Build your own sharing system, with help from Google engineers

From the minds at Google, Upspin is an open source project for building file-sharing infrastructure, but it's a long way from mass consumption

Engineers at Google have unveiled Upspin, an experimental open source project for creating file-sharing infrastructure that works "securely, uniformly, and globally."

It isn't yet competition for the likes Box or Dropbox. But in time, its creators hope it could serve as the underpinnings for exactly that.

A place for everyone's stuff

From the outside, Upspin -- not an official Google offering, but one created by some of its employees -- looks like a shared file system with namespaces for each user. But the real value, according to its creators, is "a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world."

Upspin allows users, identified by an email address, to create accounts and have files associated with those accounts. It uses existing metaphors based on Unix pathnames and URLs. If you wanted to access files for a user named dave@myplace.com in his /photos/wedding directory, for instance, you'd use the path dave@myplace.com/photos/wedding, a format simple enough that nontechies can understand it. Users can grant access rights to others on Upspin, singly or in groups, for specific directories.

This is implemented by three server components: one for users' public keys, one or more for storage, and one or more for user directories. Data is stored encrypted at rest, and anyone given access to data is also automatically provided with the needed decryption keys. A client application allows Upspin directories to be presented as if they were part of the local filesystem.

Waiting for the rest of the pieces

Upspin's design isn't as decentralized as similar projects. Data is not sharded or replicated across multiple storage servers, for instance, unless that's a native property of the back end in use.

That said, the server components can be self-hosted, an advantage in the same manner as store-it-yourself projects like OwnCloud. Upspin's creators have set up a default central keyserver that's publicly accessible, but nothing is preventing that from being replicated elsewhere. Likewise, the default implementation for file storage is Google Cloud Storage, although that could be changed as needed.

Right now, Upspin's design and execution addresses these issues only in theory, since the project is in the early, experimental phases. It relies on the command line and a great deal of manual heavy lifting, so anyone expecting a GUI or a novice-friendly setup will be let down. If its intended audience is "personal users, families or groups of friends," as stated in the documentation, Upspin will need contributions that make it more useful to that group -- or it'll need to become the core of a project built with ease of use as a first concern.