Because a thread of execution can cross multiple modules with different context characteristics, the Java platform implements the concept of least privilege. In the whole stack of callers that pertain to a given thread of execution, where members of the call stack have different characteristics, the result used for determining authority is the intersection of all of these characteristics, or the least common denominator. For example, if a piece of calling code has limited authority (maybe it isn't trusted because it isn't signed), but it calls a piece of code that is more trusted (maybe this one has a signature), then the authority in the called code is reduced to match the lesser trust.

The authority characteristics contained in the access control context are compared against the Java permission grant statements in the policy file to indicate whether sensitive operations are allowed. This is done by a Java facility called the AccessController, which has interfaces for checking permissions programmatically and getting the current Subject associated with the active access control context as well. (The older Java Security Manager interfaces are becoming obsolete, so do use the AccessController methods.)