Show TOC

Background documentationConsiderations about Data Protection

 

As a technical framework that enables changes to be made to business-critical interface data, the SAP Application Interface Framework is required to save user-related information that could be marked as personal, private, or confidential. The SAP Application Interface Framework provides you with authorizations you can use to limit access to this information.

The following user-related or potentially confidential data is saved and could be accessed using the SAP Application Interface Framework:

  • Single or multi message index table

    The single or multi message index tables, which record aggregated information on a per-data-message-level, contain fields for the following:

    • The user name of the user that processed the message along with the date and time of the initial message processing

    • The user name of the user that last changed the message (restarted or canceled it) along with the date and time of the action

    Data in the single or multi index tables is not visible on any screen in the SAP Application Interface Framework. It can only be accessed through direct database query or the ABAP dictionary.

  • Log of changes in error handling

    Changes to a data message’s field values, which originated from the Monitoring and Error Handling transaction, are recorded in a log table. The following information is saved:

    • The name and path of the changed field along with the old and new value

    • The user name of the user who initiated the change along with the date and time of the change

    The change log data can be viewed in the Error Handling Changes Log (transaction code /AIF/EDCHANGES), which you can access from the SAP Easy Access menu by choosing Start of the navigation path Cross-Application Components Next navigation step SAP Application Interface Framework Next navigation step Administration Next navigation step Log Next navigation step Error Handling Changes Log End of the navigation path. The transaction enables the user to see a list of changes. It is only when the user selects a change log entry and chooses to view the details that the user name of the user who made the change is displayed.

    Note Note

    This transaction is protected by authorization object S_TCODE.

    End of the note.

  • Information contained in interface data

    Depending on your interfaces, message data can contain personal, private, or confidential information. This information can be accessed by all users who have the authorization to display or change messages of the interface in the Monitoring and Error Handling transaction. If you identify such information and do not want the information to be available for error handling, you can define the corresponding structures as Hide Structures. You do this in Customizing for SAP Application Interface Framework under Start of the navigation path Error Handling Next navigation step Namespace-specific Features End of the navigation path.