Policies are configured based on a hierarchy of code groups.
Code groups are structured at every policy level. So if the evidence gathered
matches with the membership of a code group within a policy level, the
associated set of permissions is granted to the assembly. The MSDN defines the
code; groups are defined as follows:
"A code group is a logical grouping of code that has a
specified condition for membership. Any code that meets the membership
condition is included in the group. Code groups have associated permission sets
that are evaluated during a policy grant."