Permissions can be assigned to any user as well as to any role. A permission is defined by three attributes:

• tpye: the qualified class name, e.g., java.io.FilePermission
• name: the name of the permission, e.g., the path in case of java.io.FilePermission
• actions: the actions that the permission allows, e.g., read, write