Zum Hauptinhalt springen Zur Suche springen Zur Hauptnavigation springen
Beschreibung

Stay ahead of security issues with this comprehensive guide! Get click-by-click instructions to configure the essential areas of SAP system security: application, database, platform, and infrastructure. Perform key tasks such as setting up user authentication, securing network protocols, and working with logs in your environment. Whether your system is on-premise or in the cloud, boost your security with expert advice to ensure it stays safe!

Highlights include:

1)SAP S/4HANA

2)SAP Fiori

3)Cloud applications

4)User management and authentication

5)Authorizations and role design

6)Logging and monitoring

7)Data security

8)Client security

9)Kernel security

10)Transport security

Stay ahead of security issues with this comprehensive guide! Get click-by-click instructions to configure the essential areas of SAP system security: application, database, platform, and infrastructure. Perform key tasks such as setting up user authentication, securing network protocols, and working with logs in your environment. Whether your system is on-premise or in the cloud, boost your security with expert advice to ensure it stays safe!

Highlights include:

1)SAP S/4HANA

2)SAP Fiori

3)Cloud applications

4)User management and authentication

5)Authorizations and role design

6)Logging and monitoring

7)Data security

8)Client security

9)Kernel security

10)Transport security

Über den Autor
Dr. Pradeep Kumar Mishra began his professional journey as a university mathematics teacher before transitioning to computer science. He holds a PhD in public key cryptography, with a research focus on elliptic and hyperelliptic curve cryptography, and later moved into industry to apply his security expertise to real-world [...]. Mishra has spent more than 13 years working in SAP security and governance, risk, and compliance (GRC), primarily as a consultant supporting Canada's oil and gas industry. He is a CISSP, CISA, and CRISC-certified professional, through which he has built strong expertise in security and GRC across complex enterprise SAP landscapes.During his academic career, he published over 20 research papers in reputable peer-reviewed journals and conference proceedings. His research contributions are available on Google Scholar here: [...] his technical work, Dr. Mishra is passionate about explaining technology in simple, nontechnical language for a broader audience. Outside of writing and speaking about technology, he enjoys poetry and spending time outdoors.
Inhaltsverzeichnis

... Preface ... 17

... Target Audience ... 17


... How This Book Is Organized ... 18


... Acknowledgments ... 22


PART I ... Application-Level Security ... 23

1 ... User Management ... 25

1.1 ... Types of SAP User IDs ... 26


1.2 ... SAP Standard Accounts ... 28


1.3 ... Transaction SU01: Managing User Account Lifecycle ... 29


1.4 ... Transaction SU10: Managing User Accounts in Bulk ... 42


1.5 ... User Groups ... 49


1.6 ... Tables Related to User Management ... 50


1.7 ... Securing Passwords ... 51


1.8 ... Transaction SUIM: The SAP User Information Management Reports ... 57


1.9 ... Change Documents for Users ... 66


1.10 ... Security Policies ... 67


1.11 ... Miscellaneous User Management Topics ... 70


1.12 ... Summary ... 72


2 ... User Authentication ... 73

2.1 ... The Single Sign-On Concept ... 75


2.2 ... Single Sign-On Technologies for SAP ... 79


2.3 ... Setting Up a Service Provider ... 90


2.4 ... SAP Solutions for Single-Sign On ... 95


2.5 ... Summary ... 99


3 ... Authorizations and Role Design ... 101

3.1 ... SAP Authorization Concept ... 102


3.2 ... The Role Concept ... 125


3.3 ... Transaction PFCG: The Profile Generator ... 140


3.4 ... Mass Change of Field Values in Roles ... 171


3.5 ... More on Transaction Codes ... 173


3.6 ... Spool-Related Authorizations ... 181


3.7 ... Checking Authorizations in ABAP Programs ... 182


3.8 ... Transaction SACF: Switchable Authorizations ... 185


3.9 ... Other Useful Authorizations ... 187


3.10 ... Summary ... 198


4 ... SAP Fiori Security ... 201

4.1 ... Core Foundations of SAP Fiori ... 202


4.2 ... Types of SAP Fiori Apps ... 207


4.3 ... Managing Access to SAP Fiori Apps ... 210


4.4 ... SAP Fiori Authorizations and Role Design ... 232


4.5 ... Summary ... 241


5 ... Client Security ... 243

5.1 ... Client Overview ... 244


5.2 ... Managing Clients ... 245


5.3 ... Securing Clients ... 253


5.4 ... Summary ... 257


6 ... Kernel Security ... 259

6.1 ... Components of SAP Kernel ... 260


6.2 ... SAP Cryptographic Library ... 267


6.3 ... Updating the SAP Kernel ... 270


6.4 ... Patch Management ... 277


6.5 ... Summary ... 285


7 ... ABAP Development Security ... 287

7.1 ... Common Threats and Vulnerabilities ... 288


7.2 ... Managing Access to the Development Environment ... 294


7.3 ... Secure Software Development Lifecycle in ABAP ... 300


7.4 ... Tools and Techniques for ABAP Security ... 304


7.5 ... Summary ... 310


PART II ... Database-Level Security ... 311

8 ... Database Security for SAP ... 313

8.1 ... Securing a Generic Database ... 314


8.2 ... Securing the SAP HANA Database ... 321


8.3 ... Securing Data at Rest: Encryption ... 346


8.4 ... Summary ... 351


9 ... Logging and Monitoring for SAP Databases ... 353

9.1 ... Internal Controls and Audit Cycle ... 354


9.2 ... Database Monitoring Tools ... 360


9.3 ... Logging Tools ... 366


9.4 ... Security-Focused Database Monitoring ... 374


9.5 ... Summary ... 384


PART III ... Platform-Level Security ... 385

10 ... System Profiles and Parameters ... 387

10.1 ... Profiles and Parameters ... 388


10.2 ... Viewing and Maintaining Parameters ... 397


10.3 ... Profile Parameter Governance ... 403


10.4 ... Password and Other Security-Related Parameters ... 405


10.5 ... Summary ... 408


11 ... Transport Security ... 411

11.1 ... SAP Transport Mechanism ... 412


11.2 ... Role Transport ... 421


11.3 ... Authorizations Related to Transport System ... 424


11.4 ... Viewing CTS from a Security Perspective ... 427


11.5 ... Transport Tools ... 429


11.6 ... Summary ... 436


12 ... Logging and Monitoring for the SAP Environment ... 437

12.1 ... Logging and Monitoring at the OS Level ... 438


12.2 ... Developing a Logging and Monitoring Strategy ... 442


12.3 ... Using Blockchain for Logging ... 446


12.4 ... Using SAP Enterprise Threat Detection to Analyze Security Audit Logs ... 451


12.5 ... Connecting SAP Logs to the Enterprise SIEM Tool ... 456


12.6 ... Summary ... 459


PART IV ... Infrastructure-Level Security ... 461

13 ... Network Security ... 463

13.1 ... Network-Level Threats and Defense Strategy ... 463


13.2 ... Network Access Control ... 465


13.3 ... SAP Perimeter and Connectