|
|
|
|
|
|
|
|
|
|
|
|
|
|
MORE ENCRYPTION TIPS
Using public key encryption to secure Notes documents
By Tom Lowery
Last month, I described how to use secret key encryption to conceal confidential information in Notes documents. Although I hinted that the same could be done with public key encryption, I didn't provide any details. Some readers took me to task for glossing over the issue. This month I hope to right that wrong.
For a general description of public key encryption and how it differs from the secret key variety, please see last month's article at http://www.dominopower.com/issues/issue199909/encryption001.html. I'll cover the nuts and bolts of public key encryption here.
"Notes architecture assumes public key encryption will be used for mail and secret key encryption will be used for documents."
|
If you look through Lotus' developer documentation, you'll find very little about public key encryption. What you do find will apply to sending mail, not to saving documents in a database. This is because the Notes architecture assumes public key encryption will be used for mail and secret key encryption will be used for documents. I don't think this is stated anywhere explicitly, but it's certainly implied in the design.
Fortunately, we can use an undocumented feature to encrypt saved documents with public keys. The process differs depending on whether your users have the R4 or R5 client. I'll cover the R5 procedure first because it's simpler.
As is always the case with undocumented features: tread at your own risk. Features are often undocumented because they don't work reliably, may change measurably in future releases, or may vanish without notice.
R5 Public key encryption To set up R5 public key encryption, you'll use almost the same procedure I described last month for secret key. Let's go back to the Human Resources database example (if you're not sure what this example is, check out last month's article first). The HR department wants to track each employee's name, department, job title, salary range, and current salary, as shown in Figure A.
FIGURE A
 
The Employee form contains attributes which describe each employee. Roll over picture for a larger image.
Say we want to limit access to the SalaryRangeLow, SalaryRangeHigh, and CurrentSalary fields. First select a field to encrypt. I'll start with SalaryRangeLow. Double-click it to bring up the Field Properties dialog. Click the Options (beanie) tab, and at the bottom of the window under Security options, select "Enable encryption for this field", as shown in Figure B. Repeat this step for each field on the form you want to encrypt, for example SalaryRangeHigh and CurrentSalary.
FIGURE B
 
Enable encryption in the Field Properties dialog for each field you want to encrypt. Roll over picture for a larger image.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
Find unused Lotus Notes groups and clean up your address book
Have you ever wanted to get rid of old Lotus Notes groups that were cluttering up your address book, but you weren't sure if they were used? Find Unused Groups can help.
Find Unused Groups will check your mail and ACL groups to help you determine if they are used, and who uses them.
Learn how to easily clean up your address book. |
-- Advertisement --
Teamstudio Edition 25 has shipped
It's finally here! Now that Teamstudio Edition 25 has shipped, listen to our latest Tool Time audio program to find out what's changed. Updates to all your favorite Teamstudio tools will be discussed.
Plus, you'll get an introduction to Teamstudio Undo (formerly known as Teamstudio Snapper).
Tap here to get started! |
|
|
|
|
|
|
|
|
|
|