Greg Fee is the newest Microsoftian to join the .NET blogsphere, with a pretty good set of recommendations on .NET and reflection:
Use an obfuscator to remove sensitive names and hinder decompilation
Only grant ReflectionPermission( ReflectionPermissionFlag.MemberAccess ) to highly trusted code
Place sensitive code on the server and access it via a web service.
He has already joined Chris Brumme and Brad Abrams on my subscribed list.