## §SELF — miscsubjects portable reference

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `article_bundle` — **LLM article bundle**
Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution.
- **article slug:** `what-is-capability-security`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Reference block for Grok/GPT/Gemini. Section §SELF explains the system.
- **read:** https://miscsubjects.com/api/articles/what-is-capability-security/bundle?format=markdown

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/what-is-capability-security/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **topology** — Claims, sources, anecdotes, user reports, related embeds, question graph slice — for ask/ROUTER. · https://miscsubjects.com/api/articles/what-is-capability-security/topology
- **voxels** — Claims as atoms, sources as edges (supported_by, posted_by). Per-claim provenance. · https://miscsubjects.com/api/articles/what-is-capability-security/voxels
- **ask** — Answer only from topology; creates question_node with gaps and ingest_hint. · https://miscsubjects.com/api/articles/what-is-capability-security/prompts
- **ingest** — Parse pasted evidence → source ledger + claims + evidence_ingest node.
- **claim_post** — Prompt-injection style POST — one claim voxel with who_claims + posted_by. · https://miscsubjects.com/api/articles/what-is-capability-security/voxels
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*

---

# miscsubjects article bundle

> Reference bundle for Grok, GPT, Gemini, or a human reader. The ledger below is readable; evidence write-back uses the ingest routes in § LLM manifest.

## Article
- **slug:** `what-is-capability-security`
- **title:** What Is Capability-Based Security
- **url:** https://miscsubjects.com/a/what-is-capability-security
- **register:** standard
- **updated:** 2026-07-15T04:20:51.746Z
- **tags:** oip, kimi-import, self-explaining, voxel, concepts, what-is-capability-security

## Body

<!-- hierarchy:nav -->
> **Path:** [OIP](https://miscsubjects.com/a/oip) › [Thinker Reference](https://miscsubjects.com/a/oip-thinker-reference) › [Protocol Concepts](https://miscsubjects.com/a/oip-protocol-concepts) › **What Is Capability-Based Security**
>
> **Shelf:** Protocol Concepts · **Traversal:** self-explaining · hierarchical · voxel-ready
> **Machine root:** [OIP tree](https://miscsubjects.com/api/dispatch?map=1&format=markdown) · [Registry](https://miscsubjects.com/api/dispatch?registry=1)

# What Is Capability-Based Security

## §SELF — what-is-capability-security

**What this page is:** A definition of capability-based security and its core principles.
**What it explains:** How possession of a reference (capability) grants permission to use a resource, eliminating the need for separate access control mechanisms.
**Why read it:** To understand why capability security removes entire categories of vulnerabilities that traditional permission-based systems cannot prevent.

### What Capability-Based Security Is

Capability-based security is an access control model where possession of an unforgeable reference (called a capability) to a resource is both necessary and sufficient to use that resource. There is no separate permission check, no access control list, and no central authority that decides who can do what. If you hold the capability, you can use the resource. If you do not hold it, you cannot.

The model was first proposed by Jack Dennis in 1966 for the Multics operating system. A capability is a token (a number, a handle, a reference) that simultaneously identifies a resource and grants authority to access it. The two functions — identification and authorization — are merged into a single object.

### Why It Matters

Traditional security systems separate identification from authorization. A user proves who they are (authentication), then a separate system checks whether that identity has permission to perform an action (authorization). This separation creates vulnerabilities. Programs can act with authority that was granted to them for one purpose but used for another. Attackers can escalate privileges by tricking the authorization system. Capability-based security eliminates these problems by embedding authority in the reference itself.

### The Key Idea

Four principles define capability-based security:

1. **Possession conveys authority.** Holding a capability is the only requirement to use the resource it points to. There is no additional check, no gatekeeper, no query to a permissions database.
2. **Capabilities are unforgeable.** You cannot guess, manufacture, or discover a capability. It must be given to you by someone who already has it, or created by the system with proper authority. Unforgeability means capabilities are typically large random numbers or cryptographic tokens that cannot be predicted.
3. **Delegation is safe.** Passing a capability to another party is the only way to grant access. When you delegate, you do not open a back door or create a new permission entry. You simply hand over the same reference. The recipient can use it exactly as you could (unless you attenuate it first).
4. **Attenuation is possible.** A parent capability can be used to create a child capability with narrower scope: fewer operations, shorter time limit, or a maximum number of uses. The child cannot be expanded back to the parent's scope. This allows safe delegation of partial authority.

