Securing RemObjects

Home / SecureBlackbox® / Security knowledgebase / SecureBlackbox / How-to's / Securing RemObjects

SITE SEARCH

Advanced search

SOLUTION GUIDE

For Software Developers
For Business Integrators

BizCrypto
SecureBlackbox
Callback File System
CallbackFilter
CallbackDisk
SolFS (Solid File System)
RawDisk
MsgConnect
VoxPopuli
Crypto4
Custom services

NEED HELP?

Support options
Knowledgebase
Forums
HelpDesk

CUSTOMER RELATIONS

Testimonials
Geography
Contact Us
My Control Center

COMPANY INFORMATION

Company news
Corporate information
For investors
For press
For partners

Securing RemObjects


RemObjects uses several different transports from different vendors. They include WinInet (Windows transport), Indy, DXSock. SecureBlackbox currently supports Indy transport. DXSock support is planned for some later date. WinInet is client-side transport, which has built-in SSL support for HTTP protocol. There are 4 components in RemObjects that we can link SecureBlackbox to. They are TROIndyHTTPServer/TROIndyHTTPClient and TROIndyTCPServer/TROIndyTCPClient. TROIndyHTTPServer and TROIndyHTTPClient are server and client of HTTP transport, based on HTTP protocol. TROIndyTCPServer and TROIndyTCPClient are server and client of plain TCP transport. The components mentioned can be bound to Indy 8 or Indy 9. Evaluation version of RemObjects supports Indy 8 in Delphi 6 evaluation version and Indy 9 in Delphi 7 evaluation version. In registered version of RemObjects you can use whatever version you want. Instructions for using SecureBlackbox with different Indy bindings are listed below. Before using SecureBlackbox with RemObjects be sure to install Indy support package (sbIndy.dpk) which is located in <SecureBlackbox>\Classes\Indy folder. Indy 9 TROIndyHTTPServer and TROIndyTCPServer components have a property named IndyServer. This property is a class that exposes some of Indy HTTP/TCP server. Among other properties, there is a property IOHandler. To add SecureBlackbox to your project that uses TROIndyServer, you need to put an instance of TElIndySSLServerIOHandler to the form, then set IOHandler property (mentioned above) to the name of TElIndySSLServerIOHandler component. TROIndyHTTPClient or TROIndyTCPClient components have a property named IndyClient. This property is a class that exposes some of Indy HTTP/TCP client. Among other properties, there is a property IOHandler. To add SecureBlackbox to your project that uses TROIndyClient, you need to put an instance of TElIndySSLIOHandlerSocket* to the form, then set IOHandler property (mentioned above) to the name of TElIndySSLIOHandlerSocket component. You will find a sample project of using SecureBlackbox with RemObjects in <SecureBlackbox>\Samples\RemObjects\Indy9 folder. Indy 8 TROIndyHTTPServer and TROIndyTCPServer components have a property named IndyServer. This property is a class that exposes some of Indy HTTP/TCP server. Among other properties, there is a property Intercept. To add SecureBlackbox to your project that uses TROIndyServer, you need to put an instance of TElIndyServerSSLIntercept* to the form, then set IOHandler property (mentioned above) to the name of TElIndyServerSSLIntercept component. TROIndyHTTPClient or TROIndyTCPClient components have a property named IndyClient. This property is a class that exposes some of Indy HTTP/TCP client. Among other properties, there is a property IOHandler. To add SecureBlackbox to your project that uses TROIndyClient, you need to put an instance of TElIndyConnectionSSLIntercept* to the form, then set IOHandler property (mentioned above) to the name of TElIndyConnectionSSLIntercept component. You will find a sample project of using SecureBlackbox with RemObjects in <SecureBlackbox>\Samples\RemObjects\Indy8 folder. Towards maximum security In fact, after the above steps your connection is encrypted. It is not easy to see the data anymore. However the task is not complete. It is technically possible for some third-party to access the data. How is this done? Third-party establishes itself as a remote part of the communication and receives the information. Imagine you connect to a server and send a request. However the server you connected to is not the one you thought. In fact this is fraud server. Your reuqest can continue some valuable information and it does not matter if you discover the problem – valuable information has been already passed to a criminal. To prevent this, proper authentication steps must be taken. Both server and client must be properly identified as authorized to access the data. This is done using X.509 certificates. X.509 certificate can identify the side (server or client) in communications and it can also contain supplementary information that, for example, contains description of the scope of actions, which the client is allowed to do. For information about certificates see Certificate basics article Download SecureBlackbox now.

Return to the list

Share |

Most wanted features

Vote or request a feature

Support and Resources

Latest version

8.0.176
Released 23 May 2010