Hermes – distributed crypto ACL engine
Hermes is a cryptographic access control framework, which enables users to remotely manage and manipulate permissions over encrypted records. Sharing, granting privileges, and distributing complex sets of data are tasks where Hermes is the most valuable. Hermes was developed to enable the building of better end-to-end encryption systems with the emphasis on data sharing and collaboration, including Toughbase.
Hermes is AGPL-licensed. Special business-friendly licensing is also available.
- 1 Client-centric trust
- 2 Compatibility with any storage model
- 3 State/callback integration
Hermes is built for applications where only the client is a trusted entity. Servers and infrastructures provide merely the storage and transmission environment for sensitive data.
Hermes does not impose any data structure design. List of files, cells in database, structured objects, documents – Hermes works for them all.
Pure C code with a growing number of interface libraries for the most popular languages and architectures. No dependencies apart from Themis.
Hermes is an AGPLv3 open source product that you may examine and on top of which you can build your open source products. If your use case is interesting, we might help!
Deploy Hermes to build cryptographic access control in your application: regulate read and write access through a cryptographic scheme resistant to privilege escalation.
Hermes is a cryptography-based method of providing protected data storage and sharing that allows the enforcement of cryptographically-checked permissions between any number of Hermes clients.
Build end-to-end secure document/object stores where every document or field’s access rights can be granted to any registered user of the system, transparently, and with low overhead.
Collaborating securely when a document is one blob of data is straightforward, but a modern object/document is actually a large tree-like structure. Hermes was designed precisely for today’s applications.