@iota-big3/sdk-security
Version:
Advanced security features including zero trust, quantum-safe crypto, and ML threat detection
244 lines • 6.85 kB
TypeScript
/**
* @iota-big3/sdk-security - Clean Types
* Core security type definitions
*/
/**
* Security service configuration
*/
export interface SecurityConfig {
encryptionKey: string;
jwtSecret?: string;
sessionTimeout?: number;
maxFailedAttempts?: number;
twoFactor?: TwoFactorConfig;
rateLimit?: RateLimitConfig;
iam?: IAMConfig;
zeroTrust?: ZeroTrustConfig;
threatDetection?: ThreatDetectionConfig;
quantumSafe?: QuantumSafeConfig;
siem?: Array<{
platform: string;
endpoint: string;
authType?: string;
credentials: any;
}>;
vulnerabilityScanning?: {
enabled: boolean;
scanners: Array<{
type: 'QUALYS' | 'NESSUS' | 'RAPID7' | 'OPENVAS';
enabled: boolean;
apiEndpoint?: string;
credentials?: any;
}>;
};
securityOrchestration?: {
enabled: boolean;
autoRemediate: boolean;
playbooks: any[];
};
waf?: {
enabled: boolean;
provider: string;
rules: any[];
};
ddosProtection?: {
enabled: boolean;
thresholds: {
requestsPerSecond: number;
connectionLimit: number;
bandwidthLimit: number;
};
};
secretsManagement?: {
enabled: boolean;
primary: 'HASHICORP_VAULT' | 'AWS_SECRETS_MANAGER' | 'AZURE_KEY_VAULT' | 'GCP_SECRET_MANAGER';
providers: Array<{
type: 'HASHICORP_VAULT' | 'AWS_SECRETS_MANAGER' | 'AZURE_KEY_VAULT' | 'GCP_SECRET_MANAGER';
endpoint?: string;
region?: string;
namespace?: string;
authentication: {
method: string;
credentials: any;
};
}>;
syncEnabled?: boolean;
caching?: {
enabled: boolean;
ttl: number;
};
};
incidentResponse?: {
enabled: boolean;
autoEscalation?: boolean;
retentionDays?: number;
notifications?: {
email?: {
smtp: {
host: string;
port: number;
secure: boolean;
auth: {
user: string;
pass: string;
};
};
from: string;
};
slack?: {
webhookUrl: string;
channel?: string;
};
pagerDuty?: {
apiKey: string;
serviceId: string;
};
teams?: {
webhookUrl: string;
};
};
siemIntegration?: {
platform: string;
endpoint: string;
apiKey: string;
};
ticketing?: {
system: string;
endpoint: string;
apiKey: string;
};
};
forensics?: {
enabled: boolean;
evidenceStorage?: {
path: string;
encrypted: boolean;
compressionLevel?: number;
};
hashAlgorithms?: Array<'MD5' | 'SHA1' | 'SHA256' | 'SHA512' | 'BLAKE2B'>;
verifyOnAcquisition?: boolean;
enabledAnalyzers?: Array<'MEMORY' | 'DISK' | 'NETWORK' | 'LOG'>;
parallelAnalysis?: boolean;
maxMemory?: number;
reportTemplates?: string;
includeRawData?: boolean;
incidentResponseIntegration?: boolean;
siemIntegration?: {
enabled: boolean;
endpoint: string;
apiKey: string;
};
};
}
export interface ZeroTrustConfig {
enabled: boolean;
serviceMesh?: ServiceMeshConfig;
networkPolicies?: NetworkPolicyConfig;
identityVerification?: IdentityVerificationConfig;
}
export interface ServiceMeshConfig {
enabled: boolean;
tlsMode: 'STRICT' | 'PERMISSIVE' | 'DISABLED';
mtlsEnabled: boolean;
}
export interface NetworkPolicyConfig {
enabled: boolean;
defaultDeny: boolean;
allowedPorts: number[];
}
export interface IdentityVerificationConfig {
enabled: boolean;
mfaRequired: boolean;
certificateValidation: boolean;
}
export interface QuantumSafeConfig {
enabled: boolean;
algorithm: 'KYBER' | 'DILITHIUM' | 'SPHINCS' | 'FALCON';
keySize: number;
}
export interface ThreatDetectionConfig {
enabled: boolean;
mlEnabled: boolean;
realTimeScanning: boolean;
anomalyDetection: boolean;
}
export interface ComplianceConfig {
enabled: boolean;
standards: ComplianceStandard[];
auditEnabled: boolean;
}
export type ComplianceStandard = 'SOC2' | 'ISO27001' | 'GDPR' | 'HIPAA' | 'PCI_DSS';
export interface AuditConfig {
enabled: boolean;
logLevel: 'DEBUG' | 'INFO' | 'WARN' | 'ERROR';
retention: number;
encryption: boolean;
}
export interface IAMConfig {
enabled: boolean;
rbacEnabled: boolean;
sessionTimeout: number;
passwordPolicy: PasswordPolicy;
}
export interface PasswordPolicy {
minLength: number;
requireUppercase: boolean;
requireLowercase: boolean;
requireNumbers: boolean;
requireSpecialChars: boolean;
maxAge: number;
}
export interface SecurityEvent {
id: string;
type: SecurityEventType;
severity: SecuritySeverity;
timestamp: number;
source: string;
target?: string;
details: Record<string, unknown>;
resolved: boolean;
}
export type SecurityEventType = 'AUTHENTICATION_FAILURE' | 'AUTHORIZATION_FAILURE' | 'SUSPICIOUS_ACTIVITY' | 'MALWARE_DETECTED' | 'DATA_BREACH_ATTEMPT' | 'POLICY_VIOLATION' | 'COMPLIANCE_VIOLATION' | 'QUANTUM_THREAT_DETECTED';
export type SecuritySeverity = 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
export interface SecurityScanResult {
id: string;
timestamp: number;
target: string;
scanType: SecurityScanType;
status: 'RUNNING' | 'COMPLETED' | 'FAILED';
findings: SecurityFinding[];
score: number;
}
export type SecurityScanType = 'VULNERABILITY' | 'MALWARE' | 'COMPLIANCE' | 'PENETRATION';
export interface SecurityFinding {
id: string;
type: string;
severity: SecuritySeverity;
title: string;
description: string;
recommendation: string;
cve?: string;
cvssScore?: number;
}
export interface SecurityMetrics {
threatsDetected: number;
threatsBlocked: number;
vulnerabilities: number;
complianceScore: number;
lastScanTime: number;
uptime: number;
}
export interface SecurityHealthResult {
status: 'healthy' | 'degraded' | 'unhealthy';
message: string;
checks: {
zeroTrust: boolean;
quantumSafe: boolean;
threatDetection: boolean;
compliance: boolean;
audit: boolean;
iam: boolean;
};
lastUpdated: number;
}
//# sourceMappingURL=types.d.ts.map