Data Storage Security (SAP Library - Knowledge Management Security Guide)

Data Storage Security

Data in KM

Various types of data are used in Knowledge Management. They are stored in different places.

Data in Knowledge Management

Type of Data	Storage Location	Protected By
Configuration data	Database (see Content Management Configuration).	Security concepts of the DBMS. Access to the portal is controlled by the role concept.
KM portal content (worksets and iView templates)	Portal catalog (database)	Security concepts of the portal (roles), security concepts of DBMS.
KM content (folders and files)	Internal repositories (such as /documents) File system repository /etc	Security concepts of the portal (roles), security concepts of DBMS, permissions at operating system level.
Service data	Database, directory with configuration data in the file system.	Security concepts of the DBMS, permissions at operating system level.
Customer and system-external content (folders and files)	External repositories	Security concepts of the remote server, ACLs, permissions.
Customer and system-external content (folders and files)	Internal repositories (database, file system)	Permissions at operating system level, ACLs.

Data in Repositories

Note that repository managers such as CM or file-system repository managers cannot be created in system directories.

The root directory of a repository manager cannot be located in the system directory of the J2EE Engine. This is because documents can be accessed not only from the portal, but also directly using HTTP.

Virus Check

There is a virus check option in KM for documents for which you have write or read access. You have to configure the virus scan interface of the SAP Web AS for this.

The following are examples of times when you can use a virus check with write access:

· Loading files to KM

· Storing changed data

The virus check can run in the background or be started by a content manager using a report.

For more information, see Structure link Virus Scanner Service.

Temporary Data on the Client PC

Note that KM-specific Internet files are stored on the client PC when the portal is called.

When you use the function Edit Locally, the content of the document in question is stored in a temporary directory on the client PC. When you upload the document to KM, it is deleted from the client PC when the program used to edit it is terminated. If you do not terminate the program, or if the document is locked, it is not deleted from the client PC.

Recommendation

If the client PC is also being used by another user, delete the content from the temporary directories and the browser cache when you have finished your work.

Digital Signatures and Document Encryption

At the moment, Knowledge Management does not contain any digital signatures or functions for document encryption. To digitally sign or encrypt documents, you need to use third-party solutions.