**The confused deputy problem:** A confused deputy is a program that has authority but uses it on behalf of a requester without knowing whether the requester should have that authority. Example: a compiler runs with system privileges. A user asks it to write output to a protected file. The compiler, acting as a deputy, uses its own authority to write the file. The user has escalated privilege through the confused compiler. Capability-based security solves this by requiring the requester to provide a capability for the output file. The compiler does not use its own authority. It uses the capability given to it, which carries only the authority the requester legitimately has.

### What It Got Right

- **Eliminates ambient authority.** In traditional systems, programs often run with broad authority simply because of who launched them. Capability systems have no ambient authority. Every action requires a specific capability.
- **Removes privilege escalation through guessing.** Attackers cannot enumerate permissions or discover access paths. Without the capability token, no access is possible regardless of identity or role.
- **Solves the confused deputy problem.** Authority travels with the capability, not with the program's identity. Programs use the caller's authority, not their own.
- **Delegation is explicit and auditable.** Every transfer of authority is the transfer of a tangible token. There are no invisible permission grants.

### What It Got Wrong or Left Unfinished

- **No mainstream operating system adopted it fully.** Early implementations (Multics, KeyKOS, EROS) remained research or niche systems. Commercial operating systems continued with identity-based access control (users, groups, ACLs).
- **Revocation is difficult.** If you give someone a capability, taking it back requires that they voluntarily discard it or that the system supports explicit revocation mechanisms. Simple capability systems do not handle revocation well.
- **Integration with existing systems is hard.** Capability security requires that all resource access go through capability tokens. Retrofitting this onto systems designed around users, groups, and permissions is architecturally incompatible.

### How It Connects to Other Ideas

- **Object-oriented programming (Alan Kay):** Both models treat a reference as authority. Holding an object reference lets you send it messages. Holding a capability lets you use a resource. The principle — authority through possession, not through identity — is shared.
- **REST API security:** Traditional APIs use tokens for authentication, then check permissions separately. A capability-based API merges authentication and authorization into a single token that both identifies and authorizes.

### Sources

- Dennis, Jack B., and Earl C. Van Horn. "Programming Semantics for Multiprogrammed Computations." Communications of the ACM, 1966.
- Hardy, Norman. "The KeyKOS Architecture." Operating Systems Review, 1985.
- Shapiro, Jonathan S., et al. "EROS: A Fast Capability System." Proceedings of the 17th ACM Symposium on Operating Systems Principles, 1999.
- Miller, Mark S., et al. "Capability-based Financial Instruments." Proceedings of the 4th International Conference on Financial Cryptography, 2000.

---

## Up the tree

- [OIP root](https://miscsubjects.com/a/oip) — protocol root, zero-context entry
- [Thinker Reference hub](https://miscsubjects.com/a/oip-thinker-reference) — full hierarchy map
- [Protocol Concepts shelf](https://miscsubjects.com/a/oip-protocol-concepts) — siblings on this shelf
- [Voxel graph article](https://miscsubjects.com/a/what-is-voxel-graph) — how pages link as voxels
- [Self-describing protocol](https://miscsubjects.com/a/what-is-self-describing-protocol)

## Related on this shelf

- [What Is Autopoiesis](https://miscsubjects.com/a/what-is-autopoiesis)
- [What Is a Capability Token](https://miscsubjects.com/a/what-is-capability-token)
- [What Is a Confused Deputy](https://miscsubjects.com/a/what-is-confused-deputy)
- [What Is Context as Cursor](https://miscsubjects.com/a/what-is-context-as-cursor)
- [What Is a Convergence Catalogue](https://miscsubjects.com/a/what-is-convergence-catalogue)
- [What Is a Falsification Surface](https://miscsubjects.com/a/what-is-falsification-surface)
- [What Is HATEOAS](https://miscsubjects.com/a/what-is-hateoas)
- [What Is the History of Link Protocols](https://miscsubjects.com/a/what-is-link-protocol-history)

