capability-based security

Capabilities are the means of controlling data-flow in the FSOS semantic graph.

The FlyingSquirrelOS design uses capability-based addressing not virtual memory.

With ACLs the object knows what the subject can do. With capabilities the subject knows how it can interact with the object.

external links