Name: lio
Version: 0.11.6.0
Cabal-Version: >= 1.8
Build-type: Simple
License: GPL
License-File: LICENSE
Author: Hails team
Maintainer: Deian Stefan <deian at cs dot ucsd dot edu>
Synopsis: Labeled IO Information Flow Control Library
Category: Security
Homepage: https://github.com/plsyssec/lio
Bug-Reports: https://github.com/plsyssec/lio/issues
Description:
The /Labeled IO/ (LIO) library is an information flow control (IFC)
library. IFC is a mechanism that enforces security policies by
tracking and controlling the flow of information within a system.
Unlike discretionary access control (such as UNIX file permissions),
IFC permits scenarios in which untrusted computation may have the
ability to manipulate secret data without having the ability to
further disclose that data.
.
LIO is an IFC library that can be used to implement such untrusted
computations. LIO provides combinators similar to those of 'IO' for
performing side-effecting computations (e.g., modifying mutable
references, forking threads, throwing and catching exceptions, etc.)
To track and control the flow of information, LIO associates a
security policy, called a /label/, with every piece of data. A
label may, for example, impose a restriction on who can observe,
propagate, or modify the data to which it applies. Unlike standard
IO operations, the LIO counterparts check the vailidity of labels
before performing the (underlying IO) side-effecting computation.
For example, before writing to a labeled variable, LIO asserts that
the write will not violate any security policies associated with the
data to be written.
.
Most code should import module "LIO" and whichever label format the
application is using (e.g., "LIO.DCLabel" to use the format that
ships with the library). Side-effecting code should be specified as
actions in the 'LIO' monad. See "LIO.Core" for a description of the
core library API, "LIO.Label" for a discussion of labels, and
"LIO.Run" for functions allowing one to run an 'LIO' computation
from the 'IO' monad.
.
WARNING: For security, untrusted code must always be compiled with
the @-XSafe@ and @-fpackage-trust@ /SafeHaskell/ flags. See
<http://www.haskell.org/ghc/docs/latest/html/users_guide/safe-haskell.html>
for more details on the guarantees provided by SafeHaskell.
Extra-source-files:
examples/dclabel.hs
examples/gate.hs
examples/waitAndCatch.hs
examples/channel.hs
Source-repository head
Type: git
Location: https://github.com/PLSysSec/lio.git
Library
Build-Depends:
base >= 4.5 && < 6.0
,containers
,bytestring >= 0.10
,hashable >= 1.2
GHC-options: -Wall -fno-warn-orphans
include-dirs: LIO/TCB
Exposed-modules:
-- * Top-level exporter
LIO
LIO.Run
-- * Label definition
LIO.Label
-- * Core library
LIO.Core
LIO.Core.Trans
LIO.Monad
LIO.Error
LIO.Error.Trans
LIO.Exception
-- * Labeled values
LIO.Labeled
LIO.Labeled.Trans
-- * Labeled IORefs
LIO.LIORef
LIO.LIORef.Trans
-- * LIO privileges
LIO.Delegate
-- * Concurrency
LIO.Concurrent
LIO.Concurrent.LMVar
LIO.Concurrent.LMVar.Trans
LIO.Concurrent.LChan
LIO.Concurrent.LChan.Trans
-- * DCLabels
LIO.DCLabel
-- * Privileged internals
LIO.TCB
LIO.TCB.LObj
LIO.TCB.MLObj