Name: lio Version: 0.9.1.1 Cabal-Version: >= 1.8 Build-type: Simple License: GPL License-File: LICENSE Author: Hails team Maintainer: Hails team Synopsis: Labeled IO Information Flow Control Library Category: Security Description: The /Labeled IO/ (LIO) library is an information flow control (IFC) library. IFC is a mechanism that enforces security policies by tracking and controlling the flow of information within a system. Different from discretionary access control (think UNIX file permissions), with IFC you can execute an untrusted computation on your secret data and be sure that it does not leak it or overwrite it. . LIO is an IFC library that can be used to implement such untrusted computations. LIO provides combinators similar to those of 'IO' for performing side-effecting computations (e.g., accessing the filesystem, modifying mutable references, throwing exceptions, etc.) To track and control the flow of information, LIO associates a security policy, usually called a /label/, with every piece of data. A label may, for example, impose a restriction on who can observe, propagate, or modify the data labeled as such. Different from standard IO operations, the LIO counterparts usually take an additional parameter for the label which they inspect before actually performing the (underlying IO) side-effecting computation. So, before writing to a file LIO asserts that the write will not violate any security policies associated with the file or the data to be written. . Most code should import module "LIO" and whichever label format the application is using (e.g., "LIO.DCLabel"). All untrusted code should have type 'LIO', which trusted code can safely execute with 'evalLIO'. See "LIO" for a description of the core library API. . The paper that describes the core of LIO, including motivation and formal modeling/proofs, is available here: Extra-source-files: examples/dclabel.hs examples/gate.hs examples/waitAndCatch.hs examples/bracket.hs examples/fsExample.hs examples/LambdaChair/LambdaChair.hs examples/LambdaChair/LambdaChair/TCB.hs examples/LambdaChair/AliceCode.hs examples/LambdaChair/BobCode.hs examples/LambdaChair/Main.hs Source-repository head Type: git Location: ssh://anonymous@gitstar.com/scs/lio.git Flag toLabeled Description: Enable toLabeled primitive. This is NOT termination-sensitive non-interferant so use with care. Default: False Library Build-Depends: base >= 4.5 && < 5.0 ,transformers >= 0.2.2 ,containers >= 0.4.2 ,bytestring >= 0.9 ,cereal >= 0.3.5.1 ,filepath >= 1.3.0.0 ,directory >= 1.1.0.2 ,xattr >= 0.6.1 ,zlib >= 0.5.3.1 ,SHA >= 1.5.0.0 ,time >= 1.2.0.5 GHC-options: -Wall -fno-warn-orphans if flag(toLabeled) CPP-options: -DTO_LABELED Exposed-modules: -- * Top-level exporter LIO -- * Label definition LIO.Label -- * Core library LIO.Core LIO.TCB -- * Labeled values LIO.Labeled LIO.Labeled.TCB -- * Labeled IORefs LIO.LIORef LIO.LIORef.TCB -- * Gates LIO.Gate -- * LIO privileges LIO.Privs LIO.Privs.TCB -- * Concurrency LIO.Concurrent LIO.Concurrent.TCB LIO.Concurrent.LMVar LIO.Concurrent.LMVar.TCB -- * Time library LIO.Data.Time -- * DCLabels LIO.DCLabel LIO.DCLabel.Core LIO.DCLabel.Privs LIO.DCLabel.Privs.TCB LIO.DCLabel.Serialize LIO.DCLabel.DSL -- * File system LIO.Handle LIO.FS.TCB