Start of Content Area

Object documentationPersonal Security Environment (PSE)  Locate the document in its SAP Library structure

Definition

Secure location where a user or component's public-key information is stored. The PSE for a user or component is typically located in a protected directory in the file system or on a smart card. It contains both the public information (public-key certificate and private address book) as well as the private information (private key) for its owner. Therefore, only the owner of the information should be able to access his or her PSE.

This graphic is explained in the accompanying text

For example, the SAP Security Library (SAPSECULIB) stores the application server's information in a PSE. In this case, the PSE contains both the private address book for the SAP System as well as the SSF profile.

Use

The user or component's PSE contains the information needed to create and verify digital signatures and to create or "open" digital envelopes. As part of a system workflow, when the system creates a digital signature for a user, the user usually has to give the system explicit permission to access the information in his or her PSE. For example, he or she must enter the PIN (Personal Identification Number) or passphrase that protects the PSE.

Structure

The exact structure and contents of the PSE are determined by the product that you use. Typical contents of a PSE include the user's public-key certificate, private address book, and private key.