This document discusses object capability security and Google Caja. It notes that object capability security provides memory safety, prevents global actions and magic objects, and enables encapsulation. It also states that the reference graph defines the access graph. Later, it discusses how EcmaScript.Next can provide capabilities to secure JavaScript through features like use strict, Object.freeze, modules, and proxies. It also provides an example of using a proxy to mediate access between a StatusUpdater object and a Widget.