I received a request that has left me puzzled, given my limited skills and experience in the field .

The problem is the following: have to build a platform that, through a simple web interface (in the future maybe an app for mobile) to allow authorized access to a set of confidential data residing on an analytical tool ( Linux OS ) .

Given that the entire infrastructure must be designed from scratch , I have not the slightest idea of what tools are most suitable for solving the project in question . And now I am here to ask your lights ...

In the initial draft of the project I have identified the following structure:

A) analytical tool with Linux OS on the network but protected by a firewall;
B) external Server
C) Java applet to display data on web page

As the instrument is not directly accessible outside ( and I do not want it to be for security reasons) , I imagined that a structure ' on-demand ' of the type:

(C ) sends a request to (A ) to send data

was not feasible or , at least at this time, it escapes me how to do that in spite of the firewall and maintaining high safety criteria.

Then I thought of a different solution :
(C) does not receive any request from the outside but on the basis of a daemon it sends messages to (B ) periodically and updates the status ( present or not updates ) , being (B ) accessible from everywhere

Something like:

- The user that needs - or wants- to access the data, provides running a script ( or daemon ) on (A) specifying the data source (typically one or more paths to arbitrary directories ) ;

- The deamone periodically sends to the server ( B) a message and, if there were any updates on files / documents mentioned , it also sends the new content that is stored in an appropriate manner (database ? )

- The server is publicly accessible and returns the data through a Java applet on a web page (C) or ajax.

The user connects to the server by authenticating queries the page and display the desired data .

Remain to establish the criteria for synchronization , the amount of messages exchanged , the frequency.

In this scenario just described , you see obvious flaws or gross errors ?
In what language do you think is appropriate to develop individual -level modules analytical tool ( daemon ) , servers and web applets ? Everything in Java and / or Python?

I'm available for study possible alternatives and thank you even now who can give me some suggestions .