When using isolated storage, data is always isolated by user. Data can also be isolated by assembly, based on credentials such as the origin or the strong name of the assembly, and it can be isolated by application domain, using similar credentials.
When using isolated storage, applications save data to a unique data compartment that is associated with a specific user and with some aspect of the code's identity, such as its Web site, publisher, or signature. The data compartment is an abstraction, not a specific storage location; it consists of one or more stores, which are the actual locations where data is stored. For example, a Web application might have a data compartment associated with it, and a directory in the file system would implement the store that actually preserves the data for that application. The data saved in the store can be any kind of data from user preference information to application state. For the developer, the location of the data compartment is transparent; stores can reside either on the client or on the server.
Administrators can limit how much isolated storage applications can use, based on the trust level appropriate for that application. In addition, administrators can easily remove the persisted data when uninstalling the application.
Code access security prevents untrusted managed code from successfully calling more highly trusted code to store data in isolated storage on its behalf. To create or access isolated storage, code must be granted the appropriate IsolatedStorageFilePermission.