High Quality Content by WIKIPEDIA articles! In computer science, capability-based addressing is a scheme used by some computers to control access to memory. Under a capability-based addressing scheme, pointers are replaced by protected objects (called capabilities) that can only be created through the use of privileged instructions which may only be executed by the kernel (or some other privileged process authorised to do so). This effectively allows the kernel to control which processes may access which objects in memory without the need to use separate address spaces and therefore requiring a context switch when an access occurs. This allows an efficient implementation of capability-based security.