Architecture

Host-proof and privacy centric distributed applications need to persist data on Internet connected servers. By definition these applications assume the servers to be hostile and need to perform client-side encryption on all persisted data.

Selective Share persists and synchronizes data for host-proof applications. The architecture is designed to provide an easy-to-use privacy infrastructure.

Selective Share webapp configuration

Architecture properties

Standalone application
The agent runs outside and independent of the browser or desktop application.
Prevents code modification attacks.
Standard GPG software
Encryption is performed using GPG.
Ensure cryptographic software is well-regarded and well-tested.
EaaS server rejects clear text data
Prevents unintentional data leakage.
Agent generates data in a single directory hierarchy
Localize vulnerability.
Enable easy on-disk-encryption.
Command line API
Easy to integrate in desktop software and shell scripts.
Language agnostic.
Prevents code vulnerability attacks.