A data-sharing scheme between entities disposed behind respective firewalls. A sharer of the data subscribes to a public service that enables a secure connection (similar to a peer-to-peer network) between at least one requestor and the data sharer. By subscribing, the sharer provides information to the service that enables the service to generate a private key. When the request is received from the requestor, the service retrieves the corresponding private key, authenticates the requestor, and transmits the key to the requestor thereby facilitating a secure tunnel for communicating the shared data. The requestor can then access the data directly from the sharer without the need for copying or moving the shared data to a server outside the firewall or for emailing.