You can store your software in the Remository file store. Access can be controlled by setting the groups that can access a container. Remository provides a module to show users their ID string needed to enable updates. The Remository multi-module can help you to construct the download link for the XML. More details can be found at https://docs.black-sheep-research.com/remository:joomlaupdate.

Currently, there are three options:

1. The default is the site database. Uploaded files are always stored in the database prior to approval. Storing files in the database is very secure, as no matter what they contain, they cannot be executed. (Obviously you still need to take care not to host files that could be harmful to your users). The repository can be migrated simply by transferring the database.

2. The file system. Although database is recommended for most uses, you may want to store the file repository in the file system. You can set a default location and also set individual locations for each container. Ideally, you should locate the files outside the web server document root for security. Remository will insert an ID number into the file name if you wish, so as to allow multiple files with the same name. This is not visible to users.

3. Another alternative is Amazon's S3 storage service. That allows for unlimited storage (subject to cost) and high speed delivery of files. The files cannot present any risk to your web site.

You can find more information on file storage in the Remository documentation

If you have a large repository the dashboard can take a while to gather all the data. The slowest operation may well be looking for orphans (files seen on disk but not in the database). You can speed this up if you install a couple of plugins and if you know how to set up a cron job. The plugins are available in the downloads here - you need "Restful Plugin" and "Update Remository orphans with cron". Install them in the usual way and enable them. The description for the orphans plugin explains how to use it. Raise a ticket if you are stuck.

The construction of URLs is affected by the menu entries that point to Remository. For consistent results, it is important to have one menu entry that points to the top level of the repository. That is described as the default Remository view in menu construction. If you do not need a menu entry of that kind for the user interface you are creating, simply create a menu entry of this kind in a menu called e.g. hidden, which is not published anywhere.