Secure Storage in the File System

SAP NetWeaver AS for ABAP provides a secure storage in the file system where SAP applications or service components can store access data to other systems and tokens. Data in this area can be encrypted.

Protect access to the secure storage files by limiting the access permissions of operating system users for the SAP system to the least required privileges.

We deliver a default key that ensures data protected by the secure storage in the file system is available during implementation of the system, but is protected with a minimum level of security. The minimum level of security provides for obfuscation. You can choose your own individual key during installation or at a later point in time. Despite the fact that an attacker with access to the file system is difficult to defend against, we recommend that you replace the default key with your own individual key.

To determine if you are using a default key, use the info option of the rsecssfx command of the administration tool. If the info option is not available in your release, use the list option and navigate to the location of the key file. If no key file is present, you are using the default key.