|
|
|
|
|
|
|
|
|
|
Encrypting fields in Domino and Notes (continued)
Determining whether to use secret key or public key encryption will take some thought and planning. Both solutions have advantages and drawbacks. A secret key approach here would be easy to administer since there are only three privileged users. If the three work in the same location, the key could be distributed to them on a floppy. A public key approach could work well also. Domino will encrypt the fields with all three users' public keys. Only one private key is needed to decrypt the data, so any of the three could read the data when necessary. However, if one of the users leaves the company and is replaced by someone else, you'll need to re-encrypt every document with new user's key while removing the old user's key. To avoid this potential administrative headache, I'd recommend a secret key solution.
The only remaining tasks are to create the key, configure the Employee form to use the key, and distribute the key to the three authorized users. To create a key, select Tools from the File menu, then select User ID. You'll need to enter your password. In the User ID dialog box, select the Encryption icon and click the New button. You'll be presented with the Add Encryption Key dialog box, shown in Figure C.
FIGURE C
Create an encryption key. Click picture for a larger image.
Give your new key a name and add comments so you'll remember what it's for later. You'll also need to decide whether it should be a North American or International key, depending on where your users are. After you create your key, you can use buttons on the User ID dialog to export or email it. You can restrict who can use the key by adding user names to it. You can also restrict the key from being mailed. Make sure you save a copy of the key in a safe place. If the users lose their keys and you don't have a backup, the data is lost forever.
After you've created the key, go back to the form and open the Form Properties dialog. Select the key tab like you see in Figure D.
FIGURE D
Select an encryption key for the form. Click picture for a larger image.
Under Default encryption keys, select the key you just created. Now simply save the form. You're all set. Only people who have the secret encryption key will be able to see the salary information.
In a future article, I'll show you how to get around the one key per form limitation.
Contributing Editor Tom Lowery is President of Portage Associates, Inc., a Notes/Domino consulting firm. He holds an M.S. in Computer Science from Kent State University and is an R5 Principal Application Developer and R5 Principal System Administrator. His hobbies include playing with his son Duncan and flying. Tom can be reached at tom@lowery.net
[ Prev ]
|
|
|
|
|
|
-- Advertisement --
PistolSTAR: the de facto standard for Lotus authentication
PistolStar's Password Power integrates with Microsoft Active Directory to enable single sign-on to Lotus applications and automatic recovery of the Notes ID password via self-service reset of the Active Directory password.
- A single set of credentials to remember - one set of password policies to manage.
- Cost-effective plug-ins integrate smoothly with your environment.
- Proven, ground-breaking technology deployed to millions of users.
Learn more. |
-- Advertisement --
Six Great Tools for IBM Lotus Sametime
- Encrypted and secure, browser-based, persistent chat rooms
- Complete chat logging and auditing
- Easy-to-define IM help desk queues
- Manage buddy lists across any organization
- Integrate awareness into Microsoft Outlook
- High powered, rapid bot development tools
Visit Instant Tech for free trials and more information. |
|
|
|
|
|
|
|
|
