Design a Secure PDF Data Room
Company: Harvey
Role: Software Engineer
Category: System Design
Difficulty: medium
Interview Round: Onsite
Design a virtual data room product for companies to organize and securely share confidential PDF documents.
The product should feel similar to a cloud drive: users can create data rooms, organize PDFs into folders, upload and view documents, and invite other organizations to access selected content. For this interview, assume the system initially supports only PDF files.
Key focus area: organization-level access control. A company should be able to grant another organization access to a data room, folder, or document with permissions such as view-only or admin. The system must enforce these permissions consistently across browsing, downloading, viewing, and search.
Please cover:
- Core functional requirements.
- Non-functional requirements such as security, availability, scalability, and auditability.
- Major services and storage choices.
- Data model for organizations, users, rooms, folders, documents, and ACLs.
- Permission evaluation rules, including inheritance and overrides.
- APIs for creating rooms, uploading PDFs, inviting organizations, and checking access.
- How to serve and protect PDF viewing or downloading.
- Auditing, logging, and monitoring.
Quick Answer: This question evaluates system design and security architecture competencies, including organization-level access control, ACL modeling, permission inheritance and overrides, secure document serving, API design, data modeling, scalability, and auditability.