quantrs2_device/security/
config.rs

1//! Security configuration types
2
3use serde::{Deserialize, Serialize};
4use std::collections::HashMap;
5use std::time::{Duration, SystemTime};
6
7use super::types::*;
8
9/// Configuration for Comprehensive Quantum System Security Framework
10#[derive(Debug, Clone, Serialize, Deserialize)]
11pub struct QuantumSecurityConfig {
12    /// Core security policy configuration
13    pub security_policy: SecurityPolicyConfig,
14    /// Quantum-safe cryptography configuration
15    pub quantum_safe_crypto: QuantumSafeCryptographyConfig,
16    /// Access control and authentication configuration
17    pub access_control: AccessControlConfig,
18    /// Threat detection and response configuration
19    pub threat_detection: ThreatDetectionConfig,
20    /// Security analytics and monitoring configuration
21    pub security_analytics: SecurityAnalyticsConfig,
22    /// Compliance and audit configuration
23    pub compliance_config: ComplianceConfig,
24    /// Secure communication configuration
25    pub secure_communication: SecureCommunicationConfig,
26    /// Hardware security configuration
27    pub hardware_security: HardwareSecurityConfig,
28    /// Data protection and privacy configuration
29    pub data_protection: DataProtectionConfig,
30    /// Incident response configuration
31    pub incident_response: IncidentResponseConfig,
32    /// Security orchestration configuration
33    pub security_orchestration: SecurityOrchestrationConfig,
34    /// AI/ML security configuration
35    pub ai_security: AISecurityConfig,
36}
37
38/// Security policy configuration
39#[derive(Debug, Clone, Serialize, Deserialize)]
40pub struct SecurityPolicyConfig {
41    /// Enable comprehensive security framework
42    pub enable_security_framework: bool,
43    /// Security classification levels
44    pub classification_levels: Vec<SecurityClassification>,
45    /// Security objectives
46    pub security_objectives: Vec<SecurityObjective>,
47    /// Risk tolerance levels
48    pub risk_tolerance: RiskToleranceConfig,
49    /// Security standards compliance
50    pub standards_compliance: Vec<SecurityStandard>,
51    /// Policy enforcement settings
52    pub policy_enforcement: PolicyEnforcementConfig,
53    /// Security governance settings
54    pub governance_config: SecurityGovernanceConfig,
55}
56
57/// Configuration types with Default implementations
58#[derive(Debug, Clone, Serialize, Deserialize, Default)]
59pub struct RiskToleranceConfig {
60    pub risk_threshold: f64,
61}
62
63#[derive(Debug, Clone, Serialize, Deserialize, Default)]
64pub struct PolicyEnforcementConfig {
65    pub enforcement_mode: String,
66}
67
68#[derive(Debug, Clone, Serialize, Deserialize, Default)]
69pub struct SecurityGovernanceConfig {
70    pub governance_level: String,
71}
72
73/// Quantum-safe cryptography configuration
74#[derive(Debug, Clone, Serialize, Deserialize)]
75pub struct QuantumSafeCryptographyConfig {
76    /// Enable quantum-safe cryptography
77    pub enable_quantum_safe_crypto: bool,
78    /// Post-quantum cryptographic algorithms
79    pub post_quantum_algorithms: Vec<PostQuantumAlgorithm>,
80    /// Key management configuration
81    pub key_management: QuantumKeyManagementConfig,
82    /// Digital signature configuration
83    pub digital_signatures: QuantumDigitalSignatureConfig,
84    /// Encryption configuration
85    pub encryption_config: QuantumEncryptionConfig,
86    /// Key exchange configuration
87    pub key_exchange: QuantumKeyExchangeConfig,
88    /// Cryptographic agility settings
89    pub crypto_agility: CryptographicAgilityConfig,
90    /// Quantum random number generation
91    pub quantum_rng: QuantumRNGConfig,
92}
93
94#[derive(Debug, Clone, Serialize, Deserialize, Default)]
95pub struct QuantumKeyManagementConfig {
96    pub key_rotation_interval: Duration,
97}
98
99#[derive(Debug, Clone, Serialize, Deserialize, Default)]
100pub struct QuantumDigitalSignatureConfig {
101    pub signature_algorithm: String,
102}
103
104#[derive(Debug, Clone, Serialize, Deserialize, Default)]
105pub struct QuantumEncryptionConfig {
106    pub encryption_algorithm: String,
107}
108
109#[derive(Debug, Clone, Serialize, Deserialize, Default)]
110pub struct QuantumKeyExchangeConfig {
111    pub key_exchange_protocol: String,
112}
113
114#[derive(Debug, Clone, Serialize, Deserialize, Default)]
115pub struct CryptographicAgilityConfig {
116    pub agility_level: String,
117}
118