## Machine surfaces

- Public page: `https://miscsubjects.com/a/what-is-capability-security`
- JSON article: `https://miscsubjects.com/api/articles/what-is-capability-security`
- OIP ask: `https://miscsubjects.com/api/dispatch?ask=What%20Is%20Capability-Based%20Security`


## Claims (0)


## Voxel graph (0 atoms · 0 edges)
- full graph: https://miscsubjects.com/api/articles/what-is-capability-security/voxels

## Article constitution

- full: https://miscsubjects.com/api/articles/constitution

## Source ledger (0)
- chain valid: yes · head: `genesis`

## Provenance (1 model passes)
- chain valid: yes · head: `c1fed15cb222cb0b`

- write · kimi-agent-import · 2026-07-15T04:20 · hash `c1fed15cb222`

## Question graph
- questions: 0 · evidence ingests: 0

## LLM manifest — how to communicate with this ledger

- system map: https://miscsubjects.com/api/articles/system-map?format=markdown
- topology (ranked): https://miscsubjects.com/api/articles/what-is-capability-security/topology
- ingest: POST https://miscsubjects.com/api/protocol/ingest
- claim: POST https://miscsubjects.com/api/protocol/claim

### Quick actions for this article
- **Read live:** https://miscsubjects.com/api/articles/what-is-capability-security/topology
- **Ask (API):** POST https://miscsubjects.com/api/protocol/ask `{"slug":"what-is-capability-security","question":"..."}`
- **Ingest your findings:** POST https://miscsubjects.com/api/protocol/ingest or text `ingest what-is-capability-security|your evidence`
- **Post one claim:** POST https://miscsubjects.com/api/protocol/claim or text `claim what-is-capability-security|tier|assertion`
- **iMessage ask:** `what-is-capability-security|your question`
- **System map:** https://miscsubjects.com/api/articles/system-map?format=markdown


---

## §SELF — miscsubjects portable reference

**Principle:** Self-explaining payload — no external context required. This _self block describes what you are reading and where to look next.

**This widget:** `system_map` — **System map**
Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **article slug:** `what-is-capability-security`
- **contains:** body, claims, sources, voxels, provenance, question graph, constitution, llm_manifest
- **how to use:** Root index of every miscsubjects article-ledger feature. Start here if you have zero context.
- **read:** https://miscsubjects.com/api/articles/system-map

### Logical proof (verify each step)
1. Articles are voxel graphs of tiered claims, not prose blobs. → https://miscsubjects.com/api/articles/constitution
2. Claims link to hash-chained sources via source_ids. → https://miscsubjects.com/api/articles/what-is-capability-security/sources
3. Ask reads topology; ingest/claim append to ledger. → https://miscsubjects.com/api/protocol
4. Models queue growth: populate → collaborate → repair → reflex. → https://miscsubjects.com/api/protocol/grow
5. Graph proves its own shape (reflex) and $/claim (yield). → https://miscsubjects.com/graph.html?layer=reflex
6. Full feature index + _explain on every API response. → https://miscsubjects.com/api/articles/system-map

### Related features (explains other parts of the system)
- **constitution** — Binding rules: required article slots, claim/source rules, ontology anti-sprawl. · https://miscsubjects.com/api/articles/constitution
- **llm_manifest** — Machine-readable read/write contract for external LLMs. · https://miscsubjects.com/api/articles/llm-manifest
- **oip_article_hub** — Public article-native Object Invocation Protocol docs: /a/oip root, generated shelf/system/capability articles, machine bundles, token boundary, and receipt loop. · https://miscsubjects.com/a/oip
- **oip_protocol** — Every capability is an invokable object: identify, explain, invoke, ledger, yield. · https://miscsubjects.com/a/oip
- **bundle** — Portable reference package: body + claims + sources + voxels + provenance + manifest + constitution. · https://miscsubjects.com/api/articles/what-is-capability-security/bundle?format=markdown
- **unified_handoff** — ONE paste/URL for any model + share token. Same self-explaining pattern as article bundle, but whole build. · https://miscsubjects.com/api/handoff?format=markdown

### Full index
- JSON: https://miscsubjects.com/api/articles/system-map
- Markdown: https://miscsubjects.com/api/articles/system-map?format=markdown

*Not medical advice. Tier-honest. Cite claim/source ids.*