You have developed custom HttpModule for URLSecurity which works fine with .Net 3.5, but fails in .Net 4.0 with error "not trusted"
The reason for above error lies in new Code access security (CAS) model. So just switching to 4.0 framework may not help. You need to configure ASP.Net 4.0 application to Use the ASP.Net 2.0 CAS Model as a workaround which brings you back to legacy CAS model from .Net 2.0.
Add the following line to our web.config file :
<trust level="Full" originUrl="" legacyCasModel="true"/>
Please refer following article for more information on:
Code Access Security in ASP.NET 4 Applications