Crypto-based rights management
  1. 1 Client-controlled encryption
  2. 2 Anything can be storage
  3. 3 Integrates into any pipeline

Crypto-based rights management for sensitive data.

Hermes allows you to map permissions for CRUD operations to keys via cryptographic process. Share, grant privileges, transfer objects, control infrastructure anyway you want: Hermes just encrypts and decrypts sensitive data chunks, if your keys allow you to do that. Code does not make any decisions attackers might affect: your keys either have sufficient abilities to perform operations based on existing cryptographic materials - or any attempts to manipulate the data are futile.

Hermes is fully end-to-end in a very flexible manner: wherever the keys and Hermes-based client exists, entrypoint to protected data exists, nevermind where data chunks are actually stored.

Hermes comes as GPL-licensed open-source for cryptographic and security community to assess our efforts in building safe and resilient model, and, for commercial usage, commercial licensed-version (which includes many additional features) is available.

Hermes source code and scientific paper will become availablee for general public in mid-2017.

Hermes provides

Hermes is built for applications, where trust lies only on client. Servers and infrastructures are merely a storage + transmission environment for sensitive data.
As granular as you want it to be
Hermes does not enforce any data structure design for you. List of files, cells in database, structured objects, documents - Hermes works for them all.
Integrates everywhere:
Pure C code with growing number of interface libraries for most languages and architectures. No dependencies apart from Themis.
Hermes is AGPLv3 open-source product, which you may study and build your open-source products on top of. If the use-case is interesting, we might even help!

Copyright © 2014-2017 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.