quantrs2_device/cloud/monitoring/
security.rs

1//! Security monitoring and threat detection configuration.
2
3use serde::{Deserialize, Serialize};
4use std::time::Duration;
5
6/// Security monitoring configuration
7#[derive(Debug, Clone, Serialize, Deserialize)]
8pub struct CloudSecurityMonitoringConfig {
9    /// Enable security monitoring
10    pub enabled: bool,
11    /// Security events to monitor
12    pub events: Vec<SecurityEvent>,
13    /// Threat detection
14    pub threat_detection: ThreatDetectionConfig,
15    /// Incident response
16    pub incident_response: IncidentResponseConfig,
17    /// Compliance monitoring
18    pub compliance: ComplianceMonitoringConfig,
19}
20
21/// Security events
22#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
23pub enum SecurityEvent {
24    UnauthorizedAccess,
25    SuspiciousActivity,
26    DataBreach,
27    MalwareDetection,
28    NetworkIntrusion,
29    PrivilegeEscalation,
30    QuantumCircuitTampering,
31    ConfigurationChanges,
32    Custom(String),
33}
34
35/// Threat detection configuration
36#[derive(Debug, Clone, Serialize, Deserialize)]
37pub struct ThreatDetectionConfig {
38    /// Enable threat detection
39    pub enabled: bool,
40    /// Detection methods
41    pub methods: Vec<ThreatDetectionMethod>,
42    /// Response policies
43    pub response_policies: Vec<ThreatResponsePolicy>,
44    /// Intelligence feeds
45    pub intelligence: ThreatIntelligenceConfig,
46}
47
48/// Threat detection methods
49#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
50pub enum ThreatDetectionMethod {
51    SignatureBased,
52    BehaviorBased,
53    MachineLearning,
54    AnomalyDetection,
55    HybridApproach,
56    Custom(String),
57}
58
59/// Threat response policy
60#[derive(Debug, Clone, Serialize, Deserialize)]
61pub struct ThreatResponsePolicy {
62    /// Policy name
63    pub name: String,
64    /// Threat types this policy applies to
65    pub threat_types: Vec<ThreatType>,
66    /// Response actions
67    pub actions: Vec<ThreatResponseAction>,
68    /// Escalation rules
69    pub escalation: ThreatEscalationRules,
70}
71
72/// Threat types
73#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
74pub enum ThreatType {
75    Malware,
76    Phishing,
77    DDoS,
78    DataExfiltration,
79    InsiderThreat,
80    QuantumThreat,
81    Custom(String),
82}
83
84/// Threat response actions
85#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
86pub enum ThreatResponseAction {
87    Alert,
88    Block,
89    Quarantine,
90    Isolate,
91    Investigate,
92    Escalate,
93    Custom(String),
94}
95
96/// Threat escalation rules
97#[derive(Debug, Clone, Serialize, Deserialize)]
98pub struct ThreatEscalationRules {
99    /// Escalation triggers
100    pub triggers: Vec<EscalationTrigger>,
101    /// Escalation levels
102    pub levels: Vec<ThreatEscalationLevel>,
103}
104
105/// Escalation triggers
106#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
107pub enum EscalationTrigger {
108    ThreatSeverity,
109    ResponseTimeout,
110    FailedMitigation,
111    Custom(String),
112}
113
114/// Threat escalation level
115#[derive(Debug, Clone, Serialize, Deserialize)]
116pub struct ThreatEscalationLevel {
117    /// Level name
118    pub name: String,
119    /// Severity threshold
120    pub severity_threshold: f64,
121    /// Response time
122    pub response_time: Duration,
123    /// Escalation contacts
124    pub contacts: Vec<String>,
125}
126
127/// Threat intelligence configuration
128#[derive(Debug, Clone, Serialize, Deserialize)]
129pub struct ThreatIntelligenceConfig {
130    /// Enable threat intelligence
131    pub enabled: bool,
132    /// Intelligence sources
133    pub sources: Vec<IntelligenceSource>,
134    /// Feed integration
135    pub feeds: Vec<FeedIntegrationConfig>,
136    /// Update frequency
137    pub update_frequency: Duration,
138}
139
140/// Intelligence sources
141#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
142pub enum IntelligenceSource {
143    Commercial,
144    OpenSource,
145    Government,
146    Community,
147    Internal,
148    Custom(String),
149}
150
151/// Feed integration configuration
152#[derive(Debug, Clone, Serialize, Deserialize)]
153pub struct FeedIntegrationConfig {
154    /// Feed name
155    pub name: String,
156    /// Feed type
157    pub feed_type: String,
158    /// API endpoint
159    pub endpoint: String,
160    /// Authentication
161    pub auth: FeedAuthConfig,
162}
163
164/// Feed authentication configuration
165#[derive(Debug, Clone, Serialize, Deserialize)]
166pub struct FeedAuthConfig {
167    /// Authentication type
168    pub auth_type: AuthType,
169    /// Credentials
170    pub credentials: std::collections::HashMap<String, String>,
171}
172
173/// Authentication types
174#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
175pub enum AuthType {
176    ApiKey,
177    OAuth,
178    Basic,
179    Certificate,
180    Custom(String),
181}
182
183/// Incident response configuration
184#[derive(Debug, Clone, Serialize, Deserialize, Default)]
185pub struct IncidentResponseConfig {
186    /// Enable automated response
187    pub automated: bool,
188    /// Response playbooks
189    pub playbooks: Vec<ResponsePlaybook>,
190    /// Communication plan
191    pub communication: CommunicationPlan,
192}
193
194/// Response playbook
195#[derive(Debug, Clone, Serialize, Deserialize)]
196pub struct ResponsePlaybook {
197    /// Playbook name
198    pub name: String,
199    /// Trigger conditions
200    pub triggers: Vec<String>,
201    /// Response steps
202    pub steps: Vec<ResponseStep>,
