Handle Java security policies and managers

It looks like we have several places in the code where we need to use a java.security.PrivilegedAction and AccessController.
We currently have bval-core/src/main/java/org/apache/bval/util/PrivilegedActions.java which just needs to be used before accessing classloaders, system resources, ....