Distributed Component Object Model

Last updated

Distributed Component Object Model (DCOM) is a proprietary Microsoft technology for communication between software components on networked computers. DCOM, which originally was called "Network OLE", extends Microsoft's COM, and provides the communication substrate under Microsoft's COM+ application server infrastructure.

Contents

The extension COM into Distributed COM was due to extensive use of DCE/RPC (Distributed Computing Environment/Remote Procedure Calls) – more specifically Microsoft's enhanced version, known as MSRPC. [1]

In terms of the extensions it added to COM, DCOM had to solve the problems of:

One of the key factors in solving these problems is the use of DCE/RPC as the underlying RPC mechanism behind DCOM. DCE/RPC has strictly defined rules regarding marshalling and who is responsible for freeing memory. [2]

DCOM was a major competitor to CORBA. [3] Proponents of both of these technologies saw them as one day becoming the model for code and service-reuse over the Internet. However, the difficulties involved in getting either of these technologies to work over Internet firewalls, and on unknown and insecure machines, meant that normal HTTP requests in combination with web browsers won out over both of them. [4] Microsoft, at one point, attempted to remediate these shortcomings by adding an extra HTTP transport to DCE/RPC called ncacn_http (Network Computing Architecture connection-oriented protocol). [5]

DCOM was publicly launched as a beta for Windows 95 September 18, 1996. [6]

DCOM is supported natively in all versions of Windows starting from Windows 95, and all versions of Windows Server since Windows NT 4.0 [7]

Security improvements

As part of the initiative that began at Microsoft as part of Secure Development Lifecycle to re-architect insecure code, DCOM saw some significant security-focused changes in Windows XP Service Pack 2. [8]

In response to a security vulnerability reported by Tencent Security Xuanwu Lab in June 2021, [9] Microsoft released security updates for several versions of Windows and Windows Server, hardening access to DCOM. [10]

Alternative versions and implementations

COMsource is a Unix based implementation of DCOM, allowing interoperability between different platforms. Its source code is available, along with full and complete documentation, sufficient to use and also implement an interoperable version of DCOM. COMsource comes directly from the Windows NT 4.0 source code, and includes the source code for a Windows NT Registry Service. [11]

In 1995, Digital and Microsoft announced Affinity for OpenVMS (also known as NT Affinity) which was intended to allow OpenVMS to serve as the persistence layer for Windows NT client-server applications. [12] As part of this initiative, an implementation of the Distributed Component Object Model (DCOM) was added to OpenVMS Alpha. [13] In order to support DCOM, VMS was provided with implementations of the Windows Registry, NTLM authentication, and a subset of Win32 APIs needed to support COM. [14] DCOM was first added to OpenVMS V7.2-1 for the Alpha. [15] A similar implementation of DCOM was added to Digital Unix as part of the AllConnect program. [13]

TangramCOM was a separate project from Wine, focusing on implementing DCOM on Linux-based smartphones. [16]

See also

Related Research Articles

In distributed computing, a remote procedure call (RPC) is when a computer program causes a procedure (subroutine) to execute in a different address space, which is written as if it were a normal (local) procedure call, without the programmer explicitly writing the details for the remote interaction. That is, the programmer writes essentially the same code whether the subroutine is local to the executing program, or remote. This is a form of client–server interaction, typically implemented via a request–response message passing system. In the object-oriented programming paradigm, RPCs are represented by remote method invocation (RMI). The RPC model implies a level of location transparency, namely that calling procedures are largely the same whether they are local or remote, but usually, they are not identical, so local calls can be distinguished from remote calls. Remote calls are usually orders of magnitude slower and less reliable than local calls, so distinguishing them is important.

Samba is a free software re-implementation of the SMB networking protocol, and was originally developed by Andrew Tridgell. Samba provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller (DC) or as a domain member. As of version 4, it supports Active Directory and Microsoft Windows NT domains.

The Common Object Request Broker Architecture (CORBA) is a standard defined by the Object Management Group (OMG) designed to facilitate the communication of systems that are deployed on diverse platforms. CORBA enables collaboration between systems on different operating systems, programming languages, and computing hardware. CORBA uses an object-oriented model although the systems that use the CORBA do not have to be object-oriented. CORBA is an example of the distributed object paradigm.

Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems (Sun) in 1984, allowing a user on a client computer to access files over a computer network much like local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call system. NFS is an open IETF standard defined in a Request for Comments (RFC), allowing anyone to implement the protocol.

XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism.

<span class="mw-page-title-main">Inter-process communication</span> How computer operating systems enable data sharing

In computer science, inter-process communication (IPC), also spelled interprocess communication, are the mechanisms provided by an operating system for processes to manage shared data. Typically, applications can use IPC, categorized as clients and servers, where the client requests data and the server responds to client requests. Many applications are both clients and servers, as commonly seen in distributed computing.

<span class="mw-page-title-main">Interface description language</span> Computer language used to describe a software components interface

An interface description language or interface definition language (IDL) is a generic term for a language that lets a program or object written in one language communicate with another program written in an unknown language. IDLs are usually used to describe data types and interfaces in a language-independent way, for example, between those written in C++ and those written in Java.

In distributed computing, an object request broker (ORB) is a concept of a middleware, which allows program calls to be made from one computer to another via a computer network, providing location transparency through remote procedure calls. ORBs promote interoperability of distributed object systems, enabling such systems to be built by piecing together objects from different vendors, while different parts communicate with each other via the ORB. Common Object Request Broker Architecture) standardizes the way ORB may be implemented.

The Distributed Computing Environment (DCE) is a software system developed in the early 1990s from the work of the Open Software Foundation (OSF), a consortium founded in 1988 that included Apollo Computer, IBM, Digital Equipment Corporation, and others. The DCE supplies a framework and a toolkit for developing client/server applications. The framework includes:

Open Network Computing (ONC) Remote Procedure Call (RPC), commonly known as Sun RPC is a remote procedure call system. ONC was originally developed by Sun Microsystems in the 1980s as part of their Network File System project.

Windows Services for UNIX (SFU) is a discontinued software package produced by Microsoft which provided a Unix environment on Windows NT and some of its immediate successor operating-systems.

Distributed File System (DFS) is a set of client and server services that allow an organization using Microsoft Windows servers to organize many distributed SMB file shares into a distributed file system. DFS has two components to its service: Location transparency and Redundancy. Together, these components enable data availability in the case of failure or heavy load by allowing shares in multiple different locations to be logically grouped under one folder, the "DFS root".

Inter-Language Unification or ILU is a method for computer systems to exchange data, bridging differences in the way systems represent the various kinds of data. Even if two systems run on the same computer, or on identical computer hardware, many differences arise from the use of different computer languages to build the systems.

Microsoft RPC is a modified version of DCE/RPC. Additions include partial support for UCS-2 strings, implicit handles, and complex calculations in the variable-length string and structure paradigms already present in DCE/RPC.

DCE/RPC, short for "Distributed Computing Environment / Remote Procedure Calls", is the remote procedure call system developed for the Distributed Computing Environment (DCE). This system allows programmers to write distributed software as if it were all working on the same computer, without having to worry about the underlying network code.

DCEThreads is an implementation of POSIX Draft 4 threads. DCE Stands for "Distributed Computing Environment" DCEThreads allowed users to create multiple avenues of execution in a single process. It is based on pthreads interface.

.NET Remoting is a Microsoft application programming interface (API) for interprocess communication released in 2002 with the 1.0 version of .NET Framework. It is one in a series of Microsoft technologies that began in 1990 with the first version of Object Linking and Embedding (OLE) for 16-bit Windows. Intermediate steps in the development of these technologies were Component Object Model (COM) released in 1993 and updated in 1995 as COM-95, Distributed Component Object Model (DCOM), released in 1997, and COM+ with its Microsoft Transaction Server (MTS), released in 2000. It is now superseded by Windows Communication Foundation (WCF), which is part of the .NET Framework 3.0.

Security Support Provider Interface (SSPI) is a component of Windows API that performs security-related operations such as authentication.

In a distributed computing environment, distributed object communication realizes communication between distributed objects. The main role is to allow objects to access data and invoke methods on remote objects. Invoking a method on a remote object is known as remote method invocation (RMI) or remote invocation, and is the object-oriented programming analog of a remote procedure call (RPC).

Component Object Model (COM) is a binary-interface technology for software components from Microsoft that enables using objects in a language-neutral way between different programming languages, programming contexts, processes and machines.

References

  1. "What is Distributed Component Object Model (DCOM)?". WhatIs.com. Retrieved 2022-08-03.
  2. "DCE 1.1: Remote Procedure Call - Introduction to the RPC API". pubs.opengroup.org. Retrieved 2022-08-03.
  3. Nowak, Filip; Qasim, Mohsin. "A Comparison of Distributed Object Technologies CORBA vs DCOM" (PDF). Archived (PDF) from the original on 2017-08-29.{{cite journal}}: Cite journal requires |journal= (help)
  4. "Object Technology Jeff Sutherland: Web Services: Better than CORBA or DCOM?" . Retrieved 2022-08-03.
  5. stevewhims. "Remote Procedure Calls Using RPC over HTTP - Win32 apps". docs.microsoft.com. Retrieved 2022-08-03.
  6. Press Release Announcing DCOM Beta
  7. "Distributed Component Object Model (DCOM) Remote Protocol" (PDF). Microsoft - Distributed Component Object Model (DCOM) Remote Protocol. June 25, 2021. Archived (PDF) from the original on 2021-05-09. Retrieved August 3, 2022.
  8. DCOM Security Enhancements
  9. "Security Update Guide - Microsoft Security Response Center". msrc.microsoft.com. Retrieved 2022-08-03.
  10. "KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)". support.microsoft.com. Retrieved 2022-08-03.
  11. "DataSheet COMsource for Solaris, Tru64 UNIX and other Platforms". DataSheet COMsource for Solaris, Tru64 UNIX and other Platforms.
  12. "OpenVMS at 20 Nothing stops it" (PDF). Digital. October 1997. Archived (PDF) from the original on 2021-04-19. Retrieved 2021-02-12.
  13. 1 2 Gene Cronin, Terence P. Sherlock (2000). COM Beyond Microsoft: Designing and Implementing COM Servers on Compaq Platforms. ISBN   1555582265.
  14. "OpenVMS Connectivity Developer Guide". hpe.com. July 2000. Retrieved 2021-01-01.
  15. "OpenVMS Alpha V7.2-1 Release Notes". odl.sysworks.biz. January 1999. Retrieved 2021-01-01.
  16. "Home - TangramCOM". www.andjoin.com. Retrieved 2022-08-03.