A system that allows service providers, consumer electronic (CE) manufacturers
or standards bodies to define flexible security policies (110) for the execution
of downloaded applications (120) on digital television (DTV) receivers (160).
The current receiver environment in which a software application is to be run is
evaluated. For example, environmental factors such as time of day, date, channel
currently tuned in, parental lockout status, grouping of major and minor virtual
channels, and so forth, may be considered. An access controller (168) determines
if the receiver's environmental factors satisfy the conditions for granting a permission
to a downloadable application to allow access to the receiver functions (161),
receiver resources and user private data. The security policy can be modified by
installing or downloading a new security policy (110), or modified by a
user with the provision of an appropriate interface. A Java code-implemented embodiment
is disclosed.