Security Guides for Connectivity and
Interoperability Technologies
The SAP NetWeaver products are capable of communicating and exchanging data between systems based on various technologies. The security aspects pertaining to the connectivity and interoperability mechanisms used across the SAP NetWeaver platform are described in the following topics:
This guide explains the security aspects that apply to the Internet Communication Framework (ICF) and when using Remote Function Calls (RFC) on the SAP Web Application Server’s ABAP Engine.
●
Security Settings
in the SAP Gateway
This section explains the security settings for the SAP Gateway, which is used for communication between SAP systems and non-SAP systems, including access control and authorizations.
●
Security Guide
ALE (ALE Applications)
This guide explains the security aspects that apply when using Application Link Enabling (ALE), which uses RFC technology, to connect multiple SAP systems.
●
Security Guide
for Connectivity with the J2EE Engine
This guide explains the security aspects involved when using the connectivity technologies with the SAP J2EE Engine, which include security when using the J2EE Connector Architecture (JCA) or the Remote Method Invocation (RMI) and P4 protocols.
The SAP Java Connector (JCo) uses RFC for the communication between the connecting components. Therefore, for JCo security, the security guide for RFC.
● Web Services Security
This section provides an overview of the security aspects relevant when using Web services. It provides an overview of the authentication mechanisms supported, the authorization concepts that apply, data communication security using SSL and using digital signatures.