The OSGi specifications include security as a fundamental element. In addition to the standard Java 2 permissions, OSGi-specific permissions are defined throughout the framework and supplemental services. For example, with the system running in secure mode, bundles require distinct permissions to register and look up services and access properties.
The permissions in a system are managed by special-purpose services such as the Conditional Permissions Admin service. This service can be used to manage permissions on a per-bundle basis by, for example, giving bundles certain permissions if they are digitally signed by particular parties. In addition, the User Admin service facilitates the management of user-level or application permissions based on the current user's identity and role.
The real value of the OSGi permission model is that it is used throughout the entire framework and service set.