Java Remote Method Invocation with GSS in Distributed Systems

摘要

This paper presents a popular Distributed Object Architecture, Remote Method Invocation (RMI). RMI works on a Java framework, it provides the same feature as Java provides. Its portability, ability to transport objects, and power to connect to existing systems to make a strong choice amongst other competing technologies. The Secure Sockets Layer (SSL) is a widely popular protocol that currently provides the secure framework RMI needs. Most e-commerce applications these days run over SSL. However, SSL may not the right choice for every application requiring a security backbone. Java Remote Method Invocation is an implementation of Remote Procedure Call (RPC) in object oriented environment, however its security level can be regarded as very low. By using additional technologies: Kerberos and Java Authentication and Authorization Service, one can greatly improve Java Remote Method Invocation security and enhance the security of Java RMI. These Enhancements are called Secure RMI. It is shows by using Secure RMI that satisfied three conditions of secure communication namely: integrity, confidentiality and authentication. In modern computer systems there is also a requirement for authorization. It is handled by Secure RMI as well. Finally, performance of system build by using Secure RMI is studied. The main focus of this paper is on RMI use and provides the Security by using Kerberos with GSS (Generic Security Service) for Secure RMI. GSS replaced SSL, GSS provides better requirements of Secure RMI. The new security overlay developed has been proposed as a possible solution.