The confinement principle says that a server shouldn't give out information that the user of the service thinks is private. The confinement principle stops a process from doing things that are not allowed.
Consider a client/server situation: the client sends a data request to the server, uses the data, does something with it, and sends the results (more data) back to the client.
In the confinement principle, access control affects the function of the server in two ways:
Goal of service provider: The server must make sure that it only uses resources that the client is allowed to use when it acts on behalf of the client.
Goal of the service user: The server must ensure that it doesn't give the information about its clients to anyone who isn't allowed to see that information.