The client must be authenticated (use passwords and
PKE).
Is the client allowed to get a new reference
to this object?
Is the client allowed to access this method?
If the client passes the object's reference to another
client, does the new client inherit the old one's
privileges?
Can a stub somehow compromise the client's security by
executing illegal code locally? The stubs need to be
verified.
Are man in the middle attacks possible? Can someone
pretend to be someone else and make client calls on a server?
What about someone pretending to be the server?
Each of the architectures addresses, or fails to address,
these issues in a different way.