Security policy is the configurable set of rules that the NGWS runtime follows when it decides what it will allow code to do. Administrators set security policy, and the runtime enforces it. The runtime ensures that code can access only the resources and call only the code that security policy allows it to access.
Whenever an attempt is made to load an assembly, the runtime uses security policy to determine which permissions to grant to the assembly. By examining information called evidence that describes the assembly, the runtime examines security policy to decide how much the code is trusted and, therefore, what permissions to grant to that assembly. Evidence includes, but is not limited to, the code's publisher, its site, and its zone. Security policy also determines which permissions to grant to application domains.
For more detailed information about how the runtime uses security policy to determine which permissions to grant, see Security Policy Management.