Network and Communication Security
Depending on the protocol used, all data (including passwords) is usually transmitted through the network (intranet or Internet) in plain text. To maintain the confidentiality of this data, you should apply transport-layer encryption for both internal communication and message exchange.
For an overview of internal communication and messaging communication, refer to Communication. For an overview of supported security mechanisms on transport level, refer to the table below.
HTTP connections can be secured by using SSL (HTTPS) and RFC connections can be secured by using SNC.
Transport Level Security Mechanisms for Messaging:
|
Transport protocol |
Transport security |
Authentication mechanism |
XI protocol |
HTTP |
HTTPS (SSL) |
User/password, client certificate, SAP assertion ticket |
WS protocol |
HTTP |
HTTPS (SSL) |
User/password, client certificate, SAP assertion ticket, X.509 authentication token, SAML assertion |
IDoc adapter |
RFC |
SNC |
User/password, client certificate |
RFC adapter |
RFC |
SNC |
User/password, client certificate, SAP assertion ticket |
Plain HTTP adapter |
HTTP |
HTTPS (SSL) |
User/password, client certificate |
File/FTP adapter |
FTP |
FTPS (SSL/TLS) |
User/password, client certificate |
SOAP adapter |
HTTP |
HTTPS (SSL) |
User/password, client certificate, SAP assertion ticket In Axis mode also digest and NTLM |
Mail adapter |
IMAP4, POP3, SMTP |
HTTPS (SSL) |
User/password, CRAM-MD5 |
Marketplace adapter |
HTTP |
HTTPS (SSL) |
User/password, client certificate |
RNIF 2.0 adapter |
HTTP |
HTTPS (SSL) |
User/password, client certificate |
RNIF 1.1 adapter CIDX adapter |
HTTP |
HTTPS (SSL) |
User/password, client certificate |