Isolated storage is a Microsoft® .NET feature that is used for lightweight data persistence. This appendix provides the explanation of isolated storage and then describes the limitations of isolated storage. Also covered is using isolated storage to persist user preferences and application state. | Appendix Isolated Storage What Is Isolated Storage Introduction Isolated storage is a Microsoft .NET feature that is used for lightweight data persistence. This appendix provides the explanation of isolated storage and then describes the limitations of isolated storage. Also covered is using isolated storage to persist user preferences and application state. Isolated storage is an alternative to persistently storing data in a file or in a database. When a Web application stores data in a file the file name and storage location must be chosen carefully. If the file name and storage location are not chosen carefully there is a possibility that the storage location will be known to another Web application which can then make the original Web application vulnerable to attack. Isolated storage manages this problem by providing a separate database storage mechanism that provides isolation by defining standardized ways of associating code with saved data. In isolated storage data is stored in a logical storage compartment. Each storage compartment is isolated by some aspects of the code s identity. These identifying aspects of the code can include the application domain assembly and user. For the developer the actual location of the storage compartment is transparent. Only the identity aspects are required to access the compartment. Uses in a Web application Microsoft Web applications by default cannot use file input output I O . Isolated storage is useful in Web applications for storing user preferences and application state. Limitations Isolated storage is not a secure storage medium. Isolated storage is not protected from highly trusted code from unmanaged code or from trusted users. Isolated storage should not be used to store configuration settings that an administrator might want to control. Configuration files are a better location for configuration settings because they are more easily edited and installed by administrators. Isolated storage is a .