Folie 17

The keystore file maps aliases to public keys

Grant statements grant permissions to code
based on the "who" and the "where"

keystore "keystoreFile";

grant [codebase "<URL>"]
      [signedBy "<alias>"]
{
  permission [permission class] 
             ["target"],
             ["actions"];

  permission ...
};