“Security” is not a very good term here but we refer here to a class of computer problems that can be solved in capability environments by user code that arranges to limit where capabilities get to.

The Trojan Horse

Current commercial operating systems convey all of my authority to any program that I launch! Since I can delete all of my files, the grammar program that you send me can delete them as well.

Confinement

The factory confines a program or a large complex of programs so that confidential questions stay within the machine.

Confused Deputy

A deputy is a program that is trusted to use the authority it has according to some agreed upon rules. Sometimes the deputy is hard pressed to know what is right. Without capabilities, common programming patterns are wrong! With capabilities those same familiar and convenient patterns do the right thing naturally.

Usage Sensitive Pricing

Metered Service can provide the user with an alternative to buying a very expensive software package when his need is slight, and when the vendor agrees. In particular some capability systems can meter access to data.

High Value Data

Current systems are too weak to support high value uses of digital signatures. They are also too weak for serious crypto.