Most of the services on microkernel architecture operating system are decoupled and built as independent component modules in user-mode. Therefore, how to use these independent service modules to efficiently build a secure microkernel architecture operating system has become an important proposition. However, the existing methods often select some system modules according to the requirements and configuration to build at compile time, which rarely considers the security of user-mode components outside the kernel. This paper proposes a construction mechanism of the security component based on the capability, constructing the system from the point of system security. In order to verify the construction mechanism, sufficient experiments and analysis are carried out on the All winner T3 platform. The experiments prove that the construction mechanism meet the construction principles proposed in this paper. The construction mechanism has certain versatility and continuity for building a microkernel-based operating system ecosystem.