Novell SecretStore is a service that leverages the security built into Novell eDirectory. Rather than storing user secrets (user name, password, etc.) on the client machine, Novell SecretStore uses a secure central location in eDirectory, which provides fault tolerance and secure management. Because the user is the only person authorized to access his or her secrets when a SecretStore-enabled application authenticates to eDirectory, access is tightly controlled. With SecretStore, user passwords and credentials are never stored or transmitted without being encrypted first. Applications relying on the Novell Core Protocol (NCP) implementation are encrypted using Novell International Cryptographic Infrastructure (NICI), while those implementing Java Naming and Directory Interface (JNDI) encrypt secret information using Secure Socket Layer (SSL) functionality. Encryption and storage of all user authentication information prevents unauthorized access to all SecretStore-enabled applications.
See Novell Core Protocol (NCP) Implementation and JNDI Implementation for more detailed information.