Best way to interface data between two systems, through a third party's firewall?

I am involved in a project, where we will basically be receiving data from two or three internal systems that are inside of a school district's firewall, and aggregating and massaging the data for presentation on a website that students/parents can log in to to see only their specific data. The internal systems are provided by another software vendor, who we have a good working relationship with and will be working with to provide us with an API to the data. We will be getting a snapshot of the data once a day or so. The school district wants our system, but they are concerned about security and privacy of their internal data. We do not want to host the web application from their servers (a nightmare), and so we are going to working with the "inside" software provider to have them provide us with secure access to the data through the district's firewall. We will be presenting a proposal to the District's CIO in a few weeks about how we intend to do this and keep the data safe and private.

So here is my question:

Can someone point me in the right direction of what types of API's are typically used to do this type of secured, private data transfer between two systems (one on the inside, one on the outside)? For now, the data flow will be one-directional (meaning we'll only be querying, not updating), and a snaps开发者_如何学运维hot of the whole database once a day or so may be good enough. I would prefer it to require as little configuration by the school district's IT dep't as possible and be as simple but useful as possible. I've looked at SOAP, REST, SFTP, HTTPS and SSH/SOCKS, but am having trouble sorting it all out. I am sure there is a standard way of doing this type of data batch, so if someone could point me in the right direction or provide some perspective, that would be much appreciated! My expertise is in coding and haven't delved a lot into this type of network administration before.

By the way, my app is Django/Python . . . but we have lots of Java experience so should have some flexibility and power there.

The easiest way would be with SFTP and security certificates.

At the source you make a file data dumb of the info you must transmit. You take that file dump and encrypt it with a certificate's public key.

You send the file over SFTP.

You then take the received encrypted file, decrypt it with your private key, and consume it.

I guess a SOAP solution could work but you could hit limitations with it if the data dumb becomes larger in size (and I'm sure it will :P).

So the simplest way is a file transfer. Just make sure the connection is secured and that you encrypt the file before sending it as an extra measure of security.