Showing posts with label SAP SECURITY. Show all posts
Showing posts with label SAP SECURITY. Show all posts

Thursday, 6 October 2016

SECURING YOUR NETWORK: THE BEST APPROACH


A network is said to be a group of two or more computer linked together which are capable of sharing resources.
Authentication is a process of identifying the genuity of an individual before granting access to a particular resource. Authentication aids in access control which in turn helps in achieving security.
Network authentication is a means of verifying the identity of someone over the network before being given access to resources which resides over the network. There are various ways in which we could carryout authentication over a network.
The router is a device that is used for authentication over the network. The router serves as the door that restricts or allows access to a network. Before one could successfully connect to the network there is always a need to provide a name and a password. Security is achieved here through the Strength of the password and the encryption type.
There are basically 3 types of encryption namely;
1.      WEP (Wired equivalent privacy)
2.      WPA (Wifi protected access)
3.      WPA2 (Wired protected access II)
To achieve security (authentication) on a network there are two ways to achieve that;  
In the diagram above a user just needs to get authenticated once to access both applications and the internet.
In this scenario after the authentication has been achieved over the network in order to access the internet you could add an extra security feature which is a domain name server where a username and a password would be required to gain access. In such scenario you can monitor which users have access to the internet, you could determine the amount of data in which a user is consuming, you can limit the data usage of a user to a level.
When trying to log into an SAP system you could restrict access through requesting for a log in details.
Biometric authentication is a way of identification through the evaluation of one or more biological traits of an individual.  This includes the use of fingerprint scanners, Iris scanners, facial scanners, Swipe cards & voice controls etc
SAP biometric authentication software (BIOLOCK) is being produced by Realtime. Biolock identifies who is logging in indisputably, helps in controlling the areas in an SAP system that can be accessed, makes it difficult for impersonation to occur.

Biometric as a form of authentication can be implemented either over the network or on your SAP system.
at No comments:
Labels:

Monday, 8 August 2016

WHY AND FOR WHAT DO WE REQUIRE AUTHORIZATION


   We require authorizations in order to achieve the following;
·         To protect sensitive business data
·         To ensure the smooth running of the business process
·         To determine the cost – benefit relation
When developing a security concept we tend to seek out; what is to be protected (ASSETS), Against what (THREATS) and how do we achieve maximum protection (MEASURES).

FACTORS TO CONSIDER WHEN PROTECTING AN SAP SYSTEM
·         Security must be implemented at all levels; this is because most time an attack could come from the weakest point within the system.
·         Complex authorization is just one aspect of a security concept.

SYSTEM ACCESS CONTROL AND ROLE BASED ACCESS CONTROL
System access control has to deal with users identifying themselves in the system using a valid user ID and a password; Access control has to deal with authority checks for programs and transactions.
Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. In order to work in an sap system, users require a valid USER ID and a user master record must be created for each system user. Authorizations are assigned to a user using profiles in the form of roles which are entered into the user master record

DEFINITION OF TERMS
         i.            Roles:- It is a group of activities performed within a business scenario

       ii.            Profile:- It is a container for authorizations
             Business Scenario: - It is a group of activities performed by employees in their various roles


NOTE: A role consists or contains one or more activities in the business scenario; a single role could be involved in different business scenarios.
When creating roles we use the tcode PFCG; the four core elements of a role include
·         TRANSACTION
·         MENU
·         AUTHORIZATION
·         USER ASSIGNMENT
To view the report on SAP roles use RSUSR070 and enter SAP* to display all the roles supplied by SAP.




at No comments:
Labels:

SECURITY & AUTHORIZATIONS IN SAP

What is authorization?

AUTHORIZATION
                Authorization is the process or a system of giving someone the privilege, access, permission to do or have something.

Authorization in Information Technology is the processing of specifying access rights to a system, data or information. It is a process that confirms what a user is allowed to perform on a system.


SAP AUTHORIZATION CONCEPT
                Security in sap is achieved through the authorization concept; the authorization concept is based upon the logical relationship between a USER ID and the range of system authorizations with which it can be associated with i.e. it is the relationship between a user and the set of activities in which he/she could perform in the system.
The authorization concept helps in establishing maximum security, sufficient privileges (accesses) for end users to fulfill their job duties.  Authorizations are used to control access at the application level.

Note: Authorization concepts seeks to achieve the following 

              a. Maximum Security
              b. Sufficient Privileges (ACCESS)
              c. User Maintenance
at No comments:
Labels:
Subscribe to: Comments (Atom)