Question : SECURE Communication between two EXE files

Hi Experts,

I am working for a software company where my company is developing one piece of a software product (GUI) and another company is developing the other piece of software (BACKEND). We do a mix of different files such as c++, c# and vc++. We need our GUI to communicate to the backend on certain user interactions (Changing settings, upgrading, buying license,...) The end result is that we have two EXE files which are currently exchanging data through local HTTP calls such as:

1:	http://localhost/api.xml?add_user=1&user_name=tester01&return_on_err=0

Our piece of software (GUI Fronted) creates a call to their EXE which is just bunch of compiled calls and algorithms (Backend).

My problem with this method is that if someone sniffs the calls out, they can be exploited as for example activating trial software, setting preferences, using software for activities that weren't meant to be used… Adding passwords or authentication variables to the URL itself do not fix the problem as they are static methods which can also be exploited.

Is there another, more secure way, of doing this? I’ve read something on sockets and other ways to communicate but they seem to be the same if someone can sniff them out. I also though about calling it via command line such as:

1:	backend.exe /call add_user:1.user_name:tester01&return_on_err:0

We can use any of the C#, C++, VB, VC++ languages to code this, but we are missing the the correct approach.

Thank you for all your help.

Answer : SECURE Communication between two EXE files

On top, DCOM can be secured by encryption automatically.