1. Introduction Wharf T&T is planning to provide a cloud storage solution which aimed to provide subscribers an instant, secure, flexible and always on network space to store, retrieve and manage their documents anytime, anywhere through Internet access together with other advanced file management features. This document describes the features of this Online Backup Service.2. Service Overview Wharf T&T cloud storage service offers customers a network space to store, retrieve and manage their data hosted in data center. It is suitable for SME customers who has an ever-growing disk space and long retention period requirements in an affordable monthly subscription3. Target Customers Wharf T&T cloud storage service targets all business broadband customers in (1) Hong Kong, and (2) users in other countries (e.g. China) provided that regulations allowed. SME with ever-growing need on storage capacity and long retention period in company size of a. 5TB users -- ~50 user + b. 1TB users -- ~30 user + c. 500GB users -- ~15 user + d. 200GB users -- < 10 user
4. Service Description 4.1. Service Features 4.1.1. System overview • The basic system architecture should include but not limited to: o Centralized Storage Server o Software Client o Web Based Portal o Storage Management Server o User Authentication Server o Network Management Server • The solution should support multi-tenancy on one single system. • The system should avoid any downtime for maintenance or the operation can be seamlessly transferred to another backup server to continue service. • The solution should provide Web API interface, easy operation and integration. • Subscribers can connect to storage space anytime, anywhere through the Web interface. • The solution should provide a simple and fast way for users to increase capacity for expansion. • The solution should ensure file security and ease of access. • The system should allow private encryption key to protect the data with deduplication function disabled, or vis versa. • The system architecture should be well designed and avoid all bottle-neck such as management software, concurrent user access…etc 4.1.2. Disk Drive • Provide a network storage spaces on subscribers’ computer as if it is a virtual local disk drive. • The virtual disk space should be able to perform file achieving and sharing with other users within or outside the same domain. • Subscribers can connect to storage space through Windows client software. It will map the user space into a local disk, through the operation of this disk space to complete the network file management. • The user should also be able to access the data through web portal. 4.1.3. File Transfer 220.127.116.11. Breakpoint resume • The solution should be able to resume all unfinished file transfer to and from the network that interrupted by but not limited to network instability, hardware failure, or outage. The system should record the last break point of the transaction and continue to transfer the remaining part of the files without having to re-transmit the whole file. • The solution should support large file transfers for as large as 10G single or batch file transfers.
18.104.22.168. Smart automatic file transfer • Policy-based automated file transfer, allowing subscribers to transfer files to the source, destination location and number of concurrent threads in terms of transfer time, task priority, failed retries, transmission mode (full, incremental) and customized strategies to achieve unattended file transfer service.4.1.4. File Sharing Mechanism • The solution should include Public and Private file sharing o Public release - All users can see and search this file o Private release (group collaboration) –File cannot be search from the archives directly; need to use extracted code/password/specific link to download this file. • The public and private archives should be able to configure with different access level, include but not limited to, read/write/copy/paste/delete, number of time the user can access the document…etc. • The part of private access level should support the file sharing between the subscriber and their clients (extranet). • File sharing allow user to choose whom to be shared, the number can be multiple, and set user permissions to read and write shared files. Users can check who is sharing their files from their own portal. • The solution should support clustering and load balancing technology. • Server clustering and load balancing should be implemented by but not limited to LVS, NLB, etc., or hardware, such as F5 to achieve.4.1.5. Data Encryption 22.214.171.124. Data encryption transmission (In-flight) • The files should be first encrypted before the file is transferred. • The encrypted files will then transfer to the server by file streaming. • When the file is intercepted by others, the files should be protected by the cipher text. 126.96.36.199. Data encryption storage (At-rest) • The encrypted files should store in the servers physical device, only the user can access their own files and decrypt the content. 188.8.131.52. Private encryption key • The system should be able to provide private encryption key for individual user account to encrypt their data in a more secure approach.4.1.6. Data integrity • The solution should support data integrity check. • Data integrity check is performed while the upload or download of files are completed, check whether the file consistent with the original file.
