Static Mandatory Access Control in Haskell

Latest on Hackage:

This package is not currently in any snapshots. If you're interested in using it, we recommend adding it to Stackage Nightly. Doing so will make builds more reliable, and allow to host generated Haddocks.

BSD3 licensed by Alejandro Russo
Maintained by

The MAC library implements Mandatory Access Control concepts in Haskell. It leverages Haskell type-system to restrict how data gets propagated within programs and ensures that sensitive data cannot be leaked by malicious or buggy code. The library enables untrusted code, i.e., code written by someone else, to securely manipulate sensitive data while preserving its confidentiality.

The library provides secure versions of advance programming languages features like references, exceptions, and concurrency. This package is the accompanying code for the paper Functional Pearl: Two can keep a secret, if one of them uses Haskell.


  • New module FlexibleLb.hs - Extended API for labeled values: functor structure (fmap), relabeling operation (relabel), and applicative operator (<<*>>). - Theory supporting this changes is described in the article "Flexible Manipulation of Labeled Values for Information-Flow Control Libraries" by Vassena et al.
comments powered byDisqus