Show TOC

Data Storage SecurityLocate this document in the navigation structure

Use

This section provides security-relevant information related to data stored in SAP Process Integration (SAP PI) - dual usage type installation option. The following questions are answered for the individual data storages of an SAP PI instance:

  • Where is the data stored? What kind of data is stored and to what purpose?

  • How can data be encrypted?

  • How can storage duration be reduced?

  • How can data be deleted from the database?

  • How can data access (read and write) be protected?

  • How can data access be logged?

Data Storage

Data is stored in database tables of the different PI components.

The following figure shows an overview the main PI components and their data storages for a dual usage type implementation.

Figure 1: Main Components of PI (Dual Usage Type) Showing the Data Storages

Unauthorized access to stored data needs to be prevented because data can contain sensitive information.

This section provides an overview of the security-relevant aspects of the various storages involved in a PI landscape and provides information on specific measures how to increase data security .

The following table lists the main data storages in a PI landscape (as outlined in the figure) and provides links to detailed information on the security-relevant aspects of the individual data storages.

Data Storage

Data Access

More Information

ES Repository

Stores design time data like, for example, data types, interfaces, and mappings.

ES Builder (user interface)

Data Storage Security for the Enterprise Services Repository

Integration Directory

Stores configuration time data.

The data stored in the Integration Directory is accessed to by the involved runtime engines (using runtime caches), and based on that data, messages are processed by the runtime engines.

Integration Builder (user interface)

Integration Directory programming interface

Runtime cache

Data Storage Security for the Integration Directory

Advanced Adapter Engine message store

Processes messages at runtime.

Message monitoring tools

Data Storage Security for the Advanced Adapter Engine

Integration Engine message store

Processes messages at runtime.

Message monitoring tools

Data Storage Security for the Integration Engine

Note

The Data Access column provides information on the different options how to access (display and edit) the data of the corresponding storage.