The NHSE anticipates that most HPCC repositories will provide access to software and documents by running an http server, as well as perhaps an ftp server. Users will most likely access these servers from a WWW browser, such as Netscape or NCSA Mosaic. Given the URL for a file the user wishes to retrieve, the browser will send the necessary request to the server and either display the retrieved file in a window or save it to the user's disk.
There is not currently a good way for Web browsers to retrieve multiple files in one request - for example, all files making up a software package - unless the files have been pre-packaged into a single tar or shar file. It would be convenient for a user to use a shopping basket approach to specify an arbitrary collection of files and then download them in the background. NHSE developers have been participating in discussions within the WWW community on incorporating such bulk file transfer into WWW protocols such as HTTP.
An alternative to making software available for download is to
provide a remote execution service, with which users can submit
their input data to a remote server that runs the program and
returns the results. Examples of this approach include the
NEOS optimization server 
and the Web interface to //ELLPACK
.
If there is sufficient demand for them, tools for setting up and
running such remote execution services may be included in future
versions of RIB.
Some software packages will have access restrictions which require
authentication of authorized users before the software can be
downloaded. Access control mechanisms available with http client-server
combinations include passwords, prohibition by domain name, prohibition
by IP address, configurable user groups, rules based on URLs,
and the SSL and S-HTTP protocols.
An alternative to restricting access to the actual software files
is to encrypt these files and allow anyone to download them,
but require authorization and authentication to obtain the decryption
key. This approach is used in the Crytolope technology
of IBM Infomarket .
A chart showing which http servers
support which access control mechanisms may be found at
http://www.webcompare.com/server-main.html.
Good sources of information about access control include
the WWW Security FAQ
and the NCSA httpd documentation
.
The NHSE is currently developing prototype access control and user authentication mechanisms based on public key certificates and SSL. After thorough testing, these mechanisms will be included in a future version of Repository in a Box, probably by fall of 1997.