Show TOC

Background documentationIntroduction

 

This guide does not replace the administration or operation guides that are available for productive operations.

Target Audience

  • Technology consultants

  • Security consultants

  • System administrators

This document is not included as part of the Installation Guides, Configuration Guides, Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certain phase of the software life cycle, whereas the Security Guide provides information that is relevant for all life cycle phases.

Why Is Security Necessary?

With the increasing use of distributed systems and the Internet for managing business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation of your system should not result in loss of information or processing time. These demands on security apply likewise to Master Data Governance. To assist you in securing Master Data Governance, we provide this Security Guide.

Since Master Data Governance is based on and uses SAP NetWeaver technology, it is essential that you consult the Security Guide for SAP NetWeaver. See SAP Service Marketplace at Start of the navigation path http://service.sap.com/securityguideInformation published on SAP site Next navigation step SAP NetWeaver End of the navigation path.

For all Security Guides published by SAP, see SAP Service Marketplace at http://service.sap.com/securityguideInformation published on SAP site.

Overview of the Main Sections

The Security Guide comprises the following main sections:

  • Before You Start

    This section contains information about why security is necessary, how to use this document, and references to other Security Guides that build the foundation for this Security Guide.

  • Technical System Landscape

    This section provides an overview of the technical components and communication paths that are used by Master Data Governance.

  • User Management and Authentication

    This section provides an overview of the following user administration and authentication aspects:

    • Recommended tools to use for user management

    • User types that are required by Master Data Governance

    • Standard users that are delivered with Master Data Governance

    • Overview of the user synchronization strategy

    • Overview of how integration into Single Sign-On environments is possible

  • Authorizations

    This section provides an overview of the authorization concept that applies to Master Data Governance.

  • Network and Communication Security

    This section provides an overview of the communication paths used by Master Data Governance and the security mechanisms that apply. It also includes our recommendations for the network topology to restrict access at the network level.

  • Data Storage Security

    This section provides an overview of any critical data that is used by Master Data Governance and the security mechanisms that apply.

  • Enterprise Services Security

    This section provides an overview of the security aspects that apply to the enterprise services delivered with Master Data Governance.

  • Security-Relevant Logs and Tracing

    This section provides an overview of the trace and log files that contain security-relevant information, for example, so you can reproduce activities if a security breach does occur.

  • Appendix

    This section provides references to further information.