream settings at startup and then runs continuously as the system’s data source. --- ## Configuration Inputs - **producerPrefix** – NDN identity for naming and signing packets - **aaPrefix** – Prefix where AA publishes ABE parameters - **dbName** – Lookup database for semantic-location attributes - **producerCertPath** – Certificate for signing outgoing data - **aaCertPath** – Certificate for validating AA material - **trustSchemaPath** – Producer’s trust schema - **attributeMappingFilePath** – Maps streams to attribute rules - **granularity** – CK rotation granularity (sec/min/hr) - **streams** – Stream prefixes + per-stream certificates - **port** – port that Reciever listens to get the data --- ### DataAdapter A Receiver listens on port **15000**. Data arrives either from the data-generator or from pre-generated file insertion. Each incoming JSON payload provides: **streamName** , **metaData**, **streamContent** CSV payload containing all rows. DataAdapter converts the logical name into an NDN-style stream prefix and begins processing. When the **semantic-location** stream arrives, its rows are inserted into the lookup DB. to generate timestamp-based attributes for all other streams. Metadata is published once per stream. Each Data Row is then made into NDN Names with its attribute list. Each data row is then sent to the Publisher as `<name, rawRow, attributeList>`. ### Publisher The Publisher receives each data row and its attribute list from the **DataAdapter** . For every data packet: The Publisher sends the raw data and its attributes to **NAC-ABE** . NAC-ABE returns two things: ** encrypted DATA & encrypted CK segments** generated for that data. The Publisher hands all encrypted segments to the **QueueManager** for paced publishing. ### QueueManager The QueueManager receives encrypted DATA, CK, and MANIFEST packets from the Publisher and places them into a **disk-backed queue** for reliable delivery. It controls publishing through a **fixed-size window** , ensuring the repo is not overwhelmed by high-rate streams. Each queued item is retried with exponential backoff on timeout and acknowledged only after the repo confirms insertion. As DATA is inserted, the QueueManager tracks per-stream batches, g **enerates MANIFEST packets** , and enqueues those as well. Once a MANIFEST is successfully inserted into the repo, the QueueManager **triggers a PSync** update so consumers learn that new data is available. ### RepoPublisher RepoPublisher is the component that actually inserts DATA, CK, and MANIFEST packets into the repo using the NDN repo-insert command flow. It registers the necessary prefixes, serves the Data packet once the repo asks for it, and sends the repo ** “notify”** Interest that triggers the insert. All outgoing insert commands are wrapped under ``` /producerPrefix/msg/<repo>/insert/<nonce> ``` and signed before transmission. It retries notify Interests with backoff until the repo acknowledges the insert. ### Validation **Bootstrap** Producer loads: trust schema, trust anchor, producer cert, AA cert, per-stream certs. **NAC-ABE** Producer’s NAC-ABE instances fetch ```/ndn/md2k/mguard/aa/PUBPARAMS``` and ```AA KEY```. Validate ```PUBPARAMS``` against **AA cert + trust schema** . **Data plane** NAC-ABE uses **stream cert + AA cert** to generate **signed encrypted DATA + CK** QueueManager creates signed MANIFESTs using **stream cert** , passes all to RepoPublisher. RepoPublisher uses **producer cert** to sign repo insert control Data and drives notify/msg/insert to the repo. **Sync + discovery** Publisher serves the **producer cert** and **per-stream certs** on KEY Interests. QueueManager + PSync publish manifest updates (name/seq) signed by the **producer’s identity context** .