Documente Academic
Documente Profesional
Documente Cultură
SAP Security
An
Overview
Agenda
1. What is Security
2. Building blocks
3. Common terminologies used
4. Most Common tools in Security
5. CUA
What is Security?
Security concept is same around the globe like in your
normal life, security - means removing or restricting
unauthorized access to your belongings. For example
your Car, laptop or cared cards etc
IT Security?
Information security (sometimes shortened to InfoSec) is
the practice of defending information from unauthorized
access, use, disclosure, disruption, modification, perusal,
inspection, recording or destruction. It is a general term that
can be used regardless of the form the data may take
(electronic, physical, etc...)
SAP Security?
Building Blocks
SU01
PFCG
Authorization
Objects
Authorization Objects are
the keys to SAP security
When you attempt actions
in SAP the system checks to
see whether you have the
appropriate Authorizations
The same Authorization
Objects can be used by
different Transactions
User Buffer?
When a User logs into the system, all of the
Authorizations that the User has are loaded into a
special place in memory called the User Buffer
As the User attempts to perform activities, the
system checks whether the user has the
appropriate Authorization Objects in the User
Buffer.
You can see the buffer in Transaction ???
SU56
Executing a Transaction
(Authorization
Checks)
1) Does the Transaction exist?
All Transactions have an entry in table TSTC
Live Demo
SU53
SU24
SU56
ST01
Common Terminologies
User master
Records
Roles
Authorizations
Authority
Check
user buffer
Authorization
Errors
security matrix
Profiles
Authorization
Objects
User menus
SAP Password
controls
Tools:
SU01
User Maintenance
PFCG
Role Maintenance
SUIM
Authorization Reporting Tree
SU02
Maintain Profiles
SU03
Maintain Authorisations
SU10
User Maintenance: Mass Changes
SU21
Maintain Authorization Objects
SU24
Auth Object check under transactions
SU3
Maintain default settings
SU53
Display Authority Check Values
SU56
Display user buffer
ST01
User trace
SM19
Audit Log Configuration
SM20
Display Audit Log
S_BCE_68002111 List of users with Critical
Authorisations
CUA
Central User Administration is a feature in SAP that helps to streamline
multiple users account management on different clients in a multi SAP systems
environment. This feature is laudable when similar user accounts are created
and managed on multiple clients
Centralized Admin
Data consistency & accuracy
Eliminate redundant efforts