119#[derive(Debug, Clone, Serialize, Deserialize, Default)]
120pub struct QuantumRNGConfig {
121    pub entropy_source: String,
122}
123
124/// Access control configuration
125#[derive(Debug, Clone, Serialize, Deserialize)]
126pub struct AccessControlConfig {
127    /// Authentication methods
128    pub authentication_methods: Vec<AuthenticationMethod>,
129    /// Authorization models
130    pub authorization_models: Vec<AuthorizationModel>,
131    /// Multi-factor authentication
132    pub mfa_config: MFAConfig,
133    /// Zero-trust architecture
134    pub zero_trust: ZeroTrustConfig,
135    /// Privileged access management
136    pub privileged_access: PrivilegedAccessConfig,
137    /// Session management
138    pub session_management: SessionManagementConfig,
139    /// Device and endpoint security
140    pub endpoint_security: EndpointSecurityConfig,
141}
142
143#[derive(Debug, Clone, Serialize, Deserialize, Default)]
144pub struct MFAConfig {
145    pub required_factors: usize,
146}
147
148#[derive(Debug, Clone, Serialize, Deserialize)]
149pub struct ZeroTrustConfig {
150    pub enable_zero_trust: bool,
151    pub trust_verification_level: String,
152    pub continuous_verification: bool,
153    pub implicit_trust_timeout: Duration,
154    pub trust_scores: HashMap<String, f64>,
155}
156
157impl Default for ZeroTrustConfig {
158    fn default() -> Self {
159        Self {
160            enable_zero_trust: true,
161            trust_verification_level: "high".to_string(),
162            continuous_verification: true,
163            implicit_trust_timeout: Duration::from_secs(300),
164            trust_scores: HashMap::new(),
165        }
166    }
167}
168
169#[derive(Debug, Clone, Serialize, Deserialize)]
170pub struct PrivilegedAccessConfig {
171    pub enable_pam: bool,
172    pub session_recording: bool,
173    pub approval_workflow: bool,
174    pub just_in_time_access: bool,
175    pub access_timeout: Duration,
176    pub approval_threshold: i32,
177}
178
179impl Default for PrivilegedAccessConfig {
180    fn default() -> Self {
181        Self {
182            enable_pam: true,
183            session_recording: true,
184            approval_workflow: true,
185            just_in_time_access: true,
186            access_timeout: Duration::from_secs(3600),
187            approval_threshold: 2,
188        }
189    }
190}
191
192#[derive(Debug, Clone, Serialize, Deserialize)]
193pub struct SessionManagementConfig {
194    pub session_timeout: Duration,
195    pub max_concurrent_sessions: usize,
196    pub session_tracking: bool,
197    pub idle_timeout: Duration,
198    pub forced_logout_conditions: Vec<String>,
199}
200
201impl Default for SessionManagementConfig {
202    fn default() -> Self {
203        Self {
204            session_timeout: Duration::from_secs(7200),
205            max_concurrent_sessions: 5,
206            session_tracking: true,
207            idle_timeout: Duration::from_secs(900),
208            forced_logout_conditions: Vec::new(),
209        }
210    }
211}
212
213#[derive(Debug, Clone, Serialize, Deserialize)]
214pub struct EndpointSecurityConfig {
215    pub endpoint_protection: bool,
216    pub device_registration: bool,
217    pub compliance_checking: bool,
218    pub threat_detection: bool,
219    pub patch_management: bool,
220    pub data_loss_prevention: bool,
221}
222
223impl Default for EndpointSecurityConfig {
224    fn default() -> Self {
225        Self {
226            endpoint_protection: true,
227            device_registration: true,
228            compliance_checking: true,
229            threat_detection: true,
230            patch_management: true,
231            data_loss_prevention: true,
232        }
233    }
234}
235
236/// Threat detection configuration
237#[derive(Debug, Clone, Serialize, Deserialize)]
238pub struct ThreatDetectionConfig {
239    /// Enable advanced threat detection
240    pub enable_threat_detection: bool,
241    /// Detection algorithms
242    pub detection_algorithms: Vec<ThreatDetectionAlgorithm>,
243    /// Anomaly detection configuration
244    pub anomaly_detection: AnomalyDetectionConfig,
245    /// Behavioral analysis configuration
246    pub behavioral_analysis: BehavioralAnalysisConfig,
247    /// Threat intelligence integration
248    pub threat_intelligence: ThreatIntelligenceConfig,
249    /// Machine learning detection
250    pub ml_detection: MLThreatDetectionConfig,
251    /// Real-time monitoring
252    pub realtime_monitoring: RealtimeMonitoringConfig,
