NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Types of Isolation

Access to isolated storage is always restricted to the user who created it. To implement this type of isolation, the runtime uses the same notion of user identity that the operating system recognizes, which is the identity associated with the process in which the code is running when the store is opened. This identity will be either an authenticated user identity or a unique anonymous user; impersonation can cause the identity of the current user to change dynamically.

In addition to isolation by user, access to isolated storage is restricted according to the identity associated with the application's domain and assembly or the assembly alone. The runtime obtains these identities in the following ways:

By combining the concepts of user, domain, and assembly identity, isolated storage can isolate data in the following ways, each of which has its own usage scenarios:

Note that isolated storage is always implicitly isolated by computer because it uses the storage facilities local to a given computer. Isolated storage is never shared between machines, nor is data in isolated storage accessible across computers.