Security is handled on a package-by-package basis. Each package is in a separate archive, and each archive is digitally signed with a certificate. The certificate indicates which privileges the package requests from the Microsoft VM and is stored in the JPM. This way, Java packages can be supplied and placed on the local disk without receiving the carte blanche trust of packages in the class path. For more information on Microsoft's security model for Java applications, see Security.