Hosts can affect how the the NGWS security system assigns permissions to code running inside the domain. Specifically, hosts can supply domain specific code access security policy that is evaluated by the security system along with the per-user and machine wide security policy. Also, hosts can play a role in supplying the security system with evidence about code that is loaded into the domain.
The details about how security works with Application Domains are described in the Hosting and Loading Code specification.