A capability is a protected reference. It is a reference in that it designates an object; it is protected in that in cannot be forged. A capability both designates the object it refers to and carries the authority to manipulate it.
By binding designation and together, capabilities simplify . Imagine that program instance A wants to tell program B to use a particular file to store some data. Further imagine that A and B are running in different (e.g., with different UIDs). If A sends B just the name of the file, B needs to first ensure that he does not accidentally enable A to access the file on his own authority. That is, B wants to protect against A hijacking his authority. (This problem is refused to the confused deputy problem.) Also, since A likely sent a string to identify the file to B, the identifier lacks a naming context and therefore may resolve to a different object than A intended. By ensuring that designation and are always bound together, these problems are avoided.
Capability-based system architectures strive to meet the principle of least privilege (Wikipedia, principle of least privilege).
A capability mechanism is typically implemented in software by the operating system kernel (typically a microkernel). The computing cost (as compared to a hardware implementation) is neglectable.
What is a Capability, Anyway?, Jonathan Shapiro, 1999. This is an easily readable introduction with good examples. In the author's own words, the text provides a layman's introduction to capabilities, describing what they are, what they do, and why they result in better security than today's computer systems.: