stdlib/source/documentation/lux/control/security/policy.lux


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

(.require
 [library
  [lux (.except)
   ["$" documentation]
   [data
    [text (.only \n)
     ["%" \\format (.only format)]]]]]
 [\\library
  ["[0]" /]])

(.def .public documentation
  (.List $.Module)
  ($.module /._
            ""
            [($.definition /.functor)
             ($.definition /.apply)
             ($.definition /.monad)
             ($.definition /.Private)
             ($.definition /.Can_Conceal)
             ($.definition /.Can_Reveal)
             ($.definition /.Safe)
             ($.definition /.Can_Trust)
             ($.definition /.Can_Distrust)

             ($.definition (/.Policy brand value %)
               "A security policy encoded as the means to 'upgrade' or 'downgrade' in a secure context.")

             ($.definition (/.Can_Upgrade brand % value)
               "Represents the capacity to 'upgrade' a value.")

             ($.definition (/.Can_Downgrade brand % value)
               "Represents the capacity to 'downgrade' a value.")

             ($.definition (/.Privilege brand %)
               "Represents the privilege to both 'upgrade' and 'downgrade' a value.")

             ($.definition (/.Delegation brand %from %to)
               "Represents the act of delegating policy capacities.")

             ($.definition /.delegation
               "Delegating policy capacities."
               [(delegation downgrade upgrade)])

             ($.definition (/.Context brand scope %)
               "A computational context with an associated policy privilege.")

             ($.definition /.with_policy
               "Activates a security context with the priviledge to enforce it's policy."
               [(type Password
                  (Private Text))

                (type (Policy %)
                  (Interface
                   (is (-> Text (Password %))
                       password)
                   (is (-> (Password %) Text)
                       unsafe)))

                (def (policy _)
                  (Ex (_ %) (-> Any (Policy %)))
                  (with_policy
                    (is (Context Privacy Policy)
                        (function (_ (open "%::."))
                          (implementation
                           (def (password value)
                             (%::can_upgrade value))
                           (def (unsafe password)
                             (%::can_downgrade password)))))))]
               [(with_policy context)])

             ($.definition /.Privacy
               (format "A security context for privacy."
                       \n "Private data is data which cannot be allowed to leak outside of the programmed."))

             ($.definition /.Safety
               (format "A security context for safety."
                       \n "Safe data is data coming from outside the program which can be trusted to be properly formatted and lacking injections."))]
            []))