Security Policy ModelĀ
The .NET Framework security policy model comprises the following elements:
Security policy levels: enterprise, machine, user, and sometimes application domain.
A hierarchy of code groups within the enterprise, machine, and user policy levels.
Named permission sets associated with each code group.
Evidence that provides information about the identity of code.
Application domain hosts that provide evidence about code to the common language runtime.
Each security policy level has its own hierarchy of code groups that provides infrastructure for establishing and configuring security policy. Code groups map evidence to a set of allowed permissions. Often, code groups are associated with a named permission set that specifies the allowable permissions for code in that group. The runtime uses evidence provided by a trusted host or by the loader to determine which code groups the code belongs to and, therefore, which permissions the code is granted.