One of the key advantages of the .NET Framework security system really lies in its ability to allow for very fine-grained differentiations between assemblies, thus allowing for very fine-grained differentiation of rights to access protected resources. There is now a whole world of semi-trust between allowing code to run or not. Such flexibility is the result of a rich, hierarchically structured, tree-based policy system. The tool itself is simply a graphical instantiation of this model.
In this section, the elements, basic features, techniques, and hints of the tool's policy tree view are introduced. The following sections cover more complex scenarios and actions.