Does object serialization support encryption?
Object serialization does not contain any encryption/decryption in itself. It writes to and reads from standard streams in the Java API, so it can be coupled with any available encryption technology. Object serialization can be used in many different ways. Other than just writing and reading to and from files, it can also be used for RMI to communicate between hosts. RMI’s use of serialization leaves encryption and decryption to the lower network transport. We expect that when a secure channel is needed the network connections will be made using SSL or the like (see The Scoop On RMI and SSL).