<div dir="ltr">Hi list,<div><br></div><div>I've just released version 0.0.1 of an application I've been working on for some time now called Cinched.</div><div><br></div><div>It's a microservice for providing encryption/decryption (partial JSON document or blob).</div><div><br></div><div>Some of the goals I had in mind while putting this together is to simplify key management for developers as well as centralize the encryption code to make it easier to audit. </div><div><br></div><div>Under the hood:</div><div><ul><li>riak_ensemble for key storage</li><li>cowboy for the TLS/HTTP handling</li><li>shamir secret sharing</li><li>libsodium (via NIF bindings)</li><li>OCSP checks (via NIF bindings)</li><li>poolboy for limiting CPU bound workers</li><li>exometer_core for metrics</li><li>jiffy for json parsing</li><li>ej for json document traversal</li><li>Lots of SELinux policy, Linux DAC controls</li></ul></div><div>I'm pretty new at Erlang so I'd appreciate any feedback as well as harsh criticism, it's all good.</div><div><br></div><div>Code is available on Github here: <a href="https://github.com/marksteele/cinched">https://github.com/marksteele/cinched</a></div><div><br></div><div>As an FYI, it's targeted to RHEL/CentOS 7. Much of the security of the system is dependent on a well behaving SELinux system with the right reference policy.</div><div><br></div><div>PS: Has anyone managed to layer in an attestation protocol on top of Erlang distribution in order to be able to establish trust between cluster peers? I've found some academic research, but no code.</div><div><br></div><div>Cheers,</div><div><br></div><div><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="font-size:small">Mark Steele</div><div style="font-size:small">CISSP, GPEN, GCIA, CSM</div><div style="font-size:small"><a href="mailto:mark@control-alt-del.org" target="_blank">mark@control-alt-del.org</a><br></div><div style="font-size:small"><br></div><div><font size="2">LinkedIn: <a href="https://ca.linkedin.com/in/markrsteele" target="_blank">https://ca.linkedin.com/in/markrsteele</a></font><br></div><div style="font-size:small">Github: <a href="https://github.com/marksteele" target="_blank">https://github.com/marksteele</a></div><div><font size="2">Personal: <a href="http://www.control-alt-del.org" target="_blank">http://www.control-alt-del.org</a></font></div><div style="font-size:small"></div></div></div></div></div></div>
</div></div>