atPlatform
An overview of Atsign's core pillars of technology
TL;DR
The atPlatform allows people, entities and things to communicate privately and securely without having to know about the intricacies of the underlying IP network. The atPlatform Protocol is the application protocol used to communicate and Atsign are the addresses on the protocol. All cryptographic keys are cut at the edge by the Atsign owner, meaning only the receiving and sending Atsigns see data in the clear.
The atPlatform can be used to send data synchronously or asynchronously, and can be used as a data plane, or a control plane, or both simultaneously at Internet scale.
Relationships
Every atServer is associated with one atSign, and each atServer stores many atRecords.
When provided an atSign, the atDirectory returns a DNS address and port number for its atServer.
The atProtocol is the application layer protocol used to communicate with an atServer.
atServer
An atServer is both a personal data service for storing encrypted data owned by an Atsign, and a rendezvous point for information exchange. An atServer is responsible for the delivery of encrypted information to other atServers, from which the owners of those Atsigns can then retrieve the data.
Unless explicitly made public, atServers only store encrypted data and do not have access to the cryptographic keys, nor the ability to decrypt the stored information.
atServer Functionality
Cryptographic authentication of client devices.
Cryptographic authentication of other atServers.
Persistence of encrypted data on behalf of the controlling atSign.
Caching of data shared by others with the controlling atSign.
Notification of data change events to clients (edge devices) and other atServers to facilitate delivery of information shared with them.
Synchronization of data with multiple clients (edge devices).
TLS wire encryption from clients to atServers using SSL certificates.
Mutually authenticated TLS 1.2/1.3 wire encryption between atServers using SSL certificates.
atDirectory
In order for an Atsign to communicate with another one on the internet, we need to locate the atServer that can send and receive information securely on its behalf.
The location of an atServer is found using the atDirectory service (root.atsign.org:64). This directory returns the DNS address and port number of the atServer for any Atsign that it has a record for. The atDirectory service contains no information about the owner of the Atsign.
atPlatform Protocol
The atPlatform Protocol communicates via layer 7, the application layer of the OSI model, over TCP/IP.
The atPlatform Protocol is an application protocol that enables data sharing between Atsigns. You can learn more about the atPlatform Protocol by reading the specification. The atPlatform Protocol uses TCP/IP and TLS but does not specify how data itself is encrypted, that is the job of the atSDK and atClient libraries.
atSDK
atSDKs provide developers with atPlatform specific building tools in a number of languages and for a number of operating systems and hardware. The atSDK allows developers to rapidly develop applications that use the atPlatform.
Last updated