LOTUS DOMINO/NOTES本地化安全扩展设计与实现
|
摘要
Lotus Domino/Notes是IBM公司开发的优秀的办公电子协作平台,包括了通讯、群体合作和对等协调等三大支柱功能,并且提供自由的开发环境,支持全面的标准,它使人们高效地协同工作。Lotus Domino/Notes凭借其强大的功能、简便的管理操作和先进可靠的安全机制,使得它几乎已经成为群件的一个标准。在我国的办公自动化实施过程中,Lotus Domino/Nores得到了广泛的应用。因此,对其安全机制进行研究和拓展,是具有实际需求和重大意义的。
Lotus Domino/Notes系统的安全控制上具有:功能强大,技术面广、控制层次多,配置管理灵活等特点。它具有独特的安全特性,许多密码技术如公钥加密和对称密钥加密,数字签名和数字证书等,被用来保证数据的可靠性和完整性,进而形成了Notes的安全机制。其安全体系具有多个层次,每个层次都有相对的安全控制措施。身份认证是其安全体系中的重要环节,身份认证的安全性基于X.509数字证书。
然而在使用过程中,为提高在软件使用中安全技术的自主性要求以及克服Lotus Notes自身安全机制的一些弱点,针对R5版本设计了本地化安全扩展方案并将其实现。Lotus Domino/Nores本地化安全扩展基于PKI技术,集成了智能卡、数字签名、数字信封、LDAP技术,面向主流的Lotus Notes 5X平台,并且具有能够向高版本移植的可扩展性。安全扩展包括用户登录安全、SSL安全通道和邮件安全三个部分。
Lotus Domino Notes R5中用户登录的安全依赖于用户标识符文件,在本地化安全扩展中,增加了智能密码卡技术的应用。使用智能密码卡保存用户证书和作为用户标识符文件口令的安全随机数,在登录过程中,要求登录用户提供标识符文件、智能密码卡和PIN口令才能成功登录,并在身份认证过程中增加了用户个人证书的验证,增强了Notes登录的安全性和抗字典攻击性。在LotusDomino/Notes中提供了基于512位的RSA密钥对的SSL通道,为了增强安全性,我们使用IIS服务替换Domino服务器的web服务。通过将IIS本地化实现1024位密钥对的SSL通信信道安全。邮件的保护使用了数字信封和LDAP技术。在设计中定义安全邮件报文,使用第三方CA为用户颁发的个人证书和存储在智能密码卡
Lotus Notes and Domino are groupware software of IBM. As an integrated collaborative environment, the Lotus Notes client and the Lotus Domino server combine enterprise-class messaging and calendaring & scheduling capabilities with a robust platform for collaborative applications. As the solution built on an open, unified architecture ,they are widely used and become the standard of multifunctional official platform.. Now they serve as the OA platform for many companies and enterprise in China. So it is in need and meaningful for us to study it's security system and do our own security extension on them.
Lotus Domino/Notes system has many features in security control, such as powerful function, technical extensive and multi-level control, flexible configuration management. And it has many cryptographic techniques, including public key encryption and symmetric-key cryptography, digital signatures and digital certificates etc.These techniques are used to ensure data reliability and integrity, thus forming Notes security mechanisms. Its security system has multiple levels; each level has a relative safety control measures. Authentication is an important component of its security system; and its security depends on X.509 certificate.
Though the security architecture is powerful and complex, it is not perfect. In fact, nothing is absolutely security. When using software, we can't completely rely on the security that offered by it. And security leaks are also found in Lotus Notes. So we should do our own security extension, to insure our security and be active in security. Our security extension based on PKI, which integrated smart card, digital signature, digital envelopes, and LDAP technology. Security extension mainly about Lotus Domino/Notes R5.0 and it's three aspects are: user authentication, transmission security and email/document security.
User ID is the Notes ID for a Lotus Notes user, the ID file contains important information and the password assigned to a user during registration is a mechanism to protect access to the Notes ID file. To defeat dictionary or brute force attacks on ID file passwords and to reduce the risk of password capture, we use intelligent key in our extension. When user log on, he should give the key's PIN, the right certificate and the ID file. Lotus Domino/ Notes implement SSL protocol to achieve internet security.
