Core Concepts

Every interaction with Lattix touches a small set of architectural primitives. This section explains each in enough depth to reason about the platform without getting lost in implementation detail. They apply equally whether you're using Lattix Passport, Data Rooms, the mesh fabric, or building with the SDKs.

What each concept covers

• Trusted Data Format — The envelope that wraps every protected object. How the manifest, payload, policy binding, and assertions fit together.
• Policies and ABAC — How access decisions are expressed, who evaluates them, and why attribute-based control replaces role-based standing access.
• Hierarchical Key Model — Data encryption keys, key encryption keys, and the key access service. Envelope encryption as the foundation of revocability.
• Zero Trust Fabric — The mesh of endpoints, policy evaluators, and key access services that coordinates every access decision. No centralized infrastructure required.
• Immutable Ledger — Tamper-evident audit for every decision. Bidirectional proof: presence of a record proves access, absence proves non-access.
• Content Addressing — How Lattix identifies objects by cryptographic hash rather than by location, enabling deduplication, integrity verification, and lineage.
• Post-Quantum Encryption — The platform's approach to long-lived data in a post-quantum world. Key lifecycles, rotation, and hybrid protocols.
• Classification and Tagging — How data becomes policy-enforceable. Tag schemas, classification automation, and the handoff from governance to access control.

Read them in order for a complete picture, or jump to the concept most relevant to what you're evaluating.