Authorizations in SAP S/4HANA and SAP Fiori
eBook - ePub

Authorizations in SAP S/4HANA and SAP Fiori

  1. 850 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Authorizations in SAP S/4HANA and SAP Fiori

About this book


Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Authorizations in SAP S/4HANA and SAP Fiori by Alessandro Banzer,Alexander Sambill in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.

Information

Publisher
SAP PRESS
Year
2020
Print ISBN
9781493220366
eBook ISBN
9781493220373
Edition
1
Topic
Computer Science
Subtopic
Computer Science General
Index
Computer Science

1 Introduction to SAP Authorizations

This chapter introduces you to the topic of authorizations in SAP, why and when authorizations are needed, and how to implement authorizations in SAP Business Suite as part of your security framework. Weā€™ll reflect on the evolution of SAP systems and its effect on security, which is no longer a matter for your application layer only. Security has become even more important on the layers underneath (typically an SAP HANA database) and above (SAP Fiori or any other client). In addition, weā€™ll shine a light on current trends, including digitalization, big data, connectivity, platforms, and their effects on todayā€™s SAP landscapes as we move to hybrid environments consisting of both on-premise and cloud-based solutions. This chapter emphasizes the authorizations point of view when operating such a hybrid SAP system landscape.
SAP technology has significantly changed in recent years. New technologies have been introduced; platforms, modules, and solutions have been consolidated; and new applications have been integrated. In this process, SAPā€™s cloud-first strategy has impacted entire business processing and system landscapes. The power of modernization and digitalization has also driven a focus on the user experience (UX). However, whether application security is still guaranteed with all these changes is not always clear.
Whenever we talk about security concepts, two terms are commonly tossed around, leading to confusionā€”authentication and authorization. Authentication is when the user logs on to an SAP system with a user name and password or other credentials. An authentication provider validates if your user name and password are correct and allows you to log on. Authentication determines ā€œwho you areā€ but not ā€œwhat you can do.ā€
Once a user is authenticated, authorizations come into play to define what the end user can do in the system. A user without authorizations can still log on to the system but is not enabled to use any functionalities within due to missing authorizations. At this point, the user is authenticated, but not authorized.
A common concern is designing authorizations in the right way so your organization can manage access effectively and efficiently. In this chapter, weā€™ll focus on the term ā€œauthorization,ā€ describing its necessity, its various types, and how it fits into the SAP world.

1.1 What Are Authorizations?

Authorizations enable end users to perform activities in a system, from a business operations point of view. Typically, end users have dedicated responsibilities and tasks for which they require specific authorizations. Lacking authorization results in missing access to particular system functions. Access requirements vary across business functions. In rare scenarios, a user may even require several position-specific authorizations due to cross-functions, deputy roles, or job-sharing.
Authorizations also enable the management of access to sensitive functions or data. As such, access to mission-critical system functions or sensitive business data may not be granted to all users. Unauthorized access could result both in a violation of internal policies, as well as a violation of laws or regulations, such as data protection requirements.
Generally, various requirements affect how the access model is designed and how access is granted to your users. These requirements can generally be categorized in the following way:
  • External requirements
    • Legal obligations (Sarbanes-Oxley Act, Foreign Account Tax Compliance Act [FICA], General Data Protection Regulation [GDPR], Law of Obligations)
    • GxP requirements (Good manufacturing practices)
    • Industry standards (IEEE standards)
    • Certifications (Cybersecurity Maturity Model Certification, ISO/IEC 27001 ā€” Information security management)
  • Internal requirements
    • Internal controls (over financial reporting)
    • Internal policies (code of conduct)
    • Principles (least privilege)
    • Standards (best p...

Table of contents

  1. Dear Reader
  2. Notes on Usage
  3. Table of Contents
  4. Ā  Preface
  5. 1 Ā  Introduction to SAP Authorizations
  6. 2 Ā  ABAP Authorization Concept
  7. 3 Ā  Designing Authorization Concepts
  8. 4 Ā  Xiting Authorizations Management Suite
  9. 5 Ā  Transaction SU24: Authorization Default Values
  10. 6 Ā  Role Maintenance in Transaction PFCG
  11. 7 Ā  Authorization Analysis, Trace Tools, and Authorization Debugging
  12. 8 Ā  SAP Fiori Authorizations
  13. 9 Ā  User Maintenance
  14. 10 Ā  Access Governance with SAP Access Control and SAP Cloud Identity Access Governance
  15. 11 Ā  Interface Authorizations and Hardening of Interfaces
  16. 12 Ā  Migrating Authorizations to SAP S/4HANA
  17. 13 Ā  Migrating Authorizations to SAP S/4HANA with the Xiting Authorizations Management Suite
  18. A Ā  The Authors
  19. Index
  20. Service Pages
  21. Legal Notes