Identity permissions represent characteristics by which an assembly can be identified. Each identity permission corresponds to a particular kind of descriptive information about code, such as the strong (shared) name of the assembly or the web site from which the code originated. Identity permissions cannot be requested; however, the runtime grants identity permissions to assemblies based on the information it obtains about the assembly. This information, called evidence, is provided by the loader or a trusted host and can include such information as the digital signature of the assembly or the web site it originates from.
Identity permissions help protect code from unauthorized access. Identity permissions are special in that they can be used to control access to code, based on whether the calling code is recognized as having a particular identity. Because the identity permissions have a set of functionality in common with code access permissions, they are derived from the same base class that the code access permissions are derived from, CodeAccessPermission.
Identity permissions cannot be requested because identity is an inherent trait of the code itself – either the code has credentials that support a particular identity or it doesn't. The runtime grants identity permissions when the assembly is loaded, based on information the runtime discovers about the code. However, code can demand that its callers have a particular identity permission.