General channel mitigation library
Switch branches/tags
Nothing to show
Pull request Compare This branch is even with scslab:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Examples
MIO
Mitigator
.gitignore
LICENSE
Mitigator.hs
MonadConcur.hs
README.md
Setup.hs
mitigator.cabal

README.md

Mitigator: A functional approach to mitigating covert channels

This library defines a basic interface for implementing covert channel mitigators (e.g., external timing mitigator, or storage mitigator). Concretely the library exposes a class 'Mitigator' and monad transformer 'MitM' (read "mitigated monad", or "monad-in-the-middle") that keeps the state of all mitigators. This allows users to mitigate different "object" independently. For example, one can build a mitigator per file-handle. "Mitigator.Time" implements this interface for time-mitigated handles and computations; "MIO.Handle" shows an implementation of the former used to mitigate writes to handles.

Pre-requisites

Before building this code, you must use the following cabal commands to install required libraries:

cabal update
cabal install clock

Examples

The 'Examples' directory contains several examples:

  • handle.hs: shows an example of writing to two file, mitigated at different rates.

  • basicHttp.hs: shows an example of mitigating web applications. For this, you will need to install the latest version of 'iterIO', available at: git://github.com/scslab/iterIO.git

  • xycombinator: shows an example implementation using LIO for information flow control and the mitigator to execute untrusted web apps.