Capability Based
Description
- "In capability systems, a subject corresponds to an instance of a software component, such as an object (an instance of a class, as in a capability language) or a process (an instance of an executable program, as in a capability operating system)."
- "By tying access to key, rather than a centralized control system, Capability-based models push security to edge, decentralizing large attack vectors known as honeypots."
References
- Capability Myths Demolished
- https://medium.com/@kleffew/what-is-capability-based-security-227c6e5483a5
- https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-capabilities.md
- http://erights.org/elib/capability/index.html
Backlinks