You are absolutely right that these things are greatly dependent on the use case. I'm happy to see other people trying to solve these problems too.
Can you describe your API? Do you have your own? Are you reimplementing the S3 API? REST-ful? xmlrpc? How do you handle authentication and authorization?