Security in COM

Security in COM is firmly based on the security provided by Windows and the underlying RPC security mechanisms. COM security relies on authentication (the process of verifying a caller's identity) and authorization (the process of determining whether a caller is authorized to do what it is asking to do). There are two main types of security in COM: activation security and call security. Activation security determines whether a client can launch a server at all. After a server has been launched, you can use call security to control access to a server's objects.

In this security model, servers manage and help protect objects, clients get access to objects through servers, and servers can attempt access while impersonating the client.

The system implements the Kerberos v5 authentication protocol and the Schannel security package. It also includes features such as delegate-level impersonation, mutual authentication, the ability to set authentication levels for an AppID in the registry, and cloaking. Using COM security, you can implement objects that can perform privileged operations without compromising security.

Because there is a wide range of COM security features available, it is helpful to initially determine what kind of security your application needs. For most applications, setting an acceptable level of security can be a painless process, but you can also use COM security to support very complex security scenarios.

You can set security processwide, either by using Dcomcnfg.exe to set the registry or by calling CoInitializeSecurity. Two primary interfaces, IClientSecurity and IServerSecurity (and associated helper functions), allow you to set call-level security within your program.

To learn more about COM security, see the following topics: