Security during coding is enforced through accessibility domain checks between classes. At compile time, the compiler will cause accessibility domain checks to be performed to enforce security. If a particular piece of source code tries to access or perform an operation that is not permitted, then a compiler error will occur. For example, a typical accessibility domain may look like the below example.
public class A{ public static int X; internal static int Y; private static int Z;}internal class B{ public static int X; internal static int Y; private static int Z; public class C {  public static int X;  internal static int Y;  private static int Z; } private class D {  public static int X;  internal static int Y;  private static int Z; }}
In the example shown above, the classes and members have the following accessibility domains:                The accessibility domain of A and A.X is unlimited.        The accessibility domain of A.Y, B, B.X, B.Y, B.C, B.C.X, and B.C.Y is the program text of the containing program.        The accessibility domain of A.Z is the program text of A.        The accessibility domain of B.Z and B.D is the program text of B, including the program text of B.C and B.D.        The accessibility domain of B.C.Z is the program text of B.C.        The accessibility domain of B.D.X, B.D.Y, and B.D.Z is the program text of B.D.        
As shown above, the privates of a particular program (such as A.Z) can only be accessed within the containing program. Where finer control across assembly or other program boundaries is desired, friend assemblies are often used. A friend assembly is a specific construct that can be used to specify an internal type or internal member in an assembly or program that can be accessed from another assembly or program. However, even in such scenarios, only those internal types of internal members that are specifically indicated as being friend assemblies or programs can be accessed outside of the containing program.
More and more software is being deployed over the Internet, which has led to the creation of sandbox environments. A sandbox is a test environment in which there are strict limitations on what system resources the program or applet can request or access because executable code comes from unknown or untrusted sources. Because of the increasing number of such sandbox environments, there is more and more need for language engines to run in a restricted trust environment. For this reason, the frameworks operating in those environments need to have finer control than allowed by the simple accessibility domain checks without compromising security.