Background documentationPersonnel Time Management (PT)

 

Introduction

Note Note

This guide does not replace the administration or operation guides that are available for productive operations.

End of the note.
Target Audience

  • Technology consultants

  • System administrators

This document is not included as part of the installation guides, configuration guides, technical operation manuals, or upgrade guides. Such guides are only relevant for a certain phase of the software lifecycle, whereas the security guides provide information that is relevant for all lifecycle phases.

Why Is Security Necessary?

With the increasing use of distributed systems and the Internet for managing business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation of your system should not result in loss of information or processing time. These demands on security apply likewise to the SAP Personnel Time Management. To assist you in securing the SAP Personnel Time Management, we provide this security guide.

About this Document

This security guide provides an overview of the security-relevant information that applies to the SAP Personnel Time Management.

Overview of the Main Sections

The security guide comprises the following main sections:

  • Before You Start

    This section contains information about why security is necessary, how to use this document, and references to other security guides that build the foundation for this security guide.

  • Technical System Landscape

    This section provides an overview of the technical components and communication paths that are used by the SAP Personnel Time Management.

  • Security Aspects of Data, Data Flow, and Processes

    This section provides an overview of security aspects involved throughout the most widely used processes within the SAP Personnel Time Management.

  • Authorizations

    This section provides an overview of the authorization concept that applies to the SAP Personnel Time Management.

  • Session Security Protection

    This section provides information about activating secure session management, which prevents JavaScript or plug-ins from accessing the SAP logon ticket or security session cookie(s).

  • Network and Communication Security

    This section provides an overview of the communication paths used by the SAP Personnel Time Management and the security mechanisms that apply. It also includes our recommendations for the network topology to restrict access at the network level.

  • Internet Communication Framework Security

    This section provides an overview of the Internet Communication Framework (ICF) services that are used by the SAP Personnel Time Management.

  • Security-Relevant Logging and Tracing

    This section provides an overview of the trace and log files that contain security-relevant information, for example, so you can reproduce activities if a security breach does occur.