adam's notes

❯

❯

Capabilities

A capability is permissions defined based on a user’s token, or key.

In capability-based systems, access rights are based entirely on the possession of the token, rather than who possesses it.

Logical assets, such as applications, can share their token with other applications.
Protects against CSRF and clickjacking unless the attacker has access to the token

Graph View

Backlinks

Access Controls
Authorization and Access Controls

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me