Background documentationSecurity Guide for SAP NetWeaver Mobile Locate this document in the navigation structure

 

Note Note

This guide does not replace the daily operations guide that we recommend customers create for their specific productive operations.

End of the note.

Target Groups

  • Developers

  • Technical consultants

  • System administrators

This document is not part of the Developers' Guide, Installation Guide, Configuration Guide, Administration Guide, or Upgrade Guide. These guides are only relevant for a certain phase in the software life cycle. The Security Guide, in contrast, provides information that affects all the phases of the life cycle.

Why Is Security Necessary ?

The increasing use of distributed systems and of the Internet to manage business data has resulted in an increase in security requirements. With a distributed system, you must ensure that your data and processes support the needs of your enterprise without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation on your system should not result in loss of information or processing time. To assist you in securing the access to business functionality with SAP NetWeaver Mobile we provide this Security Guide.

About This Document

The Security Guide provides an overview of the security-relevant information that applies to SAP NetWeaver Mobile. SAP NetWeaver Mobile consists of the SAP NetWeaver Application Server and the SAP NetWeaver Developer Studio.

The Security Guide comprises the following sections:

  • Before You Start

    This section contains information about why security is necessary, how the document is used, and references to other Security Guides that form the basis of this Security Guide.

  • Technical System Landscape

    This section provides an overview of the technical components and communication paths that SAP NetWeaver Mobile uses.

  • User Administration and Authentication

    This section provides an overview of the recommended tools for managing users, the required user types, and the user synchronization process. An overview of the authentication process, passwords, integration options in Single Sign-On environments and encryption options.

  • Authorizations

    This section provides an overview of the authorization concept that applies to SAP NetWeaver Mobile.

  • Network and Communication Security

    This section provides an overview of the communication paths used by SAP NetWeaver Mobile, and the security mechanisms to be applied. It also incorporates our recommendations for the network topology to restrict the access to network level.

  • Security Configurations in DOE

    This section provides the security-related features that you can configure in the Data Orchestration Engine (DOE).

  • Data Storage Security

    This section provides an overview of all the critical data used by SAP NetWeaver Mobile, and the security mechanisms to be applied.

  • Security Logging and Tracing

    This section provides an overview of the tracing and logging mechanism of the SAP NetWeaver Mobile client.