The security model 1:
Users computers can interact with untrusted
computers because of Tns security model
Use of capabilities1 makes Tn intrinsically secure
unlike Access Control List (ACL) based systems
Its extremely easy to group together a set of computers
according to a schema and specify what capabilities the
members of that group will have
By default all external access is encrypted with 128 bit
AES and data you deposit on remote machines is
similarly encrypted so only you can use it
[1]: The idea for capabilities comes from the EROS operating system