UME permissions are provided by the User Management Engine (UME) and extend the possibilities provided by the J2EE security roles. However, they are only supported when using a programmatic approach.
One advantage for using UME permissions are that the administration is easier because you can consolidate permissions into actions. The administrator works with the actions and not with all of the individual permissions. In addition, you can perform more complex checks than those supported when using J2EE security roles, for example, you can use wildcards in the authorization check.
For more information, see Tutorials for Using Roles and Permissions in Applications.