253    /// Quantum-specific threat detection
254    pub quantum_threat_detection: QuantumThreatDetectionConfig,
255}
256
257#[derive(Debug, Clone, Serialize, Deserialize)]
258pub struct AnomalyDetectionConfig {
259    pub enable_detection: bool,
260    pub detection_algorithms: Vec<String>,
261    pub baseline_learning_period: Duration,
262    pub anomaly_threshold: f64,
263    pub alert_threshold: f64,
264    pub auto_response: bool,
265}
266
267impl Default for AnomalyDetectionConfig {
268    fn default() -> Self {
269        Self {
270            enable_detection: true,
271            detection_algorithms: vec!["isolation_forest".to_string(), "one_class_svm".to_string()],
272            baseline_learning_period: Duration::from_secs(86400 * 7), // 1 week
273            anomaly_threshold: 0.1,
274            alert_threshold: 0.05,
275            auto_response: true,
276        }
277    }
278}
279
280#[derive(Debug, Clone, Serialize, Deserialize)]
281pub struct BehavioralAnalysisConfig {
282    pub enable_analysis: bool,
283    pub user_profiling: bool,
284    pub pattern_recognition: bool,
285    pub risk_scoring: bool,
286    pub learning_period: Duration,
287    pub update_frequency: Duration,
288}
289
290impl Default for BehavioralAnalysisConfig {
291    fn default() -> Self {
292        Self {
293            enable_analysis: true,
294            user_profiling: true,
295            pattern_recognition: true,
296            risk_scoring: true,
297            learning_period: Duration::from_secs(86400 * 30), // 30 days
298            update_frequency: Duration::from_secs(3600),      // 1 hour
299        }
300    }
301}
302
303#[derive(Debug, Clone, Serialize, Deserialize)]
304pub struct ThreatIntelligenceConfig {
305    pub enable_threat_intel: bool,
306    pub feed_sources: Vec<String>,
307    pub update_frequency: Duration,
308    pub threat_correlation: bool,
309    pub ioc_matching: bool,
310    pub threat_hunting: bool,
311}
312
313impl Default for ThreatIntelligenceConfig {
314    fn default() -> Self {
315        Self {
316            enable_threat_intel: true,
317            feed_sources: vec!["mitre".to_string(), "nist".to_string()],
318            update_frequency: Duration::from_secs(3600),
319            threat_correlation: true,
320            ioc_matching: true,
321            threat_hunting: true,
322        }
323    }
324}
325
326#[derive(Debug, Clone, Serialize, Deserialize)]
327pub struct MLThreatDetectionConfig {
328    pub enable_ml_detection: bool,
329    pub model_types: Vec<String>,
330    pub training_frequency: Duration,
331    pub prediction_threshold: f64,
332    pub feature_engineering: bool,
333    pub ensemble_methods: bool,
334}
335
336impl Default for MLThreatDetectionConfig {
337    fn default() -> Self {
338        Self {
339            enable_ml_detection: true,
340            model_types: vec!["random_forest".to_string(), "neural_network".to_string()],
341            training_frequency: Duration::from_secs(86400), // Daily
342            prediction_threshold: 0.8,
343            feature_engineering: true,
344            ensemble_methods: true,
345        }
346    }
347}
348
349#[derive(Debug, Clone, Serialize, Deserialize)]
350pub struct RealtimeMonitoringConfig {
351    pub enable_realtime: bool,
352    pub monitoring_interval: Duration,
353    pub alert_latency_target: Duration,
354    pub stream_processing: bool,
355    pub data_retention_period: Duration,
356    pub dashboards: Vec<String>,
357}
358
359impl Default for RealtimeMonitoringConfig {
360    fn default() -> Self {
361        Self {
362            enable_realtime: true,
363            monitoring_interval: Duration::from_millis(100),
364            alert_latency_target: Duration::from_secs(1),
365            stream_processing: true,
366            data_retention_period: Duration::from_secs(86400 * 90), // 90 days
367            dashboards: vec![
368                "security_overview".to_string(),
369                "threat_dashboard".to_string(),
370            ],
371        }
372    }
373}
374
375#[derive(Debug, Clone, Serialize, Deserialize)]
376pub struct QuantumThreatDetectionConfig {
377    pub enable_quantum_threats: bool,
378    pub quantum_attack_patterns: Vec<String>,
379    pub quantum_vulnerability_scanning: bool,
380    pub post_quantum_readiness: bool,
381    pub quantum_safe_algorithms: Vec<String>,
382    pub quantum_key_compromise_detection: bool,
383}
384
385impl Default for QuantumThreatDetectionConfig {
