1. Technical Field
The present invention relates in general to security and entity authentication in distributed object computing over the Internet and in particular to utilizing existing protocols for such security and entity authentication. Still more particularly, the present invention relates to utilizing the Internet Inter-ORB Protocol for security and entity authentication in distributed object computing over the Internet.
2. Description of the Related Art
The Internet Inter-ORB (Object Request Broker) Protocol (IOP), a standard protocol promulgated by the Object Management Group (OMG), is emerging as a leading technology for enabling distributed object computing over the Internet. Security, particularly authentication of interaction entity (client and server) identities in this environment is required for many applications, such as Internet commerce. Currently, however, the IOP protocol allows only for one-way authentication: only a server is able to authenticate the client. The protocol includes no provision for the client to authenticate the server. This functionality may be essential for an Internet transaction where a client is required, for example, to disclose a credit card number for a transaction to proceed. In such a circumstance, the client is better protected by verifying the authenticity of the server's identity before it engages with the server, thus achieving mutual authentication for the interacting entities.
It would be desirable, therefore, to provide a method and apparatus for mutual authentication of entities interacting over the Internet utilizing the IOP protocol. It would be advantageous, given the widespread industry implementation of the IOP protocol, if the method utilized the IOP protocol in its current state rather than redesigning the protocol. It would further be desirable for the solution to be applicable to every Object Request Broker (ORB) based on the IOP protocol.