Crypto-based rights management
  1. 1 Client-controlled encryption
  2. 2 Anything can be storage
  3. 3 Integrates into any pipeline

Cryptographic access control engine.

Hermes enables users to map CRUD permissions to cryptographic keys. Share, grant privileges, transfer objects, control infrastructure any way you want: intervenes during access and grant procedures via simple, stateless API. Hermes enforces access policy cryptographically, so privilege escalation and unauthorised access do not end up with any serious damage to the system, if the keys are protected. Hermes was incepted to build better end-to-end encryption systems with emphasis on data sharing and collaboration.

Hermes comes as GPL-licensed open-source for community review and usage within open source software. Special business-friendly licensing is available as well. Hermes public proof-of-concept source code and scientific paper will become available for general public in Q3 2017.

Hermes provides

End-to-end security
Hermes is built for applications, where trust lies only on client. Servers and infrastructures are merely a storage + transmission environment for sensitive data.
Arbitrary data model
Hermes does not enforce any data structure design for you. List of files, cells in database, structured objects, documents - Hermes works for them all.
Easy integration
Pure C code with growing number of interface libraries for most languages and architectures. No dependencies apart from Themis.
Open-source code
Hermes is AGPLv3 open-source product, which you may study and build your open-source products on top of. If the use-case is interesting, we might even help!

Copyright © 2014-2017 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.