Online delegation of authority looks nothing like how we delegate authority in our every day lives. The prevalence of Access Control List (ACL) authorization pattern (list of permissions attached to a resource) has constrained many systems to centralized access control. While, for some highly sensitive use cases, centralization is desired, for others, the use of ACLs leads to overconstrained solutions.
Introducing Membrane Service Early Access
Membrane Service solves the problem of being able to delegate authority in a decentralized manner. It does this by using capabilities and offering capability-based authorization at any scale in accordance with any policy via membranes.