Lotus Domino/Notes系统的安全控制上具有:功能强大,技术面广、控制层次多,配置管理灵活等特点。它具有独特的安全特性,许多密码技术如公钥加密和对称密钥加密,数字签名和数字证书等,被用来保证数据的可靠性和完整性,进而形成了Notes的安全机制。其安全体系具有多个层次,每个层次都有相对的安全控制措施。身份认证是其安全体系中的重要环节,身份认证的安全性基于X.509数字证书。
然而在使用过程中,为提高在软件使用中安全技术的自主性要求以及克服Lotus Notes自身安全机制的一些弱点,针对R5版本设计了本地化安全扩展方案并将其实现。Lotus Domino/Nores本地化安全扩展基于PKI技术,集成了智能卡、数字签名、数字信封、LDAP技术,面向主流的Lotus Notes 5X平台,并且具有能够向高版本移植的可扩展性。安全扩展包括用户登录安全、SSL安全通道和邮件安全三个部分。
Lotus Domino Notes R5中用户登录的安全依赖于用户标识符文件,在本地化安全扩展中,增加了智能密码卡技术的应用。使用智能密码卡保存用户证书和作为用户标识符文件口令的安全随机数,在登录过程中,要求登录用户提供标识符文件、智能密码卡和PIN口令才能成功登录,并在身份认证过程中增加了用户个人证书的验证,增强了Notes登录的安全性和抗字典攻击性。在LotusDomino/Notes中提供了基于512位的RSA密钥对的SSL通道,为了增强安全性,我们使用IIS服务替换Domino服务器的web服务。通过将IIS本地化实现1024位密钥对的SSL通信信道安全。邮件的保护使用了数字信封和LDAP技术。在设计中定义安全邮件报文,使用第三方CA为用户颁发的个人证书和存储在智能密码卡
Lotus Notes and Domino are groupware software of IBM. As an integrated collaborative environment, the Lotus Notes client and the Lotus Domino server combine enterprise-class messaging and calendaring & scheduling capabilities with a robust platform for collaborative applications. As the solution built on an open, unified architecture ,they are widely used and become the standard of multifunctional official platform.. Now they serve as the OA platform for many companies and enterprise in China. So it is in need and meaningful for us to study it's security system and do our own security extension on them.
Lotus Domino/Notes system has many features in security control, such as powerful function, technical extensive and multi-level control, flexible configuration management. And it has many cryptographic techniques, including public key encryption and symmetric-key cryptography, digital signatures and digital certificates etc.These techniques are used to ensure data reliability and integrity, thus forming Notes security mechanisms. Its security system has multiple levels; each level has a relative safety control measures. Authentication is an important component of its security system; and its security depends on X.509 certificate.
Though the security architecture is powerful and complex, it is not perfect. In fact, nothing is absolutely security. When using software, we can't completely rely on the security that offered by it. And security leaks are also found in Lotus Notes. So we should do our own security extension, to insure our security and be active in security. Our security extension based on PKI, which integrated smart card, digital signature, digital envelopes, and LDAP technology. Security extension mainly about Lotus Domino/Notes R5.0 and it's three aspects are: user authentication, transmission security and email/document security.
User ID is the Notes ID for a Lotus Notes user, the ID file contains important information and the password assigned to a user during registration is a mechanism to protect access to the Notes ID file. To defeat dictionary or brute force attacks on ID file passwords and to reduce the risk of password capture, we use intelligent key in our extension. When user log on, he should give the key's PIN, the right certificate and the ID file. Lotus Domino/ Notes implement SSL protocol to achieve internet security.
引文
[1] William Tworek, George Chiesa, etc. Lotus Security Handbook. IBM. 2004年4月
[2] 兰雨晴等.Lotus Domino/Notes群件技术教程.机械工业出版社.2001.
[3] Banks Michael A.Web psychos stalkers and pranksters.北京:中国水力电力出版社.1998
[4] Atkins Derke.Internet security professional reference.北京:机械工业出版社.1998
[5] Fiona Collins,Soren Peter Nielsen,etc.Lotus Notes and Domino R5.0 Securi ty Infrastructure Revealed. IBM: IBM, 1999年5月
[6] (美)施奈尔著,吴世忠等译.应用密码学:协议、算法与C源程序.机械工业出版社,2000.1:1-13 105-117
[7] W. Diffie, M.E. Hellman. Multiuser Cryptographic Techniques. Proceedings of AFIPS National Computer Conference, 1976: 109-112
[8] Carlisle Adams Steve Lloyd.公开密钥基础设施——概念、标准和实施.冯登国等译.北京:人民邮电出版社.2001.1:P5-P10
[9] R. L. Rivest, A. Shamir, L.M. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, v. 21(2),Feb 1978: pp. 120-126
[10] T. ElGamal. A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985: pp. 10-18
[11] 冯登国.网络安全原理与技术.北京:科学出版社,2003.9
[12] R. Housley, W. Ford, W. Polk, D. Solo. Internet X. 509 Public Key Infrastructure Certificate and CRL Profile. RFC2459. January 1999
[13] (美)Andrew Nash等著.公钥基础设施(PKI)实现和管理电子安全.张玉清等译.北京:清华大学出版社,2003:63 77-79
[14] 谢冬青,冷健.PKI原理与技术.北京:清华大学出版社.2004.1
[15] Chou W. Inside SSL: the secure sockets layer protocol. IT Professional, 2002, 4 (4): 47-52
[16] 张峰岭.SSL数字签名协议.计算机工程,2003,29(7):113-115
[17] 张松.安全协议SSL与IPSec在Web集群中的应用研究.中南大学硕士学位论文.2004.4:8-11
[18] M. Wahl. A Summary of the X. 500(96) User Schema for use with LDAPv3. RFC2256. December 1997
[19] K. Zeilenga. Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational Attributes. RFC3673. December 2003
[20] Hassler V. X. 500 and LDAP security:a comparative overview. 1999, 13(6): 54-64
[21] K. Zeilenga. Feature Discovery in Lightweight Directory Access Protocol (LDAP). RFC3674. December 2003
[22] 莲花软件(中国)有限公司著.Lotus Domino R5安全技术.机械工业出版社.2000年6月
[23] N. Freed, N. Borenstein. RFC2045: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. IETF, 2002
[24] 薛元星.基于智能卡的身份认证技术研究.北京邮电大学硕士学位论文,2005.2:6-8
[25] Wenbo Mao. Modern Cryptography: Theory and Practice.北京:电子工业出版社.2004.5
[26] Marty Jost,Michael Cobb.IIS安全技术.肖国尊等译.北京:清华大学出版社.2003
[27] 王宏等.Domino R5 Web应用设计.科学出版社.2000
[28] 杨波.网络安全理论与应用.北京:电子工业出版社.2002
[29] P. Hoffman. RFC4134: Examples of S/MIME Messages. July 2005
[30] SZD13智能密码钥匙:http://www.datech.com.cn
[31] (美)Matt Riggsby著.Lotus Notes和Domino R5应用程序开发指南.邱仲潘等译.电子工业出版社.2001
[32] IBM. Lotus C API 5.0.7 Reference. IBM, 2001
[33] Heinz Johner, Michel Melor, Harri Stranden, etc. LDAP Implementation Cookbook. IBM, 1999
[2] 兰雨晴等.Lotus Domino/Notes群件技术教程.机械工业出版社.2001.
