|
Contents:
1.0 Introduction
2.0 SAP Security Components – The Big Picture
2.1 SAP Authorization Concept
2.2 Composite Profiles
2.3 User Ids
2.4 Authorizations
3.0 Security Configuration in SAP
3.1 User Authentication
3.2 Creating and Assigning Authorization Profiles
3.3 Auditing and Monitoring
3.4 Administration and Maintenance
Extracts:
Extract 1 - One of the
key benefits SAP brings to an enterprise is the ability to integrate the data
both within the enterprise, and between it and it’s partners / competitors. In
many cases organizations today are both partners and competitors at the same
time. Think of wholesalers and distributors, SAP and Oracle, AT&T and BT, or two
oil giants who have an upstream joint venture. These companies use SAP to
integrate process between themselves for their mutual benefit. This ability to
integrate, however, brings with it a particular risk – that of exposing their
data to the un-authorized outside world.
Extract 2 - Security
configuration and administration in SAP is a multi-phase process. Four key
security components are required to ensure the adequate security, privacy, and
integrity of information. The phases are as follows:
Extract 3 -
Administrators must
check that default profiles act a template for user defined profiles and are not
directly used in production. Default profiles contain values, which apply to all
application servers. These include: SAP_ALL, SAP_NEW, S_A.ADMIN, S_A.CUSTOMIZ,
S_A.DEVELOP, S_A.DOKU, S_A.SYSTEM, S_A.USER, S_ENT_IMG_GE, S_WF_ALL, and P_ALL.
Other
concepts covered in this paper include: Composite Profiles, User Id's, Profile
Generator, System Logs, Monitoring, Auditing Information System (AIS)
|
