The JDK uses ConcurrentHashMap for mapping ProtectionDomain to PermissionCollection. ConcurrentHashMap is typically used for high concurrency in applications. It has the following characteristics:

• Thread safe
• The enter map does not need to be synchronized
• Fast reads
• Writes use locks
• No object-level locking
• Locking at a very granular level

The ConcurrentHashMap class definition is as follows:

public class ConcurrentHashMap<K, V> extends AbstractMap<K, V> implements ConcurrentMap<K, V>, Serializable

In the preceding class definition, K refers to the type of keys maintained by the hash map, and V indicates the type of mapped values. There is a KeySetView subclass and several methods.

There are three additional classes related to enforcing security policy—ProtectionDomain, PermissionCollection, and SecureClassLoader:

• The ProtectionDomain class is used to encapsulate a group of classes so that permissions can be granted to the domain.
• The PermissionCollection class represents a collection of permission objects.
• The SecureClassLoader class, which extends the ClassLoader class, provides additional functionality for defining classes with permissions for retrieval by the system policy. In Java, this class uses ConcurrentHashMap for increased security.