[3] Banks Michael A.Web psychos stalkers and pranksters.北京:中国水力电力出版社.1998
[4] Atkins Derke.Internet security professional reference.北京:机械工业出版社.1998
[5] Fiona Collins,Soren Peter Nielsen,etc.Lotus Notes and Domino R5.0 Securi ty Infrastructure Revealed. IBM: IBM, 1999年5月
[6] (美)施奈尔著,吴世忠等译.应用密码学:协议、算法与C源程序.机械工业出版社,2000.1:1-13 105-117
[7] W. Diffie, M.E. Hellman. Multiuser Cryptographic Techniques. Proceedings of AFIPS National Computer Conference, 1976: 109-112
[8] Carlisle Adams Steve Lloyd.公开密钥基础设施——概念、标准和实施.冯登国等译.北京:人民邮电出版社.2001.1:P5-P10
[9] R. L. Rivest, A. Shamir, L.M. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, v. 21(2),Feb 1978: pp. 120-126
[10] T. ElGamal. A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985: pp. 10-18
[11] 冯登国.网络安全原理与技术.北京:科学出版社,2003.9
[12] R. Housley, W. Ford, W. Polk, D. Solo. Internet X. 509 Public Key Infrastructure Certificate and CRL Profile. RFC2459. January 1999
[13] (美)Andrew Nash等著.公钥基础设施(PKI)实现和管理电子安全.张玉清等译.北京:清华大学出版社,2003:63 77-79
[14] 谢冬青,冷健.PKI原理与技术.北京:清华大学出版社.2004.1
[15] Chou W. Inside SSL: the secure sockets layer protocol. IT Professional, 2002, 4 (4): 47-52
[16] 张峰岭.SSL数字签名协议.计算机工程,2003,29(7):113-115
[17] 张松.安全协议SSL与IPSec在Web集群中的应用研究.中南大学硕士学位论文.2004.4:8-11
[18] M. Wahl. A Summary of the X. 500(96) User Schema for use with LDAPv3. RFC2256. December 1997
[19] K. Zeilenga. Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational Attributes. RFC3673. December 2003
[20] Hassler V. X. 500 and LDAP security:a comparative overview. 1999, 13(6): 54-64
[21] K. Zeilenga. Feature Discovery in Lightweight Directory Access Protocol (LDAP). RFC3674. December 2003
[22] 莲花软件(中国)有限公司著.Lotus Domino R5安全技术.机械工业出版社.2000年6月
[23] N. Freed, N. Borenstein. RFC2045: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. IETF, 2002
[24] 薛元星.基于智能卡的身份认证技术研究.北京邮电大学硕士学位论文,2005.2:6-8
[25] Wenbo Mao. Modern Cryptography: Theory and Practice.北京:电子工业出版社.2004.5
[26] Marty Jost,Michael Cobb.IIS安全技术.肖国尊等译.北京:清华大学出版社.2003
[27] 王宏等.Domino R5 Web应用设计.科学出版社.2000
[28] 杨波.网络安全理论与应用.北京:电子工业出版社.2002
[29] P. Hoffman. RFC4134: Examples of S/MIME Messages. July 2005
[30] SZD13智能密码钥匙:http://www.datech.com.cn
[31] (美)Matt Riggsby著.Lotus Notes和Domino R5应用程序开发指南.邱仲潘等译.电子工业出版社.2001
[32] IBM. Lotus C API 5.0.7 Reference. IBM, 2001
[33] Heinz Johner, Michel Melor, Harri Stranden, etc. LDAP Implementation Cookbook. IBM, 1999