 | security-policy-0.0.1: Type-parameterized Security Monads | Contents | Index |
|
|
|
|
| Synopsis |
|
|
|
| Documentation |
|
| class SecurityPolicy p |
| A Policy is a particular relationship between a closed set of SecurityLevels.
The closure of this set is maintained by limiting the export of the policy.
|
|
|
| class (SecurityPolicy p, Monad l) => SecurityLevel p l | l -> p |
| A SecurityLevel is a particular point inside our capability space. You should not export the
data constructors for your SecurityLevels, but only export whatever methods you want to allow the
end user to deconstruct your secured data with including all access controls and permission checks.
|
|
|
| class (SecurityLevel p l, SecurityLevel p l', SecurityLevel p l'') => SecurityLattice p l l' l'' | l l' -> l'', l -> p, l' -> p, l'' -> p where |
| Note instances of this class must form a full meet-semilattice for security purposes.
| | | Methods | | witness :: l a -> (a -> l' b) -> l'' b | | Parameterized bind.
|
|
|
|
| witness :: SecurityLattice p l l' l'' => l a -> (a -> l' b) -> l'' b |
| Parameterized bind.
|
|
| reclassify :: SecurityLattice p l m m => l a -> m a |
| x & y = y iff x <= y is a meet semilattice law.
use this to raise the security level of a value using the supplied witness for the SecurityLattice relationship
|
|
| Produced by Haddock version 0.8 |