Security and Scalability
Distributed COM complements existing OLE features by including the security and scalability features required to build great distributed component software:
-
Free-threaded objects High-performance, scalable object services supporting simultaneous calls can be written for use by remote clients or by clients on the same machine.
-
Launch security The default configuration of distributed COM allows only machine administrators to launch existing classes from a remote client. Launch security is configurable with a machine-wide default and on an overriding per-class basis. Launch security also applies to local launch requests (requests to use classes by users on the same machine), a new feature to local OLE.
-
Access security Distributed COM is similarly configured so that only machine administrators can access existing, published objects from a remote client. Access security is also configurable with a machine-wide default (DefaultAccessPermission), on an overriding per-class basis (AccessPermission) when applicable, and on a per-process basis (CoInitializeSecurity or the default security keys). Access security also applies to local attempts to access classes, a new feature to local OLE.
-
Call-level security Distributed COM offers fine-grained configuration of the call security—how connections and calls are authenticated, authorized, encrypted, and so on—of any connection to an object, as well as the ability of the object to impersonate or act under the authority of the caller.
For more information about distributed COM, see the "COM and ActiveX Object Services" section of the Microsoft Platform SDK.