386    fn default() -> Self {
387        Self {
388            enable_quantum_threats: true,
389            quantum_attack_patterns: vec!["shor".to_string(), "grover".to_string()],
390            quantum_vulnerability_scanning: true,
391            post_quantum_readiness: true,
392            quantum_safe_algorithms: vec!["kyber".to_string(), "dilithium".to_string()],
393            quantum_key_compromise_detection: true,
394        }
395    }
396}
397
398/// Security analytics configuration
399#[derive(Debug, Clone, Serialize, Deserialize)]
400pub struct SecurityAnalyticsConfig {
401    /// Enable security analytics
402    pub enable_security_analytics: bool,
403    /// Analytics engines
404    pub analytics_engines: Vec<SecurityAnalyticsEngine>,
405    /// Security metrics collection
406    pub metrics_collection: SecurityMetricsConfig,
407    /// Risk assessment configuration
408    pub risk_assessment: RiskAssessmentConfig,
409    /// Security dashboards
410    pub dashboard_config: SecurityDashboardConfig,
411    /// Predictive security analytics
412    pub predictive_analytics: PredictiveSecurityConfig,
413    /// Security reporting
414    pub reporting_config: SecurityReportingConfig,
415}
416
417#[derive(Debug, Clone, Serialize, Deserialize, Default)]
418pub struct SecurityMetricsConfig {
419    pub collection_interval: Duration,
420}
421
422#[derive(Debug, Clone, Serialize, Deserialize, Default)]
423pub struct RiskAssessmentConfig {
424    pub assessment_frequency: Duration,
425}
426
427#[derive(Debug, Clone, Serialize, Deserialize, Default)]
428pub struct SecurityDashboardConfig {
429    pub dashboard_refresh_rate: Duration,
430}
431
432#[derive(Debug, Clone, Serialize, Deserialize, Default)]
433pub struct PredictiveSecurityConfig {
434    pub prediction_window: Duration,
435}
436
437#[derive(Debug, Clone, Serialize, Deserialize, Default)]
438pub struct SecurityReportingConfig {
439    pub report_frequency: Duration,
440}
441
442/// Compliance configuration
443#[derive(Debug, Clone, Serialize, Deserialize)]
444pub struct ComplianceConfig {
445    /// Enable compliance monitoring
446    pub enable_compliance_monitoring: bool,
447    /// Regulatory frameworks
448    pub regulatory_frameworks: Vec<RegulatoryFramework>,
449    /// Compliance standards
450    pub compliance_standards: Vec<ComplianceStandard>,
451    /// Audit configuration
452    pub audit_config: AuditConfig,
453    /// Continuous compliance monitoring
454    pub continuous_monitoring: ContinuousComplianceConfig,
455    /// Compliance reporting
456    pub compliance_reporting: ComplianceReportingConfig,
457    /// Data governance
458    pub data_governance: DataGovernanceConfig,
459}
460
461#[derive(Debug, Clone, Serialize, Deserialize, Default)]
462pub struct AuditConfig {
463    pub audit_retention_period: Duration,
464}
465
466#[derive(Debug, Clone, Serialize, Deserialize, Default)]
467pub struct ContinuousComplianceConfig {
468    pub monitoring_enabled: bool,
469}
470
471#[derive(Debug, Clone, Serialize, Deserialize, Default)]
472pub struct ComplianceReportingConfig {
473    pub reporting_enabled: bool,
474}
475
476#[derive(Debug, Clone, Serialize, Deserialize, Default)]
477pub struct DataGovernanceConfig {
478    pub governance_framework: String,
479}
480
481/// Secure communication configuration
482#[derive(Debug, Clone, Serialize, Deserialize)]
483pub struct SecureCommunicationConfig {
484    /// Encryption protocols
485    pub encryption_protocols: Vec<EncryptionProtocol>,
486    /// Network security
487    pub network_security: NetworkSecurityConfig,
488    /// Secure channels
489    pub secure_channels: SecureChannelConfig,
490    /// End-to-end encryption
491    pub e2e_encryption: E2EEncryptionConfig,
492    /// Communication authentication
493    pub communication_auth: CommunicationAuthConfig,
494    /// Data integrity protection
495    pub data_integrity: DataIntegrityConfig,
496}
497
498#[derive(Debug, Clone, Serialize, Deserialize, Default)]
499pub struct NetworkSecurityConfig {
500    pub security_protocols: Vec<String>,
501}
502
503#[derive(Debug, Clone, Serialize, Deserialize, Default)]
504pub struct SecureChannelConfig {
505    pub channel_encryption: bool,
506}
507
508#[derive(Debug, Clone, Serialize, Deserialize, Default)]
509pub struct E2EEncryptionConfig {
510    pub encryption_enabled: bool,
511}
512
513#[derive(Debug, Clone, Serialize, Deserialize, Default)]
514pub struct CommunicationAuthConfig {
