Security 
Features
The Enterprise Portal offers users a single point of access to all functions, information, and services needed to accomplish their daily tasks. Links to back-end and legacy applications, self-service applications, company intranet services, and Internet services are all readily available in the user’s portal. Because the borders between company intranets and the Internet are blurring, comprehensive security is vital to protect the company’s business.
The security features used in the Enterprise Portal include:
· Authentication of portal users using user identification and password, digital X.509 certificates or external authentication services. For more information, see Authentication.
· Single Sign-On (SSO) mechanism to authenticate users to the different data resources and applications, based on a ticketing system and user mapping. For more information, see Single Sign-On.
· Role-based authorization concept for providing personalized content to the user and enforcing access control policies for unstructured content. For more information, see Roles.
· Secure communication between users, portal and external applications with strong encryption and integrity protection using the Secure Sockets Layer (SSL) or the Secure Network Communications (SNC) protocols.
· Integrated user management functionality using directory services to ensure a universal, seamless security solution. For more information, see User Management.
The following figure presents the security architecture of the Enterprise Portal 5.0.
Additional Sources of Information
See also the SAP Enterprise Portal Security Guide on the SAP Service Marketplace at service.sap.com/securityguide. It helps you to determine which security measures you need to take to provide your portal installation with the level of security you require. It covers topics such as secure communications and secure installation and configuration.
For the most recent changes in security, see SAP Note 448831 EP 5.0: Central Note for EP-PIN-SEC (Security).