Some code may be secured by requiring that only code with a certain identity (per strong name, from a certain site, etc.) may call it. This approach effectively pushes the effort to secure access onto the specified caller, so is only as good as the precautions taken by the trusted caller. However, when implemented with declarative security the link-time demand (a simple demand with no run-time performance cost, see Link Demand), when sufficient, provides very good performance. Since link-time demand only looks at the immediate referencing code it is subject to a luring attack unless all possible code paths are suitably protected.