515    pub auth_required: bool,
516}
517
518#[derive(Debug, Clone, Serialize, Deserialize, Default)]
519pub struct DataIntegrityConfig {
520    pub integrity_checks: bool,
521}
522
523/// Hardware security configuration
524#[derive(Debug, Clone, Serialize, Deserialize)]
525pub struct HardwareSecurityConfig {
526    /// Hardware security modules
527    pub hsm_config: HSMConfig,
528    /// Trusted execution environments
529    pub tee_config: TEEConfig,
530    /// Hardware attestation
531    pub attestation_config: AttestationConfig,
532    /// Secure boot configuration
533    pub secure_boot: SecureBootConfig,
534    /// Hardware monitoring
535    pub hardware_monitoring: HardwareMonitoringConfig,
536    /// Physical security
537    pub physical_security: PhysicalSecurityConfig,
538    /// Quantum hardware security
539    pub quantum_hardware_security: QuantumHardwareSecurityConfig,
540}
541
542#[derive(Debug, Clone, Serialize, Deserialize, Default)]
543pub struct HSMConfig {
544    pub hsm_provider: String,
545}
546
547#[derive(Debug, Clone, Serialize, Deserialize, Default)]
548pub struct TEEConfig {
549    pub tee_type: String,
550}
551
552#[derive(Debug, Clone, Serialize, Deserialize, Default)]
553pub struct AttestationConfig {
554    pub attestation_enabled: bool,
555}
556
557#[derive(Debug, Clone, Serialize, Deserialize, Default)]
558pub struct SecureBootConfig {
559    pub secure_boot_enabled: bool,
560}
561
562#[derive(Debug, Clone, Serialize, Deserialize, Default)]
563pub struct HardwareMonitoringConfig {
564    pub monitoring_enabled: bool,
565}
566
567#[derive(Debug, Clone, Serialize, Deserialize, Default)]
568pub struct PhysicalSecurityConfig {
569    pub physical_security_level: String,
570}
571
572#[derive(Debug, Clone, Serialize, Deserialize, Default)]
573pub struct QuantumHardwareSecurityConfig {
574    pub quantum_security_level: String,
575}
576
577/// Data protection configuration
578#[derive(Debug, Clone, Serialize, Deserialize)]
579pub struct DataProtectionConfig {
580    /// Data classification
581    pub data_classification: DataClassificationConfig,
582    /// Data loss prevention
583    pub dlp_config: DLPConfig,
584    /// Privacy protection
585    pub privacy_protection: PrivacyProtectionConfig,
586    /// Data encryption at rest
587    pub encryption_at_rest: EncryptionAtRestConfig,
588    /// Data masking and anonymization
589    pub data_masking: DataMaskingConfig,
590    /// Backup security
591    pub backup_security: BackupSecurityConfig,
592    /// Data lifecycle management
593    pub lifecycle_management: DataLifecycleConfig,
594}
595
596#[derive(Debug, Clone, Serialize, Deserialize, Default)]
597pub struct DataClassificationConfig {
598    pub classification_levels: Vec<String>,
599}
600
601#[derive(Debug, Clone, Serialize, Deserialize, Default)]
602pub struct DLPConfig {
603    pub dlp_enabled: bool,
604}
605
606#[derive(Debug, Clone, Serialize, Deserialize, Default)]
607pub struct PrivacyProtectionConfig {
608    pub privacy_level: String,
609}
610
611#[derive(Debug, Clone, Serialize, Deserialize, Default)]
612pub struct EncryptionAtRestConfig {
613    pub encryption_enabled: bool,
614}
615
616#[derive(Debug, Clone, Serialize, Deserialize, Default)]
617pub struct DataMaskingConfig {
618    pub masking_enabled: bool,
619}
620
621#[derive(Debug, Clone, Serialize, Deserialize, Default)]
622pub struct BackupSecurityConfig {
623    pub backup_encryption: bool,
624}
625
626#[derive(Debug, Clone, Serialize, Deserialize, Default)]
627pub struct DataLifecycleConfig {
628    pub retention_policy: String,
629}
630
631/// Incident response configuration
632#[derive(Debug, Clone, Serialize, Deserialize)]
633pub struct IncidentResponseConfig {
634    /// Enable incident response
635    pub enable_incident_response: bool,
636    /// Response team configuration
637    pub response_team: ResponseTeamConfig,
638    /// Incident classification
639    pub incident_classification: IncidentClassificationConfig,
640    /// Response procedures
641    pub response_procedures: ResponseProceduresConfig,
642    /// Automated response
643    pub automated_response: AutomatedResponseConfig,
644    /// Communication protocols
645    pub communication_protocols: IncidentCommunicationConfig,
646    /// Recovery procedures
647    pub recovery_procedures: RecoveryProceduresConfig,
648    /// Post-incident analysis
649    pub post_incident_analysis: PostIncidentAnalysisConfig,
650}
651
