ATEN - Guaranteed secure document exchange

This is a work in progress

ATEN is about security. About the ability to exchange a document with a counterpart in the knowledge that the document will remain absolutely secure. Also, the mere fact that you have exchanged a document is also held securely. This is a zero leak system.

ATEN consists of a number of different components which combine together to provide security at a provable level. There is a secure key management system that is maintained in a secure encrypted repository. You need your key to be able to communicate with this, so we provide a hardware key management tool that keeps copies of your keys. This stores your private key, your public key and the ATEN servers public key. You use the cloud component to request the public key for your document recipient.

Each document is encrypted at source using the highest grade of AES encryption. The keys are random. The keys themselves are then encrypted with the recipients public key and signed with your private key. This way, only the true recipient can read the document and they can be absolutely sure that it was sent by you.

All the metadata about the document is also encrypted. This means that anyone trying to do traffic analysis based on who sent a document to whom, even if they can't read the document, will be frustrated. The transfer of the documents and the meta data is further encrypted using the ATEN server keys. This way an eavesdropper, even one who has broken the SSL encryption used by HTTPS, can tell nothing of what is going on. The ATEN server supports only one public endpoint with all the usual command and control that is normally sent as part of the URL being encrypted as well.

In the ATEN storage platform, all documents are encrypted with keys, that as was stated, are encrypted. ATEN has no access to these keys, and hence is unable to read the documents or the metadata.

It is clear that ATEN can be abused. Hence it is not offered for sale at this time. Each implementation will be accompanied with consultancy. Clients will be required to go through rigorous compliance checks. This is not a case of simply downloading the code and getting started. At the very least, clients need to understand that using ATEN is very different indeed to using Outlook and GMail. Billing for ATEN has yet to be finalised, but the billing also will not leave a bread crumb trail to follow.

For further information, please make contact with Osiris for a confidential chat about your requirements.