Capability, or capability-based, operating systems (OSs) are those which use, and are often structured via, capabilities (in some systems called a key), for security. Many OSs, such as Unix types, or later versions of Microsoft Windows, use privileges for security. Privileges apply to users, and are course-grained. Capabilities are somewhat similar, but apply to objects within the software environment, and are fine-grained. A capability is a communicable, unforgeable token of authority. It refers to a value that references an object, along with an associated set of access rights. User programs on capability OSs must use a capability to access an object; they are designed to directly share capabilities with each other according to the principle of least privilege, and with the OS infrastructure needed to make such transactions efficient and secure.- Category ID : 60210
Henry M. Levy; Digital Press, 1984, ISBN 0932376223. Thorough survey and description of early capability and object based hardware and software systems. Out of print, available as free download, PDF format.