Assuan is an extensible inter-process communication (IPC) protocol and library. It is designed for point-to-point communication and it doesn’t provide a naming system. To contact a server, either the client must know how to locate the server, e.g., via a well-known Unix domain socket, or, if the server is transient, how to start it. In the latter case, Assuan provides functionality to start the server process.
In Assuan, communication is typically either via a pipe or a Unix domain socket. This method is neither elegant nor efficient, especially when there is a lot of data spread across several transactions. Not only is there a penalty for an increased number of context switches, but a significant amount of data is memcpyed from the client to a file descriptor and from the file descriptor to the server. Despite these and other disadvantages, this type of client/server communication is useful: the client is separated from the server: they run in different address spaces. This is especially important in situations where the server must have a known degree of reliability and data must be protected: as the Assuan protocol is well defined and clients cannot corrupt the servers’ address space, auditing becomes much easier.
Assuan was developed for use by the GNU Privacy Guard (GnuPG) to prevent potentially buggy clients from unwittingly corrupting sensitive transactions or compromising data such as a secret key. Assuan permits the servers, which do the actual work, e.g., encryption and decryption of data using a secret key, to be developed independently of the user interfaces, e.g., mail clients and other encryption front ends. Like a shared library, the interface is well defined and any number of front ends can use it; however, unlike a shared library, the client cannot see or touch the server’s data. As with any modular system, Assuan helps keep the components small, understandable and less error prone.
Assuan is not, however, limited to use with GnuPG servers and clients: it was designed to be flexible enough to meet the demands of many transaction-based environments.