Providing the collaborative features of an efficient database system and a standard emailing tool, Notes is entirely targeted to bring out better security features for enterprise users.
The Domino server associated with Notes can be regarded as the guardian of data saved in the database.
It is designed to accept data only from entities who have created data on it and not from any other person. Further, it allows to access data to only those entities who are authorized to do it.
The Domino server is all about this security functional. Let us know more about the security attributes of Domino system.
Security basis of Domino Server/Lotus Notes Client
The User ID is basically a file that is created when a Domino system administrator registers a person as a user.
Domino server employs these User ID in order to identify a specific user and administer the mode of access to the server. When a user starts up Notes for the first time on the machine, the User ID gets transferred to the system.
Point to Understand
What Is Basically The Purpose Of User ID File?
It is a file that inimitably recognizes a user to lotus Notes and Domino environment. It is based on the technique of asymmetric cryptosystem that contains a pair of two keys-public and private keys for the method of encryption.
Constituents of Notes ID file
The User ID file consists of the following elements
- Two pairs of public and private keys
- License number of Notes & common name
- 2 certificates for users
- For certifier, one certificate
Besides that, the User id also contains details like the name of organization, password, and information related to certifier.
Default Location of User ID File
The User ID is also referred as user.id or it can be in the form of name with .id extension.
User should be extremely careful and protect this file from outside access.reason being some other person can use this Id and pretend to be the original authenticated user on Lotus Notes Operating Sytem.
However, if the system is pass-word protected then it dosen’t matter.
Now, how does the whole system work with the password,lets gain an access to the whole procedure.
Locking up your Password
Notes follows a unique process of authentication. Such kind of authentication is performed on a notes client with the help of the private key.
This key is stored inside the ID file and can be viewed by the user only by providing a correct password.
This password actually performs the role of decrypting the private key with the help of symmetrical encryption technique.
When a specific NSF file is encrypted by the user, only those people who have their keys enlisted in the list of valid readers are able to decrypt the contents.
So when people other than the valid users make an attempt to open the emails or try to open the database of the server, users are prompted to enter a valid password.
Also Read:- Easy ways to download paid android apps for free
How Does The Notes Authentication Work With Id File?
When a Notes client tries to make a communication with domino server for accessing database or email routing, two security methods are followed .
These two procedures use the information associated with the client’s ID in order to verify whether the client is legitimate or not? This is known as validation and authentication.
What Exactly Happens in Validation and Authentication?
Validation is the process of establishing the trust of public key of client. Authentication procedure begins the moment, validation is successfully completed.
Authentication is used to establish the identity of a user. For this, it employs the private and public key pairs of the client and server.
What happens when a User Id has been Compromised/Stolen?
Whenever there is such a case, enable the field “check passwords on Notes Id’s”.
On enabling this field, a password digest is created by the Notes clients from the password located in the User ID files and then sends this digest and the certificates to the Domino server.
Now, the server saves this password digest in the user’s document. Every time the user logs into the server, it compares the newly received password digest with that of the stored one.
If both the passwords are identical then the server authenticates the user.
Corruption of Password-Protected NSF Files
Sometimes it happens that the NSF files which are password-protected are required to be converted into Outlook PST file format.
In such cases, there is usually a problem with users for how to migrate password-protected files to Outlook platform.
Here, they can depend on a number of third-party solutions like SecuraSoft NSF to PST Converter which available in the market to convert NSF protected mails to PST.