I will attempt to describe confinement without the jargon that pervades these pages. The original environment of the Factory ideas was an operating system kernel on a large shared computer. The primary motivating scenario was two parties: P wishes to keep his code confidential and Q wishes not to reveal, even to P, the data from Q which p must operate upon, to serve Q. Confinement assures both P and Q that their respective proprietary interests are met. Implicit in this scenario is that both P and Q trust the shared computer, its operator and its OS. Lampson’s definition of confinement did not require protection of P’s wishes, though he did mention the possibility.

There has been recent interest in a computing utilities such as inspired the original idea but there is also use for such confinement in computers as commonly employed now. In a personal computer the owner is more likely to assume the role of Q, wishing to be assured that his secrets will not leave the computer by channels unknown to him. To the degree that the computer and kernel are tamperproof the rights of P are protected as well. This approaches the common idea of DRM when P brings “content” as well as programs.

Here is a more detailed description of the factory with only a bit more jargon. See this for the history and development of the confinement ideas.