If your application manages critical data, you might want to enforce some form of security to prevent unauthorized developers from plugging their DLLs into your app. The simplest way to achieve this degree of control is to check the strong name of plug-in DLLs and ignore any assembly that isn’t signed with your company’s strong name (or a specific private-public key pair that you’ve provided to authorized developers only).

Alternatively, you can prevent plug-ins from performing dangerous operations by making them run in a sort of sandbox. For example, you might prevent them from accessing the Registry and limit their access to the file system to a given directory tree. You can achieve this strong degree of control by creating a set of permissions and allowing only those permissions before you call a method in a plug-in.