How does CAS works?
There are two key methods of CAS security policy- code groups and permissions. A code group contains assemblies in it in a manner that each .NET assembly is related to a particular code group and some permission is granted to each code group. For instance, using the default security policy, a control downloaded from a Web site relates to the Zone, Internet code group, which adheres to the permissions explained by the named permission set. (Normally, the named permission set shows a very restrictive range of permissions.)
Assembly execution includes the following steps:
Evidences are gathered about assembly.
Depending on the gathered evidences, the assembly is assigned to a code group.
Security rights are allocated to the assembly, depending on the code group.
Assembly runs as per the rights allocated to it.