• The data integrity check should include but not limited to: o Automatic filtering content and ban illegal file transfer capabilities. o Hot-link protection. o Log generation, auditing and monitoring functions.4.1.7. Thin-Provision • The solution should support thin-provision features, which dynamically allocate service capacity, which avoid waste of space and increase efficiency. • Administrators can allocate any space to various services, which are space only when the space actually used to be occupied, and space requirements can grow dynamically with the expansion of service. Other people can also use the pre-allocated space from one client if it is not in use in order to fully utilities the resources. • Other advanced storage features such as volume cloning, storage virtualization and deduplication technology should be proposed. • Over-subscription should be expected in the service.4.1.8. Central Management Server functions 184.108.40.206. User Management • User Status: Show status of all users, including user name, email, status, capacity, frequency of login information. 220.127.116.11. Search to find users • Find the user in accordance with different criteria. 18.104.22.168. Account operation • Operate on the user account, such as activation, warning, data transfer and so on. 22.214.171.124. Storage management • View, add; modify storage path, and data migration implementation of the entire volume. 126.96.36.199. System alert report management • View the reported users status, and to processed. 188.8.131.52. Report management • Notification message and the message is divided into stations. Users can contact or message, and set the messages and message templates. 184.108.40.206. Log Management • Recording system and operation log.4.1.9. Web Portal Management
220.127.116.11. User registration • Provide guidance on registration and user login. Provide the password recover function.18.104.22.168. User Management • User Information View: View users account information, including: o User names o Total space the user used o Change Password22.214.171.124. Document Management • Upload files: Support multiple files upload, upload progress display, speed display, estimated completion time display. • Download the file: support download using downloads tools and breakpoint resume. • Show Files: Displays the files and folders, sharing status, modify time etc. • Search Document: Provide some or the entire file name, search for files. • Shared management: Establish share folder for single or multiple users. • Cancel file sharing. • View users shared folders • Release Archives: is divided into public and private release issued in two ways. o Public release, all users can see and search this file; o Private release, files cannot be searched and require extract code to download this file.126.96.36.199. Log Management • Records of operation and the system log • Language of User Interface o The system’s user interface such as the client application and web portal (and other applicable components) must be multi- language with user configurable setting and real-time switch- able. The multi-language includes English, Simplified and Traditional Chinese. • Administration Tools o The client’s administrator has an administration tool for the following functions: • User Account Management o Client’s administrator can change individual end-user account information on the web portal provided. o Client’s administrator can only access and change the information, e.g. user quota, password, etc., for his own domain/company.
• Quota Control and Monitoring o Client’s administrator can adjust individual user quota. o (Optional) Client’s administrator can subscribe value-added service through the web portal for individual user.4.1.10. Software Client Features 188.8.131.52. Virtual drive letter • Create virtual drive letter at local, users can have the files on disk to operate, as if it is the same local file. 184.108.40.206. File operations • Upload: drag and drop from local disk file directly to the network drive, or right-click copy the local file or folder, cut and paste to a network drive. Upload progress indicator will appear. • Download: drag and drop from a network drive directly to a local disk file, or right-click the disk to perform copy to the network file and folder, or cut and paste to a local disk, download progress indicator will appear. Similar to upload process, if an abnormality occurs during the download, it will also prompt an error on the desktop. 220.127.116.11. Other operations • Copy, paste, create, delete, rename and other operations, and the same local file. 18.104.22.168. Shared management • Publish a posted file, or create shared folder. • View a list of published files. 22.214.171.124. System Settings • Transfer settings: Set the maximum number of tasks simultaneously transmitted, number of retries, the retry interval and other parameters. • Check for encryption status. 126.96.36.199. Log Management • Recording system and operation log.4.1.11. Service Resiliency High availability facility for the cloud storage service should be available to ensure service quality and availability would not be compromised.4.1.12. Auto Failover • Auto and manual failover to backup server during service outage, which allow users to continue business operation with minimal impact.