Code Access Security (CAS) is a feature in .NET which
imposes security on the code under execution based on that has created it, from
where was it downloaded or copied and what are the evidences of the code.
Evidences tell where the code is supposed to execute. So based on the evidence,
permissions are set and these permissions are managed by policies. There are
other definitions of CAS too.
According to the MSDN, "Code access security allows
code to be trusted to varying degrees depending on where the code originates
and on other aspects of the code's identity. Code access security also enforces
the varying levels of trust on code, which minimizes the amount of code that
must be fully trusted in order to run. Using code access security can reduce
the likelihood that your code can be misused by malicious or error-filled code.
It can reduce your liability because you can specify the set of operations your
code should be allowed to perform as well as the operations your code should
never be allowed to perform. Code access security can also help minimize the
damage that can result from security vulnerabilities in your code."
According to Wikipedia, "Code Access Security (CAS), in
the Microsoft .NET Framework, is Microsoft's solution to prevent untrusted code
from performing privileged actions. When the CLR loads an assembly it will
obtain evidence for the assembly and use this to identify the code group that
the assembly belongs to. A code group contains a permission set (one or more
permissions). Code that performs a privileged action will perform a code access
demand which will cause the CLR to walk up the call stack and examine the
permission set granted to the assembly of each method in the call stack. The
code groups and permission sets are determined by the administrator of the
machine who defines the security policy."