The .NET Framework provides a security mechanism to protect computer systems from malicious code and to provide a way to allow mobile code to run safely, mechanism called Code Access Security (CAS). While CAS is a .NET security feature, it applies to all .NET managed code such as ASP.NET Web applications.

CAS allows code to be trusted to varying degrees, as determined by security policy, depending on where the code comes from and on other aspects of the code's identity, such as its strong assembly name. CAS reduces the likelihood of our code being misused by other malicious code. It allows us to specifically set the operations our code should be allowed to perform as well as the operations our code should never be allowed to perform. Specifically, CAS supports a permission support mechanism by which code can explicitly request particular permissions and explicitly refuse others that it knows it never needs.

Code access security relies upon the notion of code access permissions. Each permission represents the right for code to access a protected resource such as a file, directory, or registry entry, or the right for it to perform a protected operation such as calling into unmanaged code. Permissions can be demanded by code and the runtime security policy determines which permissions to grant.

.NET allows administrators to assign a pre-defined set of permissions to an application. These permission sets vary based on the level of trust accorded to the application. By default, applications receive a level of trust dependent upon the evidence presented about the code's digital signature, origin, and the location of the application. ASP.NET Web applications can be further configured by assigning them trust levels. Trust levels are configured using the <trust> element within the configuration file.

<trust level="Full | High | Low | None" originUrl="url" />

The default mappings for ASP.NET are:

•High:
High mapping maps to web_hightrust.config .This level provides permissions that grant applications read/write access to the application directory (subject to operating system permissions) and allows the application to replace the authentication principal object. It also restricts applications from calling into non-managed code.

•Low:
Low mapping maps to web_lowtrust.config.This level allows applications to read from the application directory and provides limited network connectivity.

•None:
None mapping maps to web_notrust.config. This level provides basic execution permission and supports the application's use of isolated storage.

Example of Code:

<securityPolicy>
       <trustLevel name="Full" policyFile="internal" />
       <trustLevel name="High" policyFile="web_hightrust.config" />
       <trustLevel name="Low" policyFile="web_lowtrust.config" />
       <trustLevel name="None" policyFile="web_notrust.config" />
</securityPolicy>