The .NET Framework's public language runtime has its own security execution model, which is not bound by the limitations of the operating system it runs on. In addition, unlike the old user-based security, the CLR is based on where the code is from the code rather than the user who is forced to enforce security policies. This model is called code access security. Since many code is installed through the Internet, even trusted users don't know when the code is safe, the model is meaningful in today's environment.
Click here to read the full story