System.Security.Permissions.IsolatedStorageContainment Enumeration

Assembly: Mscorlib.dll
Namespace: System.Security.Permissions
Summary
Specifies the permitted use of isolated storage.
C# Syntax:
[Serializable]
public enum IsolatedStorageContainment
Remarks
Isolated storage uses evidence to determine a unique storage area for use by an application or component. The identity of an assembly uniquely determines the root of a virtual file system for use by that assembly. Thus, rather than many applications and components sharing a common resource such as the file system or registry, each has its own file area inherently assigned to it.

Three basic isolation scopes are used when assigning isolated storage:

For definitions of URL, site, and zone, see UrlIdentityPermission, SiteIdentityPermission, and ZoneIdentityPermission.

These identities are grouped together, in which case the identities are applied one after another until the desired isolated storage is created. The valid groupings are User+Assembly and User+Assembly+Domain. This grouping of identities is useful in many different applications.

If data is stored by domain, user, and assembly, the data is private in that only code in that assembly can access the data. The data store is also isolated by the application in which it runs, so that the assembly does not represent a potential leak by exposing data to other applications.

Isolation by assembly and user could be used for user data that applies across multiple applications; for example, license information, or a user's personal information (name, authentication credentials, and so on) that is independent of an application.

IsolatedStorageContainment exposes flags that determine whether an application is allowed to use isolated storage and, if so, which identity combinations are allowed to use it. It also determines whether an application is allowed to store information in a location that can roam with a user (Windows Roaming User Profiles or Folder Redirection must be configured).

See also:
System.Security.Permissions Namespace See also:
MSDN: isolatedstorage | IsolatedStoragePermission | IsolatedStoragePermissionAttribute | IsolatedStorageFilePermission | IsolatedStorageFilePermissionAttribute

System.Security.Permissions.IsolatedStorageContainment Member List:

Public Fields
AdministerIsolatedStorageByUser Unlimited administration ability for the user store. Allows browsing and deletion of the entire user store, but not read access other than the user's own domain/assembly identity.
AssemblyIsolationByRoamingUser Storage is isolated first by user and then by assembly evidence. Storage will roam if Windows user data roaming is enabled. This provides a data store for the assembly that is accessible in any domain context. The per-assembly data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.
AssemblyIsolationByUser Storage is isolated first by user and then by code assembly. Storage is also isolated by computer. This provides a data store for the assembly that is accessible in any domain context. The per-assembly data compartment requires additional trust because it potentially provides a "tunnel" between applications that could compromise the data isolation of applications in particular Web sites.
DomainIsolationByRoamingUser Storage is isolated first by user and then by domain and assembly. Storage will roam if Windows user data roaming is enabled. Data can only be accessed within the context of the same application and only when run by the same user. This is helpful when a third-party assembly wants to keep a private data store.
DomainIsolationByUser Storage is isolated first by user and then by domain and assembly. Storage is also isolated by computer. Data can only be accessed within the context of the same application and only when run by the same user. This is helpful when a third-party assembly wants to keep a private data store.
None Use of isolated storage is not allowed.
UnrestrictedIsolatedStorage Use of isolated storage is allowed without restriction. Code has full access to any part of the user store, regardless of the identity of the domain or assembly. This use of isolated storage includes the ability to enumerate the contents of the isolated storage data store.

Hierarchy:


Top of page

Copyright (c) 2002 Microsoft Corporation. All rights reserved.