This course will provide information about the fundamentals of the SAP authorization concept, using SAP R/3 Enterprise. However, these. ADM SAP Authorization Concept mySAP Technology Date Training Center Instructors Education Website Instructor Handbook Course Version: Q2. ADM SAP Authorization Concept mySAP Technology Date Training Center Instructors Education Website Instructor Handbook Course.
|Published (Last):||25 December 2014|
|PDF File Size:||6.39 Mb|
|ePub File Size:||7.88 Mb|
|Price:||Free* [*Free Regsitration Required]|
Skip to main content. Log In Sign Up. No part of this publication may be reproduced or transmitted in any form or authodization any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. All other products mentioned are trademarks or registered trademarks of their respective companies.
ADM SAP Authorization Concept | Gustavo Adolfo González Carrizalez –
About This Handbook This handbook is intended to complement the instructor-led presentation of this course, and serve as a source concrpt reference. It is not suitable for self-study.
Typographic Conventions American English is the standard used in this handbook. The following typographic conventions are also used. Type Style Description Example text Words or characters that appear on the screen. These include field names, screen titles, pushbuttons as well as menu names, paths, and options.
Also used for cross-references to other documentation both internal in this documentation and external in other locations, such as SAPNet. Example text Screen output. This includes file and directory names and their paths, messages, names of variables and parameters, and passages of the source text of a program.
Example text Exact user entry. These are words and characters that you enter in the system exactly as they appear in the documentation. Pointed brackets indicate that you replace these words and characters with appropriate entries. Basic Terminology of Authorizations Working with the Profile Generator Integration into the Company Landscape However, these fundamentals can, for the most part, be adapted to other components.
Basic knowledge about the SAP environment is vital for this training course. Target Audience This course is intended for the following audiences: Authorizations in General What Are Authorizations?
Subtleties of Authorization Maintenance 20 Minutes Unit 5: Basic Settings Profile Generator: Installation and Upgrade 60 Minutes Exercise 8: Troubleshooting and Administration Aids 25 Minutes Unit 6: Transporting Authorization Components 15 Minutes Unit 7: At the start of the course, introduce the individual units and lessons.
This provides the participants with an overview of the contents. Customers usually come to the course with questions and want to ask these as soon as possible. If you introduce the content, they know that the desired topic is part of the course, and usually keep their questions to the appropriate time.
Mention the focus of this course. This is the entry point into the topic of authorizations. The structure and implementation of an authorization is then described using a five phase model. This example will make it easier to build and structure an authorization concept. Unit Overview This unit is the entry point into the topic of authorizations. Unit Objectives After completing this unit, you will be able to: Creating and Implementing an Authorization Concept It will also provide an introduction to the topic of authorizations and the role-based authorization concept, using a number of overview figures.
Lesson Objectives After completing this lesson, you will be able to: After considering some general information, the security concept in the context of the SAP system is discussed.
Training Outline ADM SAP AS ABAP – Authorization Concept
The role of the SAP authorization concept within the security concept is then explained. Business Example Authorizations are used to control access at the application level. At this level, the term role is at the center of cnocept SAP authorization concept. The system must also be protected at the operating system, database, network and front end levels in order to implement a comprehensive security concept.
Target Group Notes to the User The training materials are not self-teach programs. There is space for you to xuthorization down additional information on the sheets. Describe why authorizations exist in your own words.
Use the bullet points after the next figure or your own experience as a consultant to choose the words for your explanation. Security Expectations Requirements for protecting sensitive data: These include, for example, data protection laws personal data, family status, illnesses, and so onor employee protection.
This applies both to data used externally and to data used internally. Perfect security could only be achieved with cross-dimensional assignment of authorizations. However, the benefits achieved in this way are often not relative to the costs incurred.
With some values, it is cheaper to replace a loss than to protect the data at great expense. A company should therefore concentrate on areas in which a clear benefit can be realized through this expenditure. This saves unnecessary investments of time and money. Therefore, a company must be able to weigh up the extraordinary risks of a threat against the costs of a security system.
A situation of this type is not favorable for the processes in a company. If this is not done, it is often difficult to remove undesired obstructions to business processes in complex, nested authorizations. Only with a transparent structure can this be avoided. If problems occur nevertheless, it is only in this way that the places to be maintained can be found. Use the next figure to discuss the questions that must be asked during the development of a security concept.
Discuss the problems of the end users at this point. If the users have no training or poor training, this could destroy more than they can absorb with one concept. What is to be protected? Which assets must be protected?
To which categories do these assets belong for example: Adk940 assigning assets to categories, consider the consequences of losing these assets. When calculating the value of fixed assets, for example, you should take into account the loss of value due to depreciation, damage or theft.
What dangers are there? Potential sources of danger are, for example, technology, the environment, or persons.
ABAP AS Authorization Concept
Important employees leaving the company, dissatisfied or inexperienced employees. Hackers with criminal intent. Processing errors caused by applications or operating systemsviruses, power supply interruption, hardware failure.
Fire, flood, dust, earthquakes.
Once you have identified your assets and the potential sources of danger, you can develop security mechanisms. You must determine an appropriate protective measure for each source of danger. These measures should also be assigned to different categories for example: Training, internal security policy, procedures, roles, responsibilities. Inclusion of electronics for checks routers.
Access authorizations for systems and data. The next figure provides a small overview of the different SAP security levels. Describe the context of ADM briefly. Provide this information to the participants. This does not mean that SAP does not yet offer a course here.
Courses on this topic are provided directly by operating system vendors. Explain this to the participants. Each level has its own protection mechanisms. To avoid unauthorized system access, for example, system and data access control mechanisms are provided at the application level. When protecting an SAP system, you must consider the following: This course deals only with the security mechanisms at application level.
If a user has access to a system, this certainly does not mean that he or she can run something in the system. A user master record must be created in the system for each user. This user master record also contains the password that the system prompts the user to enter when logging on. There are numerous mechanisms for preventing unauthorized access to an SAP system that can raise the security level of a system if configured appropriately.