Struct SocAccess 

pub struct SocAccess(/* private fields */);

Capability token for accessing sensitive internal context data.

Purpose

This zero-sized type serves as a proof-of-authority for accessing sensitive information via InternalContext::expose_sensitive(). Requiring this token:

1. Forces explicit privilege acquisition (cannot call accidentally)
2. Makes sensitive access grep-able in codebase
3. Enables future RBAC or audit hook integration
4. Documents authority requirement in the type system

Construction

Only constructible via SocAccess::acquire(), which should be called only in controlled contexts (authenticated logging pipelines, SOC-exclusive endpoints, etc.).

Security Model

This is not cryptographic. An attacker with code execution can trivially construct this type. The purpose is organizational process safety: preventing accidental misuse by well-meaning developers, not preventing malicious actors.

Example

// In SOC-restricted logging code:
let access = SocAccess::acquire();
if let Some(sensitive) = context.expose_sensitive(&access) {
    secure_log_to_encrypted_siem(sensitive);
}

Implementations

impl SocAccess

pub fn acquire() -> Self

Acquire SOC access capability for sensitive data exposure.

Security Contract

Caller must ensure this is invoked only in contexts where sensitive data disclosure is authorized:

• Authenticated SOC dashboards with RBAC
• Encrypted internal logging pipelines
• Forensic analysis tools with access controls

Audit Recommendation

Calls to this method should be logged separately for compliance auditing. Consider wrapping this in a macro that logs the caller’s location:

macro_rules! acquire_soc_access {
    () => {{
        audit_log!("SOC access acquired at {}:{}", file!(), line!());
        SocAccess::acquire()
    }}
}