• Authentication, which reliably verifies that users seeking access to network resources are who they claim to be.
• Digital signatures, where Domino Servers and Notes Clients verify the authenticity of the sender, and ensure that the information received was not modified during transmission.
• Access control, for specifying who can use a resource and what they can do with it. Access control is applicable to servers, individual databases, documents (including those referenced via links) and fields within documents.
• Encryption, for secure communication of information between individual users. Encryption can be applied to: Databases, including documents and fields within those databases, whether they are located on servers or clients.
• Data in transmission channels, including both bulk data transmission between servers and client-to-server transmission. This permits secure transmission across non-secure media, including the Internet.

Features built from these basic security capabilities include:

• Separately configurable security administration "roles" (a form of access control) that permit safe delegation of administrative responsibility.

• Certificate revocation, to instantly deny all access to users whose authorization is revoked. Password expiration allows Domino administrators to enforce an expiration period on passwords for Notes user IDs.

• Secure Internet access and publishing. End-to-end encryption allows for secure communication among Domino Servers via the Internet. Domino fully supports Secure Sockets Layer (SSL), for server authentication and data encryption. Web browsers can be authenticated based on user name and password; administrators can fine-tune browser access based on predefined roles. Execution Control Lists (ECLs) enable users to protect their data against the threat of viruses, mail bombs and other potential dangers of navigating the Internet. ECLs allow users to determine whether a program can execute on the desktop, and whether it can read and/or write data.

• X.509 certification provided by third-party certificate authorities, enabling bi-directional encryption between a browser or other Internet client and the Domino Server.

• Encryption of local databases. Domino Servers and Notes Clients use the private key to perform the encryption, providing secure password protection. Private Key encryption functionality also enables administrators to enforce local security (including the enforcement of access control levels), ensuring that data is secure when end users or third parties replicate a protected database.