2.4 Authorizations Authorizations are the key building blocks of SAP security. In many situations, multiple composite profiles can be assigned to a user ID, depending on the role(s) an individual user is responsible for, in i n the business processes. Each user must have a corresponding profile specifically assigned. 2.3 User Ids User ids allow access to SAP applications. The overexistence of the hybrids can defy the very purpose of composite composite profiles and they should be created only when specific needs arise. In practice, a model composite profile should be recognized for each possible role in the organization, which may be used to produce hybrid composite profiles. A composite profile may encapsulate another composite profile(s). As the name suggests, composite profiles may contain multiple user IDs necessary to perform all the business operations associated with a particular role. Figure 2 illustrates the hierarchical authorization concept in SAP.Ģ.2 Composite Profiles Composite profiles refer to the various employee roles available in the corporation (for instance: Purchasing / Receiving Clerk or Accounts Agent). Each profile grants a set of specific system access authorizations to user. The user ID refers exclusively to profiles. The architecture of the authorization system is based upon the utilization of several individuals but related logical components: Profiles, Objects, Fields, and Authorizations. 2.1 SAP Authorization Concept The SAP authorization concept is based upon the logical relationship between a user ID and the range of system authorizations with which it can be associated. Users are only authorized to see or change the parts of the system required by their respective job responsibilities. In SAP, security is administered for objects (profiles and authorizations). The scope of this article is SAP Application Security, which which can be achieved with the help of SAP’s BASIS security application through the concept of authorization. Tight security is required for each of the above components (Network, Workstation, Operating System and Database) as a breach made in one area can compromise the entire system. Interoperability features of a SAP system makes this task a bit more difficult.Ģ.0 SAP Security Components – The Big Picture SAP security in an integrated environment can be viewed in the form of discrete components as shown below (figure 1). With increased potential for security breaches in the computer systems around the world, BASIS consultants face a tough task of maintaining the integrity and administering the security of SAP systems. SAP BASIS addresses all security issues by incorporating an authorization module. Therefore, keeping the security of the organization intact is one of the vital aspects of any SAP implementation. and could easily fall if this was breached. Entire companies have been built up around highly guarded intellectual property and process secrets. This ability to integrate, however, brings with it a particular risk – that of exposing their data to the un-authorized outside world. These companies use SAP to integrate process between themselves for their mutual benefit. Think of wholesalers and distributors, SAP and Oracle, AT&T and BT, or two oil giants who have an upstream joint venture. In many cases organizations today are both partners and competitors at the same time. One of the key benefits SAP brings to an enterprise is the ability to integrate the data both within the enterprise, and between it and it’s partners / competitors. The benefits it i t can bring have led to widespread adoption across the the globe. SAP BASIS and Security Administration 1.0 Introduction SAP has done nothing less than change the entire systems landscape for enterprises. 6 3.4 Administra Administration tion and and Maintenance Maintenance. 4 3.2 Creating and Assigning Authorization Profiles.5 3.3 Auditing Auditing and and Monitoring Monitoring. 4 3.1 User Authentica Authentication tion. 4 3.0 Security Security Configurati Configuration on in SAP. 3 2.2 Composi Composite te Profiles Profiles. 2 2.1 SAP Authorization Authorization Concept Concept. 2 2.0 SAP Security Security Componen Components ts – The Big Picture Picture.
0 kommentar(er)
