End-to-end secure data storage, processing, and sharing framework with zero trust to storage/exchange infrastructure.
Hermes is AGPL-licensed. Special business-friendly licensing is also available.
Crafted with your platform in mind
IntegrationEasy integration library and infrastructure.
StorageWorks with any storage scheme.
- 1 Client-centric trust
- 2 Compatibility with any storage model
- 3 State/callback integration
Hermes is built for applications where the client side is the only trusted entity. Client applications are responsible for data encryption and access control through using Hermes engine, while the server-side knows nothing about the nature of data.
Hermes imposes no limitations on data structure/database choice. Hermes fits anything you use – lists of files, rows in a database, structured documents, etc. Adding new storage types can be as easy as adding 10 lines of code.
Unlike typical ACL and role management schemes, the access control in Hermes relies completely on cryptography, where trust is bound to client’s keys. As long as the keys are safe – the system is safe..
With a solid security foundation on the data layer, building other security controls gets easier, the risk model becomes precise, and the overall security cost goes down considerably.
Secure the data in GPL-friendly open-source software designed to provide greater privacy for the users.
The GPL version of Hermes comes free of charge for GPL-friendly projects.
If you’re building something that’s exciting and is helping the world to become a better place – let us know, we’re avid supporters of open-source and might get in touch to help you with your project.
HealthcareShare FHIR and other medical records safely and distribute granular access to personnel in a secure way. Cut HIPAA costs by pushing many security controls to the encryption layer.
FinanceStore and process customer payment data securely, minimise insider threats and enable secure, accountable cross-organisation data exchange.
EnterpriseProtect commercially sensitive data and enforce access control, integrate with existing PKI and IAM stack, enforce group policies and efficient key/storage management – all the while keeping the data end-to-end encrypted.
B2C: Customer appsInstill greater trust in your product by implementing end-to-end encryption of customer data. It’s not only E2EE messengers that deserve the right to use user trust as competitive advantage. Implement it in your products or infrastructure, hassle-free.
Build with Hermes
Deploy Hermes to build cryptographic access control in your application: regulate read and write access through a cryptographic scheme resistant to privilege escalation.
Hermes is a cryptography-based method of providing protected data storage and sharing that allows the enforcement of cryptographically-checked permissions between any number of Hermes clients.
Build end-to-end secure document/object stores where every document or field’s access rights can be granted to any registered user of the system, transparently, and with low overhead.
Collaborating securely when a document is one blob of data is straightforward, but a modern object/document is actually a large tree-like structure. Hermes was designed precisely for today’s applications.