Basic file I/O functionality provides the ability to access, store, and manipulate data that is stored in hierarchical file systems whose files are referenced using unique paths. For some applications, such as web applications, using standard mechanisms for storing data in files complicates the development process because of the need for isolation, configurability, ease of deployment, and security:
Isolation
When an application stores data in a file in a file system, the file name and storage location must be carefully chosen to minimize the possibility that the storage location will be known to another application and, therefore, vulnerable to corruption. Individual application developers have been responsible for creating and using ad hoc techniques that minimize storage conflicts.
Configurability
When web applications handle persistent data, it can be difficult, if not impossible, for the application to ensure that the files it uses can be easily configured by administrators.
Ease of Deployment
It can be difficult to deploy an application that requires a file to reside in a particular location, especially when that location must be secured from access by other applications.
Security
Traditional file systems have mechanisms, such as access control lists (ACLs), for restricting the access that users have to files, but they do not restrict what code can do when running in a user's context. Also, ACL-based security mechanisms are useful only when an administrator can properly configure the ACLs on all the systems on which the application will run; with web applications, this approach is often not feasible.
Isolated storage is a data storage mechanism that provides isolation, configurability, ease of deployment, and security. It is similar to browser cookies but more flexible and powerful. Isolated storage provides developers with a controlled mechanism for isolating and storing data in files. There is no longer a need for applications to invent unique paths to try to prevent data storage from overlapping with another application's storage area. Using isolated storage enables partially trusted applications to store data in a secure, controlled way that is likely to be allowed by security policy. Although security policy rarely grants permission to access the file system using standard I/O mechanisms, it is not unusual for security policy to allow code to access or create isolated storage.
For more information, see Introduction to Isolated Storage.