CAS-Code Access Security is a security model which grants or deny permissions to your Assemblies depending on Evidences (like from where the code comes from. Is the code come from internet or has it comes from valid publisher or other source)
How CAS works-
Before executing any assembly CAS collects the Evidence Values(publisher, source of assembly, does it have strong name) about that assembly and depending on the Evidence values it start assigning permissions to the assembly via Permission set(Permission Set is the collection of permission).
Code Groups- Code Groups are collection of permission that is allocated to an Assembly as per the Evidence values.
We can apply CAS on any assembly using “caspol” to run this go to your Visual Studio Command Prompt and run “caspol”. But because it is very difficult to work through “caspol” we will use .Net framework 2.0 configuration tool for CAS.
To see what kind of permissions an assembly has- right click on runtime security policy from the left hand side tree and select Evaluate Assembly…
To create a permission set-right click on Permission Sets and add new permission set and add permissions as per you.
To change to Code Group-right click on particular code group and change the permission set as per you.
Problems with CAS-
1. Appling CAS is not an easy task.
2. Deployment of code require CAS Setup again
3. CAS doesn’t work on unmanaged code.