Make policy decisions based on the trustworthiness of mobile code
Allow class loader to load jar files
Challenge the user for credentials
Determine if presented authentication credentials should be trusted
Verify signed JAR files