New Show Hacker News story: Show HN: Sendsecurely.io – an audited secure file sharing platform
Show HN: Sendsecurely.io – an audited secure file sharing platform
2 by jonmchan | 0 comments on Hacker News.
Hi HN! tldr: SendSecurely is a secure platform to send sensitive documents and files to others. All files are encrypted locally before uploading to SendSecurely. The decryption keys are also encrypted and managed by a new audited database system. Anytime anyone accesses the decrypted keys, an audit log is created letting you keep track of everyone you have shared the file with and when they have accessed it. We would love for you to try this new system and share feedback! long (and technical) story: My partner and I have been working for the past 2 years on building a new privacy-oriented database system called EthicalDB. EthicalDB utilizes blockchain technology to codify both database schema and database permissions. All data in EthicalDB must be associated with an entity in the database and predefined by the schema as public or private data. Permissions are also defined in the schema. Private data is stored encrypted within EthicalDB in a special way that requires multiple nodes to provide decryption keys to access the private data. This forms the basis of governance and accountability in the system such that no one node can access the private data. For private data to be accessed, a private data request must be submitted to the blockchain ledger from an entity existing within EthicalDB. The nodes validate that the entity has permission to access the requested private data and then submit decryption keys for the entity to be able to access the data. In this way, there is no separation between data access and audit - you must submit a data request to get access to the data. We view this radically different architecture and design from traditional database systems as necessary if we wish to codify privacy policies and truly have support for individual personal data ownership and protection. After a combined 25 years working as internet application developers, my partner Travis and I saw that database systems sucked at storing personal data and any attempt to do so was an afterthought. Core problem: every database system is designed assuming the hosting organization has full ownership of all the data within the system. We asked ourselves what would a database system look like if a system was designed from the ground up to respect privacy and personal data ownership? - EthicalDB is what resulted. There are many uses we can see for EthicalDB, but one of the first applications we felt comfortable building and releasing to the public is a secure file sharing platform. We would love input and feedback on SendSecurely! We'd be also happy to discuss with anyone interested a technical deep dive on the EthicalDB technology. Thanks for checking this out!
2 by jonmchan | 0 comments on Hacker News.
Hi HN! tldr: SendSecurely is a secure platform to send sensitive documents and files to others. All files are encrypted locally before uploading to SendSecurely. The decryption keys are also encrypted and managed by a new audited database system. Anytime anyone accesses the decrypted keys, an audit log is created letting you keep track of everyone you have shared the file with and when they have accessed it. We would love for you to try this new system and share feedback! long (and technical) story: My partner and I have been working for the past 2 years on building a new privacy-oriented database system called EthicalDB. EthicalDB utilizes blockchain technology to codify both database schema and database permissions. All data in EthicalDB must be associated with an entity in the database and predefined by the schema as public or private data. Permissions are also defined in the schema. Private data is stored encrypted within EthicalDB in a special way that requires multiple nodes to provide decryption keys to access the private data. This forms the basis of governance and accountability in the system such that no one node can access the private data. For private data to be accessed, a private data request must be submitted to the blockchain ledger from an entity existing within EthicalDB. The nodes validate that the entity has permission to access the requested private data and then submit decryption keys for the entity to be able to access the data. In this way, there is no separation between data access and audit - you must submit a data request to get access to the data. We view this radically different architecture and design from traditional database systems as necessary if we wish to codify privacy policies and truly have support for individual personal data ownership and protection. After a combined 25 years working as internet application developers, my partner Travis and I saw that database systems sucked at storing personal data and any attempt to do so was an afterthought. Core problem: every database system is designed assuming the hosting organization has full ownership of all the data within the system. We asked ourselves what would a database system look like if a system was designed from the ground up to respect privacy and personal data ownership? - EthicalDB is what resulted. There are many uses we can see for EthicalDB, but one of the first applications we felt comfortable building and releasing to the public is a secure file sharing platform. We would love input and feedback on SendSecurely! We'd be also happy to discuss with anyone interested a technical deep dive on the EthicalDB technology. Thanks for checking this out!
Comments
Post a Comment