A computer-implemented authentication protocol is used to subvert man-in-the-middle-type attacks on communications between software components that are permitted to interoperate within a processing environment, such as a media processing environment, pursuant to one or more licenses. In one exemplary scenario, a particular application transmits to a particular media processing component (“MPC”), among other things, a cryptographically protected message including a reference to a process in which the application is running and/or a GUID that the application used to invoke the MPC. If the received process and/or GUID are verified, it is possible for in-the-clear communication to occur between the application and the MPC without man-in-the-middle subversion.