Applying security policies through agent roles: A JAAS based approach