- 1 Client-controlled encryption
- 2 Anything can be storage
- 3 Integrates into any pipeline
Cryptographic access control engine.
Hermes enables users to map CRUD permissions to cryptographic keys. Share, grant privileges, transfer objects, control infrastructure any way you want: intervenes during access and grant procedures via simple, stateless API. Hermes enforces access policy cryptographically, so privilege escalation and unauthorised access do not end up with any serious damage to the system, if the keys are protected. Hermes was incepted to build better end-to-end encryption systems with emphasis on data sharing and collaboration.
Hermes comes as GPL-licensed open-source for community review and usage within open source software. Special business-friendly licensing is available as well. Hermes public proof-of-concept source code and scientific paper will become available for general public in Q3 2017.
Hermes is built for applications, where trust lies only on client. Servers and infrastructures are merely a storage + transmission environment for sensitive data.
Hermes does not enforce any data structure design for you. List of files, cells in database, structured objects, documents - Hermes works for them all.
Pure C code with growing number of interface libraries for most languages and architectures. No dependencies apart from Themis.
Hermes is AGPLv3 open-source product, which you may study and build your open-source products on top of. If the use-case is interesting, we might even help!