Terminology
Transfer General (TG) is a secure and high-speed data migration solution designed for transferring sensitive data between cloud platforms and data centers. The system utilizes strong cryptography to enable secure data transfer and storage. Transfer General consists of two main components - Transfer General Console (TG Console) and Transfer General Nodes (TG Nodes).
| Transfer General Console (TG Console) | A web-based management dashboard that provides centralized control over the Transfer General system. TG Console enables administrators to initialize the system, manage TG Nodes, control data transfers, and handle key rotation. |
| Transfer General Node (TG Node) | Secure endpoints deployed at source and destination locations that handle data encryption, storage, and transfer. Each node can both send and receive data, providing flexible migration paths between any connected locations. |
| Server General Admin (sgadmin) | System administrator responsible for managing TG Console and TG Nodes, controlling vault operations, handling data transfers, and rotating encryption keys. Uses TG Console web interface for management tasks. |
| Security Officer (SO) | An authorized entity that manages system security and Data Administrators. Uses the Security Officer Master Key (SMK) for security administration tasks. |
| SMK | Security Officer Master Key - a passphrase generated during the initialization of Transfer General, used for security administration and managing Data Administrators. |
| Data Administrator (DA) | An authorized entity who manages sensitive data sets and transfer operations. Uses the Data Administrator Master Key for vault access and data operations. |
| DMK | Data Administrator Master Key - a passphrase used to encrypt/decrypt data encryption keys and manage vault access. Used for data operations and transfer management. |
| Vault | Encrypted storage within a TG Node. When opened, allows reading and copying data in/out. When closed, data remains encrypted and inaccessible. Automatically closes during transfers to preserve data integrity. |
| Uploader | SFTP user (/home/uploader) assigned to upload data to a source TG Node. Uses the /home/uploader/upload directory, which is encrypted and protected. |
| Downloader | SFTP user (/home/downloader) assigned to download data from a destination TG Node. Uses the /home/downloader/download directory, which is encrypted and protected. |
| Direct Transfer | Secure transfer of encrypted data directly between TG Nodes using private, authenticated connections. |
| Data Owner | The data owner is typically the person or entity that has legal ownership or custodianship of the data, and is ultimately responsible for its proper use and management throughout its lifecycle. |
| Partner | A partner refers to an entity or organization with whom the data owner wishes to share data. |
| Google Cloud Storage | A Google Cloud storage bucket is a cloud-based object storage solution offered by Google Cloud Platform that allows users to store and access data objects. In the context of TG, a Google Cloud storage bucket is used as a storage location for encrypted data uploaded by the TGM, which can then be accessed and distributed as needed through the use of TGRs. |