Click here to Skip to main content
12,551,901 members (53,693 online)
Click here to Skip to main content
Add your own
alternative version


32 bookmarked

Using Isolated Storage to Store Application User Data in the .NET Framework

, 16 Apr 2009 CPOL
Rate this:
Please Sign up or sign in to vote.
Using Isolated Storage to store application user data in the .NET Framework


Most of our applications are installed under the local user account which has full-trust permissions. But what if we were to deploy the applications in a more secure environment, say an office where the administrator does not wish to grant you write access?

Well the .NET Framework provides a little less known feature called Isolated Storage to overcome such restrictions. The cool part of this feature is that the .NET Framework takes care of all the plumbing work of creating, fetching and reading the files. However the most important aspect of Isolated Storage is to overcome security limitations of applications writing data to the operating system. Your application will be able to write/read user data to/from the underlying O/S regardless of it running under partial, limited or full-trust mode when it uses Isolated Storage.


So how does it work? The framework creates stores in an isolated environment in which the application can create and use both files and directories. Further other applications will not have access to this store and two users on the same system will have different stores for the same application. It is very much like a virtual file system. 

Building Blocks

It uses the System.IO.IsolatedStorage namespace of the .NET Framework.

It makes use of the IsolatedStorageFile, IsolatedStorageFileStream classes. 

Using the Code 

The sample application creates and stores project files that contain a name and version. The UserStore.cs class does all of the heavy lifting and you can use this in your projects or even extend it for whatever other requirements you may have.


Let us take a look at the UserStore class. We must first grant permissions to the class that will use Isolated Storage. We can do this by using the following annotation with the class or method.

  public class UserStore

Then we need to instantiate an IsolatedStorageFile object called ifl:

IsolatedStorageFile ifl;

       public UserStore()
           ifl = IsolatedStorageFile.GetUserStoreForAssembly();

Create the project files in the storage:

public void createProject(string fname,string content)
           IsolatedStorageFileStream isf = new IsolatedStorageFileStream(fname+".prj",
                   FileMode.Create, ifl);
           StreamWriter sw = new StreamWriter(isf);


Get files from the storage:

public string[] getProjects()
           string []files = ifl.GetFileNames("*.prj");
           return files;

To read the contents of a file, create a IsolatedStorageFileStream and wrap it in a StreamReader:

public string getProjectContents(string fname)
           IsolatedStorageFileStream isf = new IsolatedStorageFileStream(fname,
                      FileMode.Open, ifl);
           StreamReader sr = new StreamReader(isf);
           string content = sr.ReadToEnd();
           return content;

Delete a file from the storage:

public void deleteProject(string fname)

Points of Interest

Isolated storage isn't a substitute for securing sensitive information. As you can see from the screen shot, the file location and contents of the file are easily accessible. I strongly recommend encrypting passwords and other sensitive data before storing them in the Isolated Storage area.


You can set quotas for space available to each user of the application by specifying it in the class annotation.

	(SecurityAction.Demand, UserQuota=5242880)] 

This is important from a Security Architecture point of view as you can benefit running under lower user privileges.

In the next article, I'd like to introduce Smart Clients. This will be a base for that article.


  • 16th April, 2009: Initial post


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Ritesh Ramesh
Architect Infosolvex Solutions Inc
Australia Australia
Ritesh is an IT consultant with over ten years of experience in the IT industry varying from consultation, architecture, design, development to technical management. He has a strong background in solutions and applications architecture with a focus on Microsoft’s .Net platform. His area of expertise spans design and implementation of client/server, database and web-based systems. He has worked with C#, ASP.NET 1.1 and 2.0, ADO.NET, Web Services and SQL technology on several enterprise class projects.

Freedom is not worth having if it does not include the freedom to make mistakes.
Mahatma Gandhi

You may also be interested in...


Comments and Discussions

GeneralHello Pin
Member 466105826-Nov-10 3:15
memberMember 466105826-Nov-10 3:15 
GeneralVery good article, only a small correction... Pin
Justino_8-Oct-09 7:02
memberJustino_8-Oct-09 7:02 
GeneralGood article adn great find Pin
Donsw16-May-09 12:19
memberDonsw16-May-09 12:19 
GeneralGreat information; thanks!! Pin
DbMan175-May-09 7:55
memberDbMan175-May-09 7:55 
GeneralVery good Pin
Member 281035916-Apr-09 22:35
memberMember 281035916-Apr-09 22:35 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.161021.1 | Last Updated 16 Apr 2009
Article Copyright 2009 by Ritesh Ramesh
Everything else Copyright © CodeProject, 1999-2016
Layout: fixed | fluid