652#[derive(Debug, Clone, Serialize, Deserialize, Default)]
653pub struct ResponseTeamConfig {
654    pub team_size: usize,
655}
656
657#[derive(Debug, Clone, Serialize, Deserialize, Default)]
658pub struct IncidentClassificationConfig {
659    pub classification_levels: Vec<String>,
660}
661
662#[derive(Debug, Clone, Serialize, Deserialize, Default)]
663pub struct ResponseProceduresConfig {
664    pub procedures: Vec<String>,
665}
666
667#[derive(Debug, Clone, Serialize, Deserialize, Default)]
668pub struct AutomatedResponseConfig {
669    pub automation_enabled: bool,
670}
671
672#[derive(Debug, Clone, Serialize, Deserialize, Default)]
673pub struct IncidentCommunicationConfig {
674    pub communication_channels: Vec<String>,
675}
676
677#[derive(Debug, Clone, Serialize, Deserialize, Default)]
678pub struct RecoveryProceduresConfig {
679    pub recovery_time_objective: Duration,
680}
681
682#[derive(Debug, Clone, Serialize, Deserialize, Default)]
683pub struct PostIncidentAnalysisConfig {
684    pub analysis_enabled: bool,
685}
686
687/// Security orchestration configuration
688#[derive(Debug, Clone, Serialize, Deserialize)]
689pub struct SecurityOrchestrationConfig {
690    /// Enable security orchestration
691    pub enable_security_orchestration: bool,
692    /// Orchestration workflows
693    pub orchestration_workflows: Vec<SecurityWorkflow>,
694    /// Automation rules
695    pub automation_rules: Vec<SecurityAutomationRule>,
696    /// Integration configurations
697    pub integrations: Vec<SecurityIntegration>,
698    /// Playbook management
699    pub playbook_management: PlaybookManagementConfig,
700    /// Workflow orchestration
701    pub workflow_orchestration: WorkflowOrchestrationConfig,
702}
703
704#[derive(Debug, Clone, Serialize, Deserialize, Default)]
705pub struct SecurityWorkflow {
706    pub workflow_id: String,
707}
708
709#[derive(Debug, Clone, Serialize, Deserialize, Default)]
710pub struct SecurityAutomationRule {
711    pub rule_id: String,
712}
713
714#[derive(Debug, Clone, Serialize, Deserialize, Default)]
715pub struct SecurityIntegration {
716    pub integration_type: String,
717}
718
719#[derive(Debug, Clone, Serialize, Deserialize, Default)]
720pub struct PlaybookManagementConfig {
721    pub playbook_version: String,
722}
723
724#[derive(Debug, Clone, Serialize, Deserialize, Default)]
725pub struct WorkflowOrchestrationConfig {
726    pub orchestration_enabled: bool,
727}
728
729/// AI/ML security configuration
730#[derive(Debug, Clone, Serialize, Deserialize)]
731pub struct AISecurityConfig {
732    /// Enable AI-powered security
733    pub enable_ai_security: bool,
734    /// ML models for security
735    pub ml_models: Vec<SecurityMLModel>,
736    /// AI threat detection
737    pub ai_threat_detection: AIThreatDetectionConfig,
738    /// Adversarial attack protection
739    pub adversarial_protection: AdversarialProtectionConfig,
740    /// Model security
741    pub model_security: ModelSecurityConfig,
742    /// AI governance
743    pub ai_governance: AIGovernanceConfig,
744    /// Explainable AI for security
745    pub explainable_ai: ExplainableAIConfig,
746}
747
748#[derive(Debug, Clone, Serialize, Deserialize, Default)]
749pub struct AIThreatDetectionConfig {
750    pub ai_enabled: bool,
751}
752
753#[derive(Debug, Clone, Serialize, Deserialize, Default)]
754pub struct AdversarialProtectionConfig {
755    pub protection_level: String,
756}
757
758#[derive(Debug, Clone, Serialize, Deserialize, Default)]
759pub struct ModelSecurityConfig {
760    pub security_checks: bool,
761}
762
763#[derive(Debug, Clone, Serialize, Deserialize, Default)]
764pub struct AIGovernanceConfig {
765    pub governance_framework: String,
766}
767
768#[derive(Debug, Clone, Serialize, Deserialize, Default)]
769pub struct ExplainableAIConfig {
770    pub explainability_enabled: bool,
771}
772
773impl Default for QuantumSecurityConfig {
774    fn default() -> Self {
775        Self {
776            security_policy: SecurityPolicyConfig {
777                enable_security_framework: true,
778                classification_levels: vec![
779                    SecurityClassification::Public,
780                    SecurityClassification::Internal,
781                    SecurityClassification::Confidential,
782                    SecurityClassification::QuantumProtected,
783                ],
784                security_objectives: vec![
785                    SecurityObjective::Confidentiality,
