You can't implement security feature that way. Remoting specification is open, so anyone can create a message, send it to your remoted class and receive a response. Your service cannot reliably determine who called it.
You can implement a custom authorization, and send a secret token with each method call to ensure that only your code calls it.