This course will provide information about the fundamentals of the SAP authorization concept, using SAP R/3 Enterprise. However, these. ADM SAP Authorization Concept mySAP Technology Date Training Center Instructors Education Website Instructor Handbook Course Version: Q2. ADM SAP Authorization Concept mySAP Technology Date Training Center Instructors Education Website Instructor Handbook Course.

Author: Tomi Zulkidal
Country: Central African Republic
Language: English (Spanish)
Genre: Art
Published (Last): 6 June 2008
Pages: 150
PDF File Size: 1.56 Mb
ePub File Size: 17.24 Mb
ISBN: 901-3-93743-756-9
Downloads: 82233
Price: Free* [*Free Regsitration Required]
Uploader: Zulujora

Skip to main content. Log In Sign Up. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG.

The information contained herein may be changed without prior notice. Some authorizatuon products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. All other authorkzation mentioned are trademarks or registered trademarks of their respective companies. About This Handbook This handbook is intended to complement the instructor-led presentation of this authoriztion, and serve as a source of reference.

It is not suitable for self-study. Typographic Conventions American English is the standard used in cincept handbook. The following typographic conventions are also used. Type Style Description Example text Words or characters that appear on the screen. These include field names, screen titles, pushbuttons as well as menu names, paths, and options. Also used for cross-references to other documentation both internal in this documentation and autorization in other locations, such as SAPNet.

Example text Screen output. This includes file and directory names and their paths, messages, names of variables and parameters, and passages of the source text of a program. Example text Exact user entry. These are words and characters that you enter in the system exactly as they appear in the documentation.

Pointed brackets indicate that you replace these words and characters with appropriate entries. Basic Terminology of Authorizations Working with the Profile Generator Integration into the Company Landscape However, these fundamentals can, for the most part, be adapted to other components. Basic knowledge about the SAP environment is vital for this training course. Target Audience This course is intended for the following audiences: Authorizations in General What Are Authorizations?

Subtleties of Authorization Maintenance 20 Minutes Unit 5: Basic Settings Profile Generator: Installation and Upgrade 60 Minutes Exercise 8: Troubleshooting and Administration Aids 25 Minutes Unit 6: Transporting Authorization Components foncept Minutes Unit 7: At the start of the course, introduce the individual units and lessons.

This provides the participants with an overview of the contents. authoeization

Customers usually come to the course with questions and want to ask these as soon as possible. If you introduce the content, they know that the desired topic is part of the course, and usually keep their questions to the appropriate time. Mention the focus of this course. This is the entry point into the topic of authorizations.


The structure and implementation of an authorization is then described using a five phase model.

This example will make it easier to build and structure an authorization concept. Unit Overview This unit is the entry point into the topic of authorizations. Unit Objectives After completing this unit, you will be able to: Creating and Implementing an Authorization Concept It will also provide an introduction to the topic of authorizations and the role-based authorization concept, using a number of overview figures. Lesson Objectives After completing this lesson, you will be able to: After considering some general information, the security concept in the authorizatiln of the SAP system is discussed.

The role of the Authoriaztion authorization concept within the security concept is then explained.

Business Example Authorizations are used to control access at the afm940 level. At this level, the term role is at the center of the SAP authorization concept. The system must also be protected at the operating system, database, network and front end levels in order to implement a comprehensive security concept.

ABAP AS Authorization Concept

Target Group Notes to the User The training materials are not self-teach programs. There is space for you to write down additional information on the sheets. Describe why authorizations cocnept in your own words. Use conceptt bullet points after the next figure or your own experience as a consultant to choose the words for your explanation. Security Expectations Requirements for protecting sensitive data: These include, for example, data protection laws personal data, family status, illnesses, and so onor employee protection.

This applies both to data used externally and to data used internally. Perfect security could only be achieved with cross-dimensional assignment of authorizations.

ADM SAP Authorization Concept, PDF Book in SAP BASIS

However, the benefits achieved in this way are often not relative to the costs incurred. With some values, it is cheaper to replace a loss than to protect the data at great expense. A company should therefore concentrate on areas in which a clear benefit can be realized through this expenditure.

This saves unnecessary investments of time and money. Therefore, a company must be able to weigh up the extraordinary risks of a threat against the costs of a security system. A situation of this type is not favorable for the processes in a company. If this is not done, it is often difficult to remove undesired obstructions to business processes in complex, nested authorizations.

Only with a transparent structure can this be avoided. If problems occur nevertheless, it is only in this way that the places to be maintained can be found.


Use the next figure to discuss the questions that must be asked during the development of a security concept. Discuss the problems of the end users at this point.

If the users have no training or poor training, this could destroy more than they can absorb with one concept. What is to be protected? Which assets must be protected? To which categories do these assets belong for example: When assigning assets to categories, consider the consequences of losing these assets.

When calculating the value of fixed assets, for example, you should take into account the loss of value due to depreciation, damage or theft. What dangers are there? Potential sources of danger are, for example, technology, the environment, or persons.

Important employees leaving the company, dissatisfied or inexperienced employees. Hackers with criminal intent.

Processing errors caused by applications or operating systemsviruses, power supply interruption, hardware failure. Fire, flood, dust, earthquakes. Once you have identified your assets authorizaton the potential sources of danger, you can develop security mechanisms. You must determine an appropriate protective measure for each source of danger. These measures should also be assigned to different categories for example: Training, internal security policy, procedures, roles, responsibilities.

Inclusion of electronics for checks routers. Access authorizations for systems and data. The next figure provides a small overview of the different SAP security levels. Describe the context of ADM briefly.

Provide this information to the participants. This does not mean that SAP does not yet offer a course here. Courses on this topic are provided directly by operating system vendors.

Explain this autgorization the participants. Each level has its own protection mechanisms. To avoid unauthorized system access, for example, system and data access control mechanisms are provided at the application level.

When protecting an SAP system, you must consider the following: This course deals only with the security mechanisms at application level. If a user has access to a system, this certainly does not mean that he or she can run something in the system. A user master record must be created in the system for each user.

This user master record also contains the password that the system prompts the user to enter when logging on. There are numerous mechanisms for preventing unauthorized access to an SAP system that can raise the security level concepr a system if configured appropriately.