/**
 * MCP Security Integration
 *
 * Integrates MCP with existing security framework and implements LLM-based threat detection
 */
import { EventEmitter } from 'events';
import { LLMRequest, LLMResponse, LLMRequestType } from '../types';
import { MessageRouter } from '../routing/message-router';
import { AuthManager } from '../security/auth-manager';
import { AuditLogger } from '../security/audit-logger';
import { RateLimiterManager } from '../security/rate-limiter';
import { CredentialManager } from '../security/credential-manager';
/**
 * Security threat types
 */
export declare enum ThreatType {
    UNAUTHORIZED_ACCESS = "unauthorized_access",
    DATA_EXFILTRATION = "data_exfiltration",
    PRIVILEGE_ESCALATION = "privilege_escalation",
    INJECTION_ATTACK = "injection_attack",
    DENIAL_OF_SERVICE = "denial_of_service",
    ANOMALOUS_BEHAVIOR = "anomalous_behavior",
    POLICY_VIOLATION = "policy_violation",
    SUSPICIOUS_PATTERN = "suspicious_pattern"
}
/**
 * Threat severity levels
 */
export declare enum ThreatSeverity {
    LOW = "low",
    MEDIUM = "medium",
    HIGH = "high",
    CRITICAL = "critical"
}
/**
 * Security threat
 */
export interface SecurityThreat {
    id: string;
    type: ThreatType;
    severity: ThreatSeverity;
    confidence: number;
    timestamp: Date;
    source: string;
    targetAgent?: string;
    description: string;
    evidence: Record<string, any>;
    recommendations: string[];
    automatedResponse?: SecurityResponse;
}
/**
 * Security response
 */
export interface SecurityResponse {
    action: 'block' | 'throttle' | 'alert' | 'investigate' | 'quarantine';
    duration?: number;
    reason: string;
    metadata?: Record<string, any>;
}
/**
 * Security analysis request
 */
export interface SecurityAnalysisRequest {
    type: 'request' | 'response' | 'behavior' | 'pattern';
    data: any;
    context: {
        agentDID: string;
        sessionId?: string;
        requestType?: LLMRequestType;
        historicalData?: any[];
    };
}
/**
 * Security policy
 */
export interface SecurityPolicy {
    id: string;
    name: string;
    description: string;
    rules: SecurityRule[];
    enabled: boolean;
    priority: number;
}
/**
 * Security rule
 */
export interface SecurityRule {
    condition: string;
    action: SecurityResponse;
    exceptions?: string[];
}
/**
 * MCP Security Integration
 */
export declare class MCPSecurityIntegration extends EventEmitter {
    private messageRouter;
    private authManager;
    private auditLogger;
    private rateLimiter;
    private credentialManager;
    private config;
    private activeThreats;
    private securityPolicies;
    private threatHistory;
    private functionRegistry;
    private functionExecutor;
    private analysisInProgress;
    constructor(messageRouter: MessageRouter, authManager: AuthManager, auditLogger: AuditLogger, rateLimiter: RateLimiterManager, credentialManager: CredentialManager, config?: {
        enableThreatDetection: boolean;
        enableAutomatedResponse: boolean;
        threatRetentionPeriod: number;
        analysisTimeout: number;
        maxConcurrentAnalysis: number;
        llmProvider?: string;
        llmModel?: string;
    });
    /**
     * Initialize security analysis functions
     */
    private initializeSecurityFunctions;
    /**
     * Analyze request for threats
     */
    analyzeRequest(request: LLMRequest): Promise<SecurityThreat[]>;
    /**
     * Analyze response for threats
     */
    analyzeResponse(response: LLMResponse, originalRequest: LLMRequest): Promise<SecurityThreat[]>;
    /**
     * Analyze agent behavior
     */
    analyzeAgentBehavior(agentDID: string, recentActivity: any[], historicalPatterns?: any): Promise<SecurityThreat[]>;
    /**
     * Evaluate request against policies
     */
    evaluatePolicies(request: LLMRequest): Promise<{
        compliant: boolean;
        violations: Array<{
            policy: SecurityPolicy;
            rule: SecurityRule;
        }>;
        recommendations: string[];
    }>;
    /**
     * Get active threats
     */
    getActiveThreats(filters?: {
        agentDID?: string;
        severity?: ThreatSeverity;
        type?: ThreatType;
    }): SecurityThreat[];
    /**
     * Clear threat
     */
    clearThreat(threatId: string): void;
    /**
     * Add security policy
     */
    addSecurityPolicy(policy: SecurityPolicy): void;
    /**
     * Remove security policy
     */
    removeSecurityPolicy(policyId: string): void;
    /**
     * Build request analysis prompt
     */
    private buildRequestAnalysisPrompt;
    /**
     * Build behavior analysis prompt
     */
    private buildBehaviorAnalysisPrompt;
    /**
     * Process threats from LLM response
     */
    private processThreatsFromResponse;
    /**
     * Process behavior analysis results
     */
    private processBehaviorAnalysis;
    /**
     * Check for data exfiltration
     */
    private checkDataExfiltration;
    /**
     * Check for injection in response
     */
    private checkResponseInjection;
    /**
     * Determine automated response
     */
    private determineAutomatedResponse;
    /**
     * Apply automated responses
     */
    private applyAutomatedResponses;
    /**
     * Evaluate rule against request
     */
    private evaluateRule;
    /**
     * Check if request requires LLM evaluation
     */
    private requiresLLMEvaluation;
    /**
     * Evaluate policies with LLM
     */
    private evaluatePoliciesWithLLM;
    /**
     * Map anomaly severity
     */
    private mapAnomalySeverity;
    /**
     * Load default security policies
     */
    private loadDefaultPolicies;
    /**
     * Setup event handlers
     */
    private setupEventHandlers;
    /**
     * Handle authentication failure
     */
    private handleAuthenticationFailure;
    /**
     * Handle authorization denial
     */
    private handleAuthorizationDenial;
    /**
     * Handle rate limit exceeded
     */
    private handleRateLimitExceeded;
    /**
     * Handle suspicious activity
     */
    private handleSuspiciousActivity;
    /**
     * Clean old threats
     */
    private cleanOldThreats;
    /**
     * Get threat statistics
     */
    getStatistics(): {
        totalThreats: number;
        activeThreats: number;
        threatsBySeverity: Record<ThreatSeverity, number>;
        threatsByType: Record<ThreatType, number>;
        automatedResponses: number;
        averageConfidence: number;
    };
    /**
     * Export threat report
     */
    exportThreatReport(format?: 'json' | 'csv'): string;
    /**
     * Shutdown
     */
    shutdown(): void;
}
export default MCPSecurityIntegration;
//# sourceMappingURL=mcp-security-integration.d.ts.map