The CLR's security system provides two different security models: role-based security and evidence-based security. The role-based security system is based on the concepts of identity and roles, which represent the same abstractions that users and groups do in traditional operating system security. The evidence-based security system is based on the code (rather than the user executing the code) and is designed to provide security for mobile and downloaded code. This section discusses both security models, although more space is devoted to evidenced-based security because this model of security is newer to most developers.

In general, the following discussion and samples are based on the default settings for the security system within ...

Get Programming in the .NET Environment now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.