Distributed component software security issues on deploying a secure electronic marketplace

A secure electronic marketplace involves a significant number of real‐time transactions between remote systems, either for commercial or for authentication purposes. The underlying infrastructure of choice to support these transactions seems to be a distributed component architecture. Distributed component software (DCS) is the natural convergence of client/server network computing and object oriented technology in a mix providing reusability, scaleability and maintainability for software constructs. In DCS a client acquires references to objects provided by components located to remote machines and invokes methods of them as if they were located in its native environment. One implementation also provides the ability to pass objects by value, an approach recently examined also by others. The three major models in the distributed component software industry are OMG’s CORBA, Sun’s Enterprise Java Beans, and Microsoft’s DCOM. Besides these, we will discuss the progress for interoperable DCS systems performed in TINA, an open architecture for telecommunications services based on CORBA distributed components. In this paper the security models of each architecture are described and their efficiency and flexibility are evaluated in a comparative manner. Finally, upcoming extensions are discussed.