Upspin is in its early stages, but it has great potential

Feb 22, 2017 14:17 GMT  ·  By

Google revealed a new open source project called Upspin, which seeks to improve the current file sharing mechanism available across the Internet. In short, by giving a file an Upspin name, it can be securely shared across the Internet, copied efficiently without having to upload or download it, while anyone with permission can access it from anywhere in the world. 

"Our target audience is personal users, families, or groups of friends. Although Upspin might have application in enterprise environments, we think that focusing on the consumer case enables easy-to-understand and easy-to-use sharing," the company said.

This experimental project isn't the typical file sharing system, but rather a set of protocols which can be used to connect file systems and storage services to a universal name space. "Performance is not a primary goal. Uniformity and security are," Google explains.

This project obviously has plenty of enterprise applications, but Google wants to make it easier for home users to understand file sharing and to make it easier for them to do this.

The mechanics

So here's how it works. When you give a file an Upspin name, it can be copied without you having to upload and download data streams. It can be shared securely with anyone with permission to access the network.

The file name begins with a user's email address, followed by a slash-separate Unix-Like path name. Google gives [email protected]/dir/file as an example. This link is then evaluated by Upspin to identify files and directories.

If the user wants to extend permission, they can add a file called "Access" to the directory which describes the permissions they want to grant. For instance "read: [email protected]." This allows Joe to read any of the files in the directory holding the Access file and also in its subdirectories. This access is enforced end-to-end cryptographically, so cleartext only resides on Upspin clients, while the use of cloud storage does not extend the trust boundary.

"Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world," Google notes.

The company adds that Upspin is not an "app" or a "web service." Instead, it says it's a suite of software components intended to run on the network and on devices connected to it. It's a layer of infrastructure that other software and services can build on to facilitate secure access and sharing.