Amazon CloudFront

We have various files which we want to provide as downloadable via Amazon Cloudfront. We want to enforce security so no one can access the files via Amazon S3 or Cloudfront directly. Cloudfront has the API of signing the url via RSA encryption, etc and generating the signature. Then adding the signature to the URL so it works well. We want to set expiration date of a cloudfront link to 5 days and only by the specific IP address or some range... or want to use the webservices that the link purchased in India should work only in India and link outside India should work only outside India. Once the download is complete do not allow further downloads. Also, we want to have multi download resume/pause tool that the user can use to download multi purchased URLs. Right now the logic in o s h o d o t c o m / a u d i o b o o k s works but is using some other CDN provider. Now, we want to switch to Cloudfront so want you to change the coding. Once you are done, we want from your side a web services kind of an API that we can execute from our coldfusion script that can pass in the orderID and expiration date and your system sends us back the XML with the URLs generated for that orderid. Love, Angelo