How Does the Security Run-time System Work?
When performing an action on an object, the object calls out to the security run-time, which pulls in the appropriate execution plan for that class or task, and mines the described metadata. Using the plan information, the security run-time system creates an executor that executes the request, pulls back the security classes and mines the appropriate rules, applying them to the request and its results, and finally returning the resulting securable object or a security exception.