Lotus Domino / Notes Localized Security Extended To The Design And Realization

Lotus Notes and Domino are groupware software of IBM. As an integrated collaborative environment, the Lotus Notes client and the Lotus Domino server combine enterprise-class messaging and calendaring & scheduling capabilities with a robust platform for collaborative applications. As the solution built on an open, unified architecture ,they are widely used and become the standard of multifunctional official platform.. Now they serve as the OA platform for many companies and enterprise in China. So it is in need and meaningful for us to study it's security system and do our own security extension on them.Lotus Domino/Notes system has many features in security control, such as powerful function, technical extensive and multi-level control, flexible configuration management. And it has many cryptographic techniques, including public key encryption and symmetric-key cryptography, digital signatures and digital certificates etc.These techniques are used to ensure data reliability and integrity, thus forming Notes security mechanisms. Its security system has multiple levels; each level has a relative safety control measures. Authentication is an important component of its security system; and its security depends on X.509 certificate.Though the security architecture is powerful and complex, it is not perfect. In fact, nothing is absolutely security. When using software, we can't completely rely on the security that offered by it. And security leaks are also found in Lotus Notes. So we should do our own security extension, to insure our security and be active in security. Our security extension based on PKI, which integrated smart card, digital signature, digital envelopes, and LDAP technology. Security extension mainly about Lotus Domino/Notes R5.0 and it's three aspects are: user authentication, transmission security and email/document security.User ID is the Notes ID for a Lotus Notes user, the ID file contains important information and the password assigned to a user during registration is a mechanism to protect access to the Notes ID file. To defeat dictionary or brute force attacks on ID file passwords and to reduce the risk of password capture, we use intelligent key in our extension. When user log on, he should give the key's PIN, the right certificate and the ID file. Lotus Domino/ Notes implement SSL protocol to achieve internet security.