203}
204
205/// Response step
206#[derive(Debug, Clone, Serialize, Deserialize)]
207pub struct ResponseStep {
208    /// Step name
209    pub name: String,
210    /// Action type
211    pub action_type: ResponseActionType,
212    /// Parameters
213    pub parameters: std::collections::HashMap<String, String>,
214}
215
216/// Response action types
217#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
218pub enum ResponseActionType {
219    Notify,
220    Execute,
221    Isolate,
222    Investigate,
223    Document,
224    Custom(String),
225}
226
227/// Communication plan
228#[derive(Debug, Clone, Serialize, Deserialize)]
229pub struct CommunicationPlan {
230    /// Notification channels
231    pub channels: Vec<String>,
232    /// Stakeholder groups
233    pub stakeholders: Vec<StakeholderGroup>,
234    /// Escalation matrix
235    pub escalation_matrix: Vec<EscalationContact>,
236}
237
238/// Stakeholder group
239#[derive(Debug, Clone, Serialize, Deserialize)]
240pub struct StakeholderGroup {
241    /// Group name
242    pub name: String,
243    /// Contact methods
244    pub contacts: Vec<String>,
245    /// Notification conditions
246    pub conditions: Vec<String>,
247}
248
249/// Escalation contact
250#[derive(Debug, Clone, Serialize, Deserialize)]
251pub struct EscalationContact {
252    /// Contact name
253    pub name: String,
254    /// Contact method
255    pub method: String,
256    /// Escalation level
257    pub level: i32,
258    /// Response time requirement
259    pub response_time: Duration,
260}
261
262/// Compliance monitoring configuration
263#[derive(Debug, Clone, Serialize, Deserialize, Default)]
264pub struct ComplianceMonitoringConfig {
265    /// Enable compliance monitoring
266    pub enabled: bool,
267    /// Compliance frameworks
268    pub frameworks: Vec<ComplianceFramework>,
269    /// Audit configuration
270    pub audit: AuditConfig,
271    /// Reporting
272    pub reporting: ComplianceReportingConfig,
273}
274
275/// Compliance frameworks
276#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
277pub enum ComplianceFramework {
278    SOC2,
279    ISO27001,
280    GDPR,
281    HIPAA,
282    PciDss,
283    FedRAMP,
284    Custom(String),
285}
286
287/// Audit configuration
288#[derive(Debug, Clone, Serialize, Deserialize)]
289pub struct AuditConfig {
290    /// Enable audit logging
291    pub enabled: bool,
292    /// Log retention period
293    pub retention: Duration,
294    /// Audit events
295    pub events: Vec<AuditEvent>,
296}
297
298/// Audit events
299#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
300pub enum AuditEvent {
301    UserLogin,
302    UserLogout,
303    DataAccess,
304    ConfigChange,
305    PermissionChange,
306    SystemAccess,
307    Custom(String),
308}
309
310/// Compliance reporting configuration
311#[derive(Debug, Clone, Serialize, Deserialize)]
312pub struct ComplianceReportingConfig {
313    /// Enable automated reporting
314    pub automated: bool,
315    /// Report frequency
316    pub frequency: Duration,
317    /// Report types
318    pub types: Vec<ReportType>,
319}
320
321/// Report types
322#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
323pub enum ReportType {
324    ComplianceStatus,
325    VulnerabilityAssessment,
326    SecurityPosture,
327    IncidentSummary,
328    Custom(String),
329}
330
331impl Default for CloudSecurityMonitoringConfig {
332    fn default() -> Self {
333        Self {
334            enabled: true,
335            events: vec![
336                SecurityEvent::UnauthorizedAccess,
337                SecurityEvent::SuspiciousActivity,
338                SecurityEvent::ConfigurationChanges,
339            ],
340            threat_detection: ThreatDetectionConfig::default(),
341            incident_response: IncidentResponseConfig::default(),
342            compliance: ComplianceMonitoringConfig::default(),
343        }
344    }
345}
346
347impl Default for ThreatDetectionConfig {
348    fn default() -> Self {
349        Self {
350            enabled: true,
351            methods: vec![ThreatDetectionMethod::SignatureBased],
352            response_policies: vec![],
353            intelligence: ThreatIntelligenceConfig::default(),
354        }
355    }
356}
357
358impl Default for ThreatIntelligenceConfig {
359    fn default() -> Self {
360        Self {
361            enabled: false,
362            sources: vec![IntelligenceSource::OpenSource],
363            feeds: vec![],
364            update_frequency: Duration::from_secs(3600), // hourly
365        }
366    }
367}
368
369impl Default for CommunicationPlan {
370    fn default() -> Self {
371        Self {
372            channels: vec!["email".to_string()],
373            stakeholders: vec![],
374            escalation_matrix: vec![],
375        }
376    }
377}
378
379impl Default for AuditConfig {
380    fn default() -> Self {
381        Self {
382            enabled: true,
383            retention: Duration::from_secs(86400 * 365), // 1 year
384            events: vec![
385                AuditEvent::UserLogin,
386                AuditEvent::DataAccess,
387                AuditEvent::ConfigChange,
388            ],
389        }
390    }
391}
392
393impl Default for ComplianceReportingConfig {
394    fn default() -> Self {
395        Self {
396            automated: false,
397            frequency: Duration::from_secs(86400 * 30), // monthly
398            types: vec![ReportType::ComplianceStatus],
399        }
400    }
401}
quantrs2_device/cloud/monitoring/security.rs

quantrs2_device/cloud/monitoring/
security.rs
