Cossack Labs
Cossack LabsHermes – distributed crypto ACL engine
Hermes is a cryptographic access control framework, which enables users to remotely manage and manipulate permissions over encrypted records. Sharing, granting privileges, and distributing complex sets of data are tasks where Hermes is the most valuable. Hermes was developed to enable the building of better end-to-end encryption systems with the emphasis on data sharing and collaboration, including Toughbase.
Hermes is AGPL-licensed. Special business-friendly licensing is also available.
Hermes provides:
- 1 Client-centric trust
- 2 Compatibility with any storage model
- 3 State/callback integration
End-to-end security
Hermes is built for applications where only the client is a trusted entity. Servers and infrastructures provide merely the storage and transmission environment for sensitive data.
Hermes is built for applications where only the client is a trusted entity. Servers and infrastructures provide merely the storage and transmission environment for sensitive data.
Arbitrary data model
Hermes does not impose any data structure design. List of files, cells in database, structured objects, documents – Hermes works for them all.
Hermes does not impose any data structure design. List of files, cells in database, structured objects, documents – Hermes works for them all.
Easy integration
Pure C code with a growing number of interface libraries for the most popular languages and architectures. No dependencies apart from Themis.
Pure C code with a growing number of interface libraries for the most popular languages and architectures. No dependencies apart from Themis.
Open-source code
Hermes is an AGPLv3 open source product that you may examine and on top of which you can build your open source products. If your use case is interesting, we might help!
Hermes is an AGPLv3 open source product that you may examine and on top of which you can build your open source products. If your use case is interesting, we might help!
Use cases
Cryptographic access control
Deploy Hermes to build cryptographic access control in your application: regulate read and write access through a cryptographic scheme resistant to privilege escalation.
Deploy Hermes to build cryptographic access control in your application: regulate read and write access through a cryptographic scheme resistant to privilege escalation.
Secure collaboration and data sharing
Hermes is a cryptography-based method of providing protected data storage and sharing that allows the enforcement of cryptographically-checked permissions between any number of Hermes clients.
Hermes is a cryptography-based method of providing protected data storage and sharing that allows the enforcement of cryptographically-checked permissions between any number of Hermes clients.
Multi-user object store
Build end-to-end secure document/object stores where every document or field’s access rights can be granted to any registered user of the system, transparently, and with low overhead.
Build end-to-end secure document/object stores where every document or field’s access rights can be granted to any registered user of the system, transparently, and with low overhead.
Complex shared structures
Collaborating securely when a document is one blob of data is straightforward, but a modern object/document is actually a large tree-like structure. Hermes was designed precisely for today’s applications.
Collaborating securely when a document is one blob of data is straightforward, but a modern object/document is actually a large tree-like structure. Hermes was designed precisely for today’s applications.
Available for:
