Show TOC

SecurityLocate this document in the navigation structure

Unauthorized and unauthenticated access and reading of data in GWM is prevented using various security mechanisms. These mechanisms are designed so that both GWM users and GWM components perform only the actions that they are allowed to perform. This results in the protection of sensitive data and confidential business information, and prevents data from being compromised.

The GWM Security Guide provides information about security aspects, including the following:

  • User administration and authentication
  • Authorizations to access OData services in the SAP Gateway system

This document is not included as part of the installation and configuration guide, as these guides are only relevant for a certain phase of the software lifecycle, whereas the security guide provides information that is relevant for all lifecycle phases.

General Security Considerations GWM

GWM can use open protocols in its communication channels, such as HTTPS. Generally, you must secure your communication channels, to make it difficult for unauthorized persons to obtain sensitive data passing through the channel between an SAP system and GWM.

For instance, you can secure the communication channels with the following example:

  • Secure Sockets Layer (SSL)

  • Designated network segments for communication pathways

  • Security schemes that defend against denial-of-service attacks

In addition, consider the security implications when you enable the cache features in the applications you develop in GWM.