At least one of JDF-304, JDF-305, JDF-307 and JDF-310 should show permissions that can:

• Be assignable to either the individual agent or user, or to a relationship criteria that allows the assignment of the permission to members of a group, group role or application role.
• Be stored using an identifier that is unique for the object that the permission is being granted for
• Have configurable identifier policies, i.e. Entity beans will use an identifier based on the primary key value
• Have a configurable permission store, i.e. it must be possible to store permissions in a database using JPA, etc.