haskell-webapps icon indicating copy to clipboard operation
haskell-webapps copied to clipboard

Published 20 hours ago verified publisher icon vacationlabs

Discussion: Secure Domain Model, Policy with Labeled IO

Open sudhirvkumar opened this issue 8 years ago • 2 comments

Building Secure systems with Haskell

Video: https://www.youtube.com/watch?v=jX-zsoPWah0 Presentation: https://cseweb.ucsd.edu/~dstefan/talks/strangeloop2016.pdf

lio: https://hackage.haskell.org/package/lio

Haskell enables us to build applications faster which are reliable, maintainable... and now.. we can also build applications which are secure.

The Idea is... MVC + Policy -> Model + Policy & VC

With policy we will be able to control who will be able to do what and which fields can be read/written by whom.

This will enable to separate code into trusted and untrusted code. Interns can write untrusted code and still not be able to introduce any security vulnerabilities.

sudhirvkumar avatar Oct 16 '16 08:10 sudhirvkumar

This is pretty much the Operation/Permission monad I was discussing with @saurabhnanda on Gitter.

wz1000 avatar Oct 16 '16 08:10 wz1000

@wz1000 I need to catch up with the discussions in the gitter...

sudhirvkumar avatar Oct 16 '16 11:10 sudhirvkumar