SecureBlackbox 16: Virtualized File Access in SecureBlackbox

Note: This article applies only to SecureBlackbox Legacy. For future development please consider using the latest version.

SecureBlackbox offers several approaches to secure data transfer that are more flexible than file operations on the disk.

Stream-Based File Operations

SecureBlackbox does not require you to store any data on the disk. All functions of SecureBlackbox are built in a way that lets you use the generic Stream interface (see below). This means that you can keep the data in memory (all platforms have in-memory stream class implementations) or even stream the real data as it comes (given that the total data size is known).

Some methods (mainly in the PKI classes) also accept raw data buffers, but buffers are usually not enough for effective operations. So if you have data in a memory block, you can store this block in a memory stream and use the Stream interface.

The Stream interface is based on the Stream class in .NET; in VCL, this is the TStream class. In ActiveX, you use the IStream interface. In Java, due to limitations of native Java streams, we have introduced our own TElStream class hierarchy.

Custom Handling of File Access Events

The server-side components offered by SecureBlackbox are low-level and flexible. They do not access the file system directly when handling client requests. Instead, they fire events instructing your application to perform certain file or directory operations. And your code is free to handle such requests in the way you need. This means that your code can take data from an in-memory file system, map requests to different directories on the disk (or on different disks), or even request the data from a remote system (thus acting as a proxy).

File System Adapters

Sometimes stream operations are too low-level for simple tasks like uploading one or several files (or even a directory tree). For this case, SecureBlackbox offers file-based operations – you give the component the path and mask of the file(s) to be processed. SecureBlackbox's support for file-based operations is more sophisticated than other components.

SecureBlackbox accesses the file system via File System Adapters. This lets you redirect file access as well. Several adapters are included: A straightforward disk adapter accesses the file system and lets you specify the base access folder to restrict file operations to a certain directory and its subdirectories. This adapter is used when no other adapter is attached to the component. The source code of the disk adapter is available with the FTPS Server sample project (in C#, Delphi and Java). You can use it as the basis for the creation of more sophisticated adapters that could, for example, notify you about file access.

Solid File System

Another available adapter is the SolFS adapter, which, as the name suggests, works with SolFS, a single-file virtual file system that keeps files in a single container on the disk, in memory or across the network. SolFS lets you separate data that belongs to or should be accessible by different clients.

The SolFS adapter is provided as an optional class in the .NET and VCL editions (the Java edition is forthcoming). To use this adapter, you need to install SolFS application edition, then use the adapter class in the \Classes\SolFS folder of the SecureBlackbox installation.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at