-- Initial secio.cabal generated by cabal init. For further documentation, -- see http://haskell.org/cabal/users-guide/ name: seclib version: 1.1.0.1 -- synopsis: license: BSD3 license-file: LICENSE author: Alejandro Russo maintainer: russo@chalmers.se -- copyright: Copyright: (c) 2014 Alejandro Russo, Koen Claessen, John Hughes category: Security synopsis: A simple library for static information-flow security in Haskell build-type: Simple cabal-version: >=1.8 description: This package presents a static library to enforce /Information-Flow Control/ (IFC) in Haskell. IFC allows untrusted code to manipulate sensitive data (i.e., secret information), while preserving its confidentiality. . To illustrate the use case scenario for /SecLib/, let us consider two Haskell programmers , Alice and Bob, who do not trust each other. Image that Alice wishes to use Bob's code to check the strength of Alice's sensitive passwords. Clearly, Alice is concern that the passwords could be leaked if they are run with Bob's code. How could Alice be sure that Bob's code will preserve the confidentiality of Alice's password? One option is to do code review---a very time consuming approach. Instead, Alice demands that Bob's code uses the security monads provided by this library (i.e., 'Sec' and 'SecIO'). Now, Alice only requires, by using the type-system, that Bob's code is written using such monads. Importantly, Alice needs to use Safe Haskell to compile Bob's untrusted code using the flags @-XSafe@. This package provides the files @Alice.hs@ and @Bob.hs@. The former calls into functions provided by the latter and the library guarantees that secrets are not unintentionally or maliciously leaked. . The library is a modern and simplified version (updated to exploit the last GHC type-system features) of the work presented in /A Library for Light-weight Information-Flow Security in Haskell/ by Alejandro Russo, Koen Claessen and John Hughes. In Proc. of the ACM SIGPLAN 2008 Haskell Symposium. With respect to the version 1.0.0.0, this version has less side-effectful features (e.g., no secure file handlers and sockets) as well as declassification combinators. However, it presents a simpler and more intuitive interface which can be easily extended to cover a rich-set of side-effects. extra-source-files: Examples/Alice.hs, Examples/Bob.hs library build-depends: base ==4.7.* include-dirs: SecLib/TCB exposed-modules: SecLib.Lattice SecLib.Sec SecLib.SecIO SecLib.Ref SecLib.Reveal SecLib.LowHigh -- * Internals SecLib.TCB.Sec SecLib.TCB.SecIO SecLib.TCB.Lattice SecLib.TCB.Ref source-repository this type: git location: https://russo@bitbucket.org/russo/seclib.git tag: release-1.1.0.1