ABSTRACT
In Chapter 11, we introduced capability systems, which separate the notions of addressing and protection by distinguishing address descriptors from capabilities. Each virtual machine associated with a process was given a catalog of capabilities that identified the segments the virtual machine could access as well as the associated access rights on those segments. The alternative to capabilities is access-control lists (ACLs), which grant privileges to principals by name.
