Security Directions - Release 6 and beyond SearchDomino.com Webcast Patricia Booth Security and Directory Product Management 9/25/02

Agenda l Market Trends l New Security Features in 6.0 n Crypto update n User Security Dialog n On-line Certificate Authority n Password Management n Execution Control List enhancements n Smart Cards n Off-server access by agents n "Full Admin" access for clientless servers n Browser access to encrypted mail l...and beyond

IDC WW Market Security Opportunity WW security software market $5.1B (2000) to $14.2B (2005) Computer security in 2002 will shift away from perimeter defense in favor of internal access control and authentication management

Security Market Trends Source: CERT Reports of Security Software holes more than doubled from to 2400

l Estimates cost of security related downtime to U.S. business in past 12 months at $273B, WW $1.39T l 12% (down from 17% last year) indicate their companies suffered a total of >24 hours of system downtime in the past year l 11% said companies spent >$1M on security software, hardware, and other expenses; another 22% will spend $100,000 to $1M Information Week Research 4th Annual Global Information Security Survey, (PWC) Cost of Security breaches

Crypto Update l Large key support for Notes protocols n 128-bit RC4 for Notes port encryption n 128-bit RC2 for local database encryption n Underlying changes for 1024-bit RSA keys (will allow backward compatibility) l S/MIMEv3 capabilities l PKIX support in CA l Post-6.0 n Full support for 1024-bit RSA keys n 128-bit RC2 support for bulk encryption keys and named encryption keys

New in Release 6

User Security Dialog

Change Password Dialogs

Local Database Encryption by Default

Encryption / Signing

Domino 6 Certification Authority l Better security n Administrators don't need certifier ID files & passwords n Certifiers can be password- protected on server, either individually or as a group n Tamper-resistant auditing of all activity l CA Process server task l Signs certificates when requested via admin4 l Maintains list of administrators who can approve certificate requests (RAs) l Manage both Notes and Internet (X.509) certificates l Publishes CRLs for Internet certificates and supports CDP l Better support for x.509 extensions

Internet Password Management

Execution Control List Enhancements l Central Administration l Logging of overrides l Better descriptions of what applications are doing l Intersection of rights using nested scripts

What's an Execution Control List?

Information on source of ESAs

Central Administration of User ECLs

Smart Card Support l Smart Card enabled ID file l PIN Prompt replaces password prompt l Smart Card disables itself after 3 wrong guesses l Internet (S/MIME) RSA key pushed onto card l If Card lost or destroyed, ID file must be recovered from backup

Agent Security - R5 l Agents run with the rights of their signer n Allows unprivileged agents on servers n "Out of office" agent n Special privileged signers l Can only access databases local to server where agent is running n Server can only authenticate as itself to another server

Agent Security - New l Server can sign agent "On Behalf of" user n Enable out of office agent via the web l Agent can open off-server databases n...if its server is privileged on the remote server l Unrestricted agent can choose to bypass ACLs locally

Agent Security - Futures l Agent should run with intersection of rights of its modifiers n Joe wrote the agent n Alice enabled the agent n The agent runs on server BigIron/dotcom l If all three are on the database ACL, access is allowed

Full Administrator Access l Suppose no managers listed on ACL of database l Old solution n Run Notes client locally on server platform l Current solution n Copy database as a file to machine supporting Notes client n Fix the ACL n Copy database as a file back to server l 6.0 solution: Full Administrator Access to server can bypass all ACLs

Roaming User Support l Permits use of Notes Client by downloading ID file from server l Server never learns the user's password l Eavesdropper cannot test guesses of user's password l Separate expensive interaction with server for each password guessed

Looking Forward... l Configuration options for better CA security l Smart card integration with more environments l Common PKI for Notes and Internet l Ease of administration & auditing n Common configuration for users and servers l Intersection of rights n Agents n Active Content - Change History l Managing Active Content on the Web

Submit your questions now by clicking on the “Ask A Question” button in the bottom left corner of your presentation screen. Q & A