786                    SecurityObjective::Integrity,
787                    SecurityObjective::Availability,
788                    SecurityObjective::Authentication,
789                    SecurityObjective::QuantumSafety,
790                ],
791                risk_tolerance: RiskToleranceConfig::default(),
792                standards_compliance: vec![
793                    SecurityStandard::ISO27001,
794                    SecurityStandard::NistCsf,
795                    SecurityStandard::QuantumSafeNist,
796                ],
797                policy_enforcement: PolicyEnforcementConfig::default(),
798                governance_config: SecurityGovernanceConfig::default(),
799            },
800            quantum_safe_crypto: QuantumSafeCryptographyConfig {
801                enable_quantum_safe_crypto: true,
802                post_quantum_algorithms: vec![
803                    PostQuantumAlgorithm::Kyber,
804                    PostQuantumAlgorithm::Dilithium,
805                    PostQuantumAlgorithm::Falcon,
806                    PostQuantumAlgorithm::SphincsPlus,
807                ],
808                key_management: QuantumKeyManagementConfig::default(),
809                digital_signatures: QuantumDigitalSignatureConfig::default(),
810                encryption_config: QuantumEncryptionConfig::default(),
811                key_exchange: QuantumKeyExchangeConfig::default(),
812                crypto_agility: CryptographicAgilityConfig::default(),
813                quantum_rng: QuantumRNGConfig::default(),
814            },
815            access_control: AccessControlConfig {
816                authentication_methods: vec![
817                    AuthenticationMethod::QuantumKey,
818                    AuthenticationMethod::CertificateBased,
819                    AuthenticationMethod::Biometric,
820                    AuthenticationMethod::ZeroKnowledgeProof,
821                ],
822                authorization_models: vec![
823                    AuthorizationModel::ABAC,
824                    AuthorizationModel::QuantumACL,
825                    AuthorizationModel::ZeroTrust,
826                ],
827                mfa_config: MFAConfig::default(),
828                zero_trust: ZeroTrustConfig::default(),
829                privileged_access: PrivilegedAccessConfig::default(),
830                session_management: SessionManagementConfig::default(),
831                endpoint_security: EndpointSecurityConfig::default(),
832            },
833            threat_detection: ThreatDetectionConfig {
834                enable_threat_detection: true,
835                detection_algorithms: vec![
836                    ThreatDetectionAlgorithm::MachineLearning,
837                    ThreatDetectionAlgorithm::AnomalyDetection,
838                    ThreatDetectionAlgorithm::QuantumStateAnalysis,
839                    ThreatDetectionAlgorithm::QuantumNoiseAnalysis,
840                ],
841                anomaly_detection: AnomalyDetectionConfig::default(),
842                behavioral_analysis: BehavioralAnalysisConfig::default(),
843                threat_intelligence: ThreatIntelligenceConfig::default(),
844                ml_detection: MLThreatDetectionConfig::default(),
845                realtime_monitoring: RealtimeMonitoringConfig::default(),
846                quantum_threat_detection: QuantumThreatDetectionConfig::default(),
847            },
848            security_analytics: SecurityAnalyticsConfig {
849                enable_security_analytics: true,
850                analytics_engines: vec![
851                    SecurityAnalyticsEngine::SIEM,
852                    SecurityAnalyticsEngine::SOAR,
853                    SecurityAnalyticsEngine::QuantumSecurityAnalytics,
854                    SecurityAnalyticsEngine::MLSecurityAnalytics,
855                ],
856                metrics_collection: SecurityMetricsConfig::default(),
857                risk_assessment: RiskAssessmentConfig::default(),
858                dashboard_config: SecurityDashboardConfig::default(),
859                predictive_analytics: PredictiveSecurityConfig::default(),
860                reporting_config: SecurityReportingConfig::default(),
861            },
862            compliance_config: ComplianceConfig {
863                enable_compliance_monitoring: true,
864                regulatory_frameworks: vec![
865                    RegulatoryFramework::GDPR,
866                    RegulatoryFramework::FISMA,
867                    RegulatoryFramework::QuantumRegulations,
868                ],
869                compliance_standards: vec![
870                    ComplianceStandard::ISO27001,
871                    ComplianceStandard::Nist800_53,
872                    ComplianceStandard::QuantumCompliance,
873                ],
874                audit_config: AuditConfig::default(),
875                continuous_monitoring: ContinuousComplianceConfig::default(),
876                compliance_reporting: ComplianceReportingConfig::default(),
877                data_governance: DataGovernanceConfig::default(),
878            },
879            secure_communication: SecureCommunicationConfig {
880                encryption_protocols: vec![
881                    EncryptionProtocol::QuantumSafeTLS,
882                    EncryptionProtocol::QuantumKeyDistribution,
883                    EncryptionProtocol::Tls1_3,
884                ],
885                network_security: NetworkSecurityConfig::default(),
886                secure_channels: SecureChannelConfig::default(),
887                e2e_encryption: E2EEncryptionConfig::default(),
888                communication_auth: CommunicationAuthConfig::default(),
889                data_integrity: DataIntegrityConfig::default(),
890            },
891            hardware_security: HardwareSecurityConfig {
892                hsm_config: HSMConfig::default(),
893                tee_config: TEEConfig::default(),
894                attestation_config: AttestationConfig::default(),
895                secure_boot: SecureBootConfig::default(),
896                hardware_monitoring: HardwareMonitoringConfig::default(),
897                physical_security: PhysicalSecurityConfig::default(),
898                quantum_hardware_security: QuantumHardwareSecurityConfig::default(),
899            },
900            data_protection: DataProtectionConfig {
901                data_classification: DataClassificationConfig::default(),
902                dlp_config: DLPConfig::default(),
903                privacy_protection: PrivacyProtectionConfig::default(),
904                encryption_at_rest: EncryptionAtRestConfig::default(),
905                data_masking: DataMaskingConfig::default(),
906                backup_security: BackupSecurityConfig::default(),
907                lifecycle_management: DataLifecycleConfig::default(),
908            },
909            incident_response: IncidentResponseConfig {
910                enable_incident_response: true,
911                response_team: ResponseTeamConfig::default(),
912                incident_classification: IncidentClassificationConfig::default(),
913                response_procedures: ResponseProceduresConfig::default(),
914                automated_response: AutomatedResponseConfig::default(),
915                communication_protocols: IncidentCommunicationConfig::default(),
916                recovery_procedures: RecoveryProceduresConfig::default(),
917                post_incident_analysis: PostIncidentAnalysisConfig::default(),
918            },
919            security_orchestration: SecurityOrchestrationConfig {
920                enable_security_orchestration: true,
921                orchestration_workflows: vec![SecurityWorkflow::default()],
922                automation_rules: vec![SecurityAutomationRule::default()],
923                integrations: vec![SecurityIntegration::default()],
924                playbook_management: PlaybookManagementConfig::default(),
925                workflow_orchestration: WorkflowOrchestrationConfig::default(),
926            },
927            ai_security: AISecurityConfig {
928                enable_ai_security: true,
929                ml_models: vec![
930                    SecurityMLModel::AnomalyDetection,
931                    SecurityMLModel::ThreatClassification,
932                    SecurityMLModel::QuantumAnomalyDetection,
933                    SecurityMLModel::QuantumThreatClassification,
934                ],
935                ai_threat_detection: AIThreatDetectionConfig::default(),
936                adversarial_protection: AdversarialProtectionConfig::default(),
937                model_security: ModelSecurityConfig::default(),
938                ai_governance: AIGovernanceConfig::default(),
939                explainable_ai: ExplainableAIConfig::default(),
940            },
941        }
942    }
943}
quantrs2_device/security/config.rs

quantrs2_device/security/
config.rs
