i-platform

i-platform is a software system designed to enable users groups (teams, startups, SMEs) to It is designed as an integrated set of functional components. Each component tipically performs a single service. E-mail, messaging and calendar are examples of services. Services are accessed via usual client programs from users devices. In example, e-mail client programs like Thunderbird or K-9 connect to the standard e-mail ports of the i-platform. Any standard e-mail client connect to the standard e-mail ports of the i-platform. The same holds true for other services such as webDav calendar service. All service connections are standard and encrypted. i-platform does not use un-encrypted ports for any service. Encryption is standard as well.

While there are many standard client programs that enable mail, messages and calendar, user and system administration is done via web interface by the admin user. Web service is designed to use minimal Java Script, and to rely on standard HTML v5 as much as possible. This way i-platform can be managed from a portable device with minimal hardware specifications, have a fast response and not put a heavy load on CPU, memory, or battery. Web interface also enables all users to have a reasonable access to their mail, calendar and messaging services. Proxified web search is also included - it hides user's real IP address and location.

User administration enables administrator to create new users, set their username and initial password, or suspend users. Suspended user cannot access the i-platform, but his account and data continue to exist. Suspended user can be re-activated, and can access i-platform with his usual password. Administrator can grant administrator role to the active user, and also revoke administrator role from another administrator. i-platform has to have at least one administrator. Apart from seting initial user password for a new user, administrator cannot see, change or reset user's password.

System administration includes more tasks than user administration; administrator can perform reboot, backup and restore of the system. He can also perform a factory reset, viping it clean. Administrator can also check health of the system (resource usage and load) and perform updates of components as new versions became available.

i-platform defends itself from brute force password attacks and funny hacking attempts by blocking offending IP addresses. In rare cases regular user's IP address may be banned after several missed passwords. Administrator has a capability to unblock the offending IP address.

The "owner" of i-platform instance is the first administrator. He is the one to create first users. His initial username and password are of exceptional importance - in case of "factory reset" of the platform, only these, initial credentials would be valid, and would be needed to get hold of the platform. Administrators cannot read or have access to mails messages or calendars of other users. Not even the backup file is of use for this purpose since backup files are not only compressed, but additionally stochastically encrypted in a passwordless way. In other words, cannot be cracked and decrypted by outside party. Users "own" their data, and usually have their own backup copies by using POP3 protocol for their email, and webDav protocol for calendar, on their own devices. The moral of this paragraph is that with great freedom (and privacy) comes great responsebility - to keep own passwords updated, safe and secure.

Internal system keys needed for uninterupted operation are encrypted, very long, and automatically stochastically generated at the time of installation. Every instance of i-platform has totally different keys. There is not even teoretical way i-platform developers could ever decrypt these keys, or the backup files. Even worse, there is no way that ISP can access these keys in encrypted form. This makes any unauthorized access to data by the third party very very hard.

Technical parameters