Chapter 8: Security

There are two distinguishable categories of security provided by COM. The first form is termed Activation Security, and it dictates how new objects are started, how new and existing objects are connected to, and how certain public services, such as the Class Table and the Running Object Table are secured. The second form is Call Security, which dictates how security operates at the call level between an established connection from a client to an object (server).

Aspects of the security API are necessarily platform dependent. The Windows versions are shown for reference. Complete interoperability is supported by the user of common, installable authenticators. COM on Windows will support at least Windows NT, Novell Netware, and DCE Kerberos security.

The remainder of this chapter describes these two forms of COM security in detail.