Secure tables in Lua?

["Dr. Markus Walther" <walther@...>]

The CTM book p.203ff (online version reachable from Wikipedia p.207ff)

(http://en.wikipedia.org/wiki/Concepts,_Techniques,_and_Models_of_Computer_Programming)

defines secure values, i.e. data structures inaccessible without knowing 
a special key. The goal is to create secure abstract data types (stacks, 
etc.) that protect suitable parts of their internal representations 
(e.g. revealing only access methods).

The CTM proposal has two parts. NewName is an operation that creates a 
unique name that cannot be printed or typed in. Chunks are limited 
records with only the selection operator '.' available.

Now chunks created with such a unique name as selection key can only be 
accessed if you know the key, otherwise throwing an error (and not 
revealing the key).

IMHO the whole CTM approach focussing on minimal extensions to a kernel 
language is very compatible with Lua's philosophy, so I wondered if this 
particular idea could be borrowed.

My question therefore to the list: how would one go about replicating 
this in (extended?) Lua, perhaps first for tables?

My initial thoughts were to use a metatable approach with a new 
write-only field mt.__secure (or perhaps __protected) guarding R/W 
access to protected entries of main table t. mt.__secure would hold the 
key k to unlock t[k] (perhaps generalized to a table of such keys k_i).
A new builtin name() generates fresh keys.

Rawget on t[k] must be impossible if protection is enabled. Perhaps 
type(k) == "name" and print(k) == "name:suppressed" or similar. No 
table-walking with next/(i)pairs etc. can discover k.

This is just to get the discussion started, ideas and feedback welcome!

--Markus