stdlib/source/documentation/lux/control/security/policy.lux


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

(.module:
  [library
   [lux "*"
    ["$" documentation {"+" [documentation:]}]
    [data
     [text {"+" [\n]}
      ["%" format {"+" [format]}]]]
    [macro
     ["[0]" template]]]]
  [\\library
   ["[0]" /]])

(documentation: (/.Policy brand value %)
  "A security policy encoded as the means to 'upgrade' or 'downgrade' in a secure context.")

(documentation: (/.Can_Upgrade brand % value)
  "Represents the capacity to 'upgrade' a value.")

(documentation: (/.Can_Downgrade brand % value)
  "Represents the capacity to 'downgrade' a value.")

(documentation: (/.Privilege brand %)
  "Represents the privilege to both 'upgrade' and 'downgrade' a value.")

(documentation: (/.Delegation brand %from %to)
  "Represents the act of delegating policy capacities.")

(documentation: /.delegation
  "Delegating policy capacities."
  [(delegation downgrade upgrade)])

(documentation: (/.Context brand scope %)
  "A computational context with an associated policy privilege.")

(documentation: /.with_policy
  "Activates a security context with the priviledge to enforce it's policy."
  [(type: Password
     (Private Text))

   (type: (Policy %)
     (Interface
      (: (-> Text (Password %))
         password)
      (: (-> (Password %) Text)
         unsafe)))

   (def: (policy _)
     (Ex (_ %) (-> Any (Policy %)))
     (with_policy
       (: (Context Privacy Policy)
          (function (_ (^open "%::."))
            (implementation
             (def: (password value)
               (%::can_upgrade value))
             (def: (unsafe password)
               (%::can_downgrade password)))))))]
  [(with_policy context)])

(documentation: /.Privacy
  (format "A security context for privacy."
          \n "Private data is data which cannot be allowed to leak outside of the programmed."))

(documentation: /.Safety
  (format "A security context for safety."
          \n "Safe data is data coming from outside the program which can be trusted to be properly formatted and lacking injections."))

(.def: .public documentation
  (.List $.Module)
  ($.module /._
            ""
            [..Policy
             ..Can_Upgrade
             ..Can_Downgrade
             ..Privilege
             ..Delegation
             ..delegation
             ..Context
             ..with_policy
             ..Privacy
             ..Safety
             ($.default /.functor)
             ($.default /.apply)
             ($.default /.monad)
             ($.default /.Private)
             ($.default /.Can_Conceal)
             ($.default /.Can_Reveal)
             ($.default /.Safe)
             ($.default /.Can_Trust)
             ($.default /.Can_Distrust)]
            []))