Innitab deprecation

Can anyone who really understands abstraction and protection rings explain why innitab is no longer used when using systemd?

As opposed to hierarchical protection domains, what is an example of capability based security?