= yaml = title: Overview layout: tutorial sort: 20 toc: false = yaml =

In Vanadium, all communication channels are encrypted and authenticated, and all communication must satisfy an authorization policy.

The following tutorials build from the Client/Server Basics tutorial to demonstrate code and pre-built tools that implement and benefit from Vanadium security.

• Principals and Blessings
  Wherein Alice and her friend Bob take the stage to demonstrate inter-principal communication.

• Permissions
  Wherein you meet a built-in authorizer that that lets Alice grant fine-grained access to Bob and Carol with simple lists of names.

• Caveats
  Wherein Carol delegates the access that Alice gave her to Diane. Carol does so without bothering Alice and without leaking secrets. Carol constrains Diane's power with caveats.

• Third-Party Caveats
  Wherein you arrange for your lawyer to get access to your “documents”, then revoke that access.

• The Agent
  Wherein you use a security agent to maintain your secrets and facilitate your secure use of Vanadium.

• Custom Authorizer
  Wherein you craft a custom authorizer for Alice that grants family access any time of day, but constrains friends to a time window.

That introduces the generalities. Aspects of security that are focused on particular subjects will be covered in related subject tutorials, e.g. the JavaScript tutorial and the Mount table tutorial.

The Security Concepts document provides a general discussion of Vanadium security that complements these security tutorials.