recoder-security/dist/compliance-engine.d.ts

Enterprise-grade security and compliance layer for CodeCraft CLI

/**
 * Compliance Engine for GDPR, SOC2, HIPAA, and other regulations
 * Ensures data handling, privacy, and security compliance across all operations
 */
export interface ComplianceFramework {
    id: string;
    name: string;
    version: string;
    description: string;
    applicableRegions: string[];
    requirements: ComplianceRequirement[];
    controls: ComplianceControl[];
    certificationBody?: string;
    validityPeriod?: number;
}
export interface ComplianceRequirement {
    id: string;
    framework: string;
    title: string;
    description: string;
    category: 'data_protection' | 'access_control' | 'audit' | 'encryption' | 'retention' | 'privacy' | 'security';
    mandatory: boolean;
    severity: 'low' | 'medium' | 'high' | 'critical';
    implementation: string[];
    evidence: string[];
    testProcedure: string;
    references: string[];
}
export interface ComplianceControl {
    id: string;
    requirement: string;
    name: string;
    description: string;
    implementation: 'manual' | 'automated' | 'hybrid';
    frequency: 'continuous' | 'daily' | 'weekly' | 'monthly' | 'annually';
    owner: string;
    status: 'compliant' | 'non_compliant' | 'partial' | 'not_applicable';
    lastAssessed: number;
    nextAssessment: number;
    evidence: ComplianceEvidence[];
    remediation?: {
        plan: string;
        timeline: number;
        responsible: string;
        status: 'planned' | 'in_progress' | 'completed';
    };
}
export interface ComplianceEvidence {
    id: string;
    type: 'document' | 'log' | 'screenshot' | 'certificate' | 'audit_report' | 'test_result';
    title: string;
    description: string;
    filePath?: string;
    hash: string;
    created: number;
    validUntil?: number;
    tags: string[];
    metadata: Record<string, any>;
}
export interface DataProcessingRecord {
    id: string;
    purpose: string;
    dataTypes: string[];
    dataSubjects: string[];
    legalBasis: string;
    recipients: string[];
    retentionPeriod: number;
    crossBorderTransfers: boolean;
    safeguards: string[];
    created: number;
    lastUpdated: number;
    status: 'active' | 'archived' | 'deleted';
}
export interface PrivacyImpactAssessment {
    id: string;
    title: string;
    description: string;
    dataTypes: string[];
    processingPurpose: string;
    riskLevel: 'low' | 'medium' | 'high';
    risks: {
        id: string;
        description: string;
        likelihood: 'low' | 'medium' | 'high';
        impact: 'low' | 'medium' | 'high';
        mitigation: string;
        status: 'identified' | 'mitigated' | 'accepted';
    }[];
    mitigationMeasures: string[];
    approved: boolean;
    approver: string;
    created: number;
    reviewDate: number;
}
export interface ComplianceReport {
    id: string;
    framework: string;
    generated: number;
    period: {
        start: number;
        end: number;
    };
    overallStatus: 'compliant' | 'non_compliant' | 'partial';
    summary: {
        totalControls: number;
        compliantControls: number;
        nonCompliantControls: number;
        partialControls: number;
        notApplicableControls: number;
    };
    findings: ComplianceFinding[];
    recommendations: string[];
    nextReview: number;
}
export interface ComplianceFinding {
    id: string;
    control: string;
    severity: 'low' | 'medium' | 'high' | 'critical';
    status: 'open' | 'in_progress' | 'resolved' | 'accepted';
    description: string;
    recommendation: string;
    deadline?: number;
    assignee?: string;
}
export interface ComplianceConfig {
    enabledFrameworks: string[];
    defaultRetentionDays: number;
    automaticAssessment: boolean;
    assessmentFrequency: number;
    alertThresholds: {
        criticalFindings: number;
        highFindings: number;
        overdueDays: number;
    };
    dataMinimization: boolean;
    anonymization: boolean;
    consentManagement: boolean;
    rightToErasure: boolean;
    dataPortability: boolean;
}
export declare class ComplianceEngine {
    private readonly logger;
    private readonly config;
    private readonly frameworks;
    private readonly controls;
    private readonly dataProcessingRecords;
    private readonly privacyAssessments;
    constructor(config?: Partial<ComplianceConfig>);
    /**
     * Assess compliance for a specific framework
     */
    assessCompliance(frameworkId: string): Promise<ComplianceReport>;
    /**
     * Record data processing activity
     */
    recordDataProcessing(record: Omit<DataProcessingRecord, 'id' | 'created' | 'lastUpdated' | 'status'>): Promise<string>;
    /**
     * Create Privacy Impact Assessment
     */
    createPrivacyImpactAssessment(dataRecord: DataProcessingRecord, assessment?: Partial<PrivacyImpactAssessment>): Promise<string>;
    /**
     * Handle data subject rights requests (GDPR Article 15-22)
     */
    handleDataSubjectRequest(type: 'access' | 'rectification' | 'erasure' | 'portability' | 'restriction' | 'objection', subjectId: string, requestDetails: any): Promise<{
        requestId: string;
        status: 'received' | 'processing' | 'completed' | 'rejected';
        data?: any;
        timeline: number;
    }>;
    /**
     * Anonymize personal data
     */
    anonymizeData(data: any, technique: 'k_anonymity' | 'l_diversity' | 'differential_privacy'): Promise<any>;
    /**
     * Generate compliance evidence
     */
    generateEvidence(controlId: string, type: ComplianceEvidence['type'], title: string, description: string, filePath?: string): Promise<string>;
    /**
     * Get compliance dashboard data
     */
    getComplianceDashboard(): {
        frameworks: {
            id: string;
            name: string;
            status: string;
        }[];
        overallCompliance: number;
        criticalFindings: number;
        overdueAssessments: number;
        dataProcessingRecords: number;
        pendingPIAs: number;
        recentActivity: any[];
    };
    /**
     * Load compliance frameworks
     */
    private loadComplianceFrameworks;
    /**
     * Initialize compliance controls
     */
    private initializeControls;
    /**
     * Determine overall compliance status
     */
    private determineOverallStatus;
    /**
     * Generate recommendations based on findings
     */
    private generateRecommendations;
    /**
     * Check alert thresholds and send notifications
     */
    private checkAlertThresholds;
    /**
     * Save compliance report
     */
    private saveComplianceReport;
    /**
     * Check if data processing is high-risk (requires PIA)
     */
    private isHighRiskProcessing;
    /**
     * Assess data processing risk level
     */
    private assessDataProcessingRisk;
    /**
     * Identify privacy risks for PIA
     */
    private identifyPrivacyRisks;
    /**
     * Generate mitigation measures
     */
    private generateMitigationMeasures;
    /**
     * Handle data subject access request
     */
    private handleAccessRequest;
    /**
     * Handle data subject erasure request (right to be forgotten)
     */
    private handleErasureRequest;
    /**
     * Handle data portability request
     */
    private handlePortabilityRequest;
    /**
     * Handle data rectification request
     */
    private handleRectificationRequest;
    /**
     * Apply k-anonymity
     */
    private applyKAnonymity;
    /**
     * Apply l-diversity
     */
    private applyLDiversity;
    /**
     * Apply differential privacy
     */
    private applyDifferentialPrivacy;
    /**
     * Generate unique identifier
     */
    private generateId;
}
//# sourceMappingURL=compliance-engine.d.ts.map