This may seem like a very broad question, but any help is appreciated.
I have a client / server solution written in java that uses a Cajo project (which uses RMI). I just want to try to make my decision as secure as possible, given the confidential data that will be transferred between the server and the client.
So far, my ideas have been to make all my classes "final", and also to exclude a "non-serializable" exception for all my classes on the server (except for binding the object in the RMI registry and any objects that actually, of course, need to translate).
Can anyone think of any other ideas?
I know that someone can write a malicious client - this is not difficult to do, since you can find the remote object's API using reflection. However, is there anything I can do to protect classes / objects of access to a malicious client on the server that they should not access?
Many thanks
Update:
Thank you all for the helpful tips, and wish it took so long to get back to you. My current train of thought is to create a secure system:
- Use OpenVPN between clients and the server. This means that you need access to a physical client for access. (NB Due to the two points below, the VPN will actually be located between the server and the office LAN. I believe this is fairly safe)
- (, JBOSS) . , -, , .
- "Non-serizable" , , . .
? , , .
. , , . , , - - "" . , , / , .