To exchange tool computation services between organizations, some sort of network connection must be established. As many organizations are (understandably) reluctant to open ports into their networks, the Uplink approach is based on connecting to a shared coordination/forwarding server called a "relay".
This relay server is typically placed outside of any organization's protected network, e.g. on a rented server or in the DMZ of one of the involved organizations.
Due to the exposed nature of this relay server, it is designed to be secure by default. There is only one way of connecting to it, which is the encrypted and authenticated SSH protocol. The protocol transmitted over SSH is designed to be concise and easily audited.
Development is focused on placing as little trust as possible into the relay server. Technical steps are being taken to limit what data can be monitored at the relay server. Some of these features, however, are not implemented in the experimental Uplink feature in RCE 10 yet. In all RCE 10.x versions, data transmitted to and from tools is safely encrypted against unauthorized access from outside users, through the standard security features provided by the SSH protocol. However, all data could theoretically still be observed by administrators of the relay server. If this is unacceptable in your setup, please wait for the RCE 11 release, in which the Uplink feature is scheduled for non-experimental release.
A typical Uplink setup between two or more organizations involves:
The Uplink relay server (a specially configured RCE instance) in a location that is accessible from all organization's networks.
This relay server opens a SSH port, with one or more sets of credentials for each organization. Typically, only a single login is needed for each project group within an organization; see below.
An Uplink SSH gateway node (again, a specially configured RCE instance) in each organization's network.
This node is the only one that actually establishes an SSH connection to the relay.
It is typically centrally administered, and not used for any other end-user work.
A benefit of this setup is that the SSH login credentials are only required to be present on that machine. Additionally, this reduces the number of SSH logins that must be configured on the server side, as it is effectively shared by all users with access to this (internal) SSH gateway.
This node opens one or more default RCE network connection ports towards the internal network. Access to this can be restricted using standard internal network policies as needed.
End users can then use their individual RCE instances to connect to the SSH gateway node (using RCE's default network features).
Once this setup is complete, users can access tool compute services published by their or one of the other organizations in the form of virtual tools within their RCE networks.