The hails package

[Tags: gpl, library, program]

The rise of web platforms and their associated apps represents a new way of developing and deploying software. Sites such as Facebook and Yammer are no longer written by a single entity, but rather are freely extended by third-party developers offering competing features to users.

Allowing an app to access more user data allows developers to build more compelling products. It also opens the door to accidental or malicious breaches of user privacy. In the case of a website like Facebook, exposing access to a user's private messages would allow an external developer to build a search feature. Exciting! But, another developer can take advantage of this feature to build an app that mines private messages for credit card numbers, ad keywords, or other sensitive data.

Frameworks such as Ruby on Rails, Django, Yesod, etc. are geared towards building monolithic web sites. And, they are great for this! However, they are not designed for websites that integrate third-party code, and thus lack a good mechanism for building such multi-app platforms without sacrificing a user's security or an app's functionality.

Hails is explicitly designed for building web platforms, where it is expected that a site will comprise many mutually-distrustful components written by a variety of entities. We built Hails around two core design principles.

A Hails platform hosts two types of code: apps and /policy modules/. Apps encompass what would traditionally be considered controller and view logic. Policy modules are libraries that implement both the model and the data security policy. They are invoked directly by apps or other policy modules, but run with different privileges from the invoking code. Both apps and policy modules can be implemented by untrusted third parties, with the user only needing to trust the policy module governing the data in question. Separating of policy code from app code allows users to inspect and more easily unserstand the overall security provided by the system, while MAC guarantees that these policies are enforced in an end-to-end fashion.


Properties

Versions0.1, 0.1.1, 0.9.0.1, 0.9.2.0, 0.9.2.1, 0.9.2.2, 0.11.0.0, 0.11.1.0, 0.11.1.1, 0.11.1.2
Dependenciesauthenticate (>=1.3), base (>=4.5 && <5.0), base64-bytestring (>=0.1), binary (>=0.5), blaze-builder (>=0.3.1), bson (>=0.2), bytestring (>=0.9), conduit (>=0.5), containers (>=0.4.2), cookie (>=0.4), directory (>=1.1), failure (>=0.2.0.1 && <0.3), filepath (>=1.3), ghc-paths (>=0.1.0.8), hails, http-conduit (>=1.5), http-types (>=0.7), lio (>=0.9.1.1), mongoDB (>=1.3.0), mtl (>=2.0), network (>=2.3), parsec (>=3.1.2), resourcet (>=0.3.3.1), text (>=0.11), time (>=1.2.0.5), transformers (>=0.2.2), unix (>=2.5.1), wai (>=1.3), wai-app-static (>=1.3.0.1), wai-extra (>=1.3.0.1), warp (>=1.3)
LicenseGPL-2
AuthorHails team
MaintainerHails team <hails at scs dot stanford dot edu>
CategoryWeb
Source repositoryhead: git clone ssh://anonymous@gitstar.com/scs/lio.git
Executableshails
Upload dateFri Nov 30 02:22:35 UTC 2012
Uploaded byDeianStefan
Downloads609 total (54 in last 30 days)

Modules

[Index]

Downloads

Maintainers' corner

For package maintainers and hackage trustees