Overview

What is AKM?

AKM (Authenticated Key Management) is a secure peer-to-peer communication system that enables encrypted data exchange between endpoints through authenticated trust relationships.

AKM provides hardware-backed encryption and authentication, ensuring that only authorized endpoints can communicate with each other through established trust relationships.

Architecture

+-------------------+                              +-------------------+
|   Application A   |                              |   Application B   |
|   (Ping Client)   |                              |   (Ping Server)   |
+--------+----------+                              +--------+----------+
         |                                                  |
         | TCP :49600                              TCP :49600 |
         v                                                  v
+--------+----------+                              +--------+----------+
|   AppEndpoint A   |<-- Encrypted P2P Channel -->|   AppEndpoint B   |
|   (AKM_P2P_LIB)   |                              |   (AKM_P2P_LIB)   |
+--------+----------+                              +--------+----------+
         |                                                  |
         |          +-------------------+                   |
         +---------->       AMM         <------------------+
                    | (Management Node) |
                    +-------------------+

Key Concepts

AppEndpoint

A software component that provides the APP API for applications to send and receive encrypted data. Applications connect to AppEndpoint via TCP on port 49600.

ATR (Authenticated Trust Relationship)

A cryptographic binding between two endpoints that enables secure communication. Each ATR has a unique ID and supports up to 10 concurrent relationships per endpoint.

AKM_P2P_LIB

The core library that handles encrypted peer-to-peer communication between endpoints. It manages key exchange, encryption, and secure channel establishment.

AMM (AKM Management Module)

The central management service that handles endpoint provisioning, ATR creation, and system monitoring. Accessible via port 49200.

Component Overview

Component Port Description
APP API 49600 Application interface to AppEndpoint
AMM 49200 Management and provisioning interface
AMM Console Service 49201 JSON proxy for AMM (single connection broker)

Quick Start

  1. Provision endpoints through AMM to establish identity
  2. Create ATRs between endpoints that need to communicate
  3. Connect your application to AppEndpoint on port 49600
  4. Register with an ATR ID and unique App Value
  5. Send/receive data through the encrypted channel

Next Steps

AppEndpoint Integration

Learn how to connect and communicate with AppEndpoint

API Reference

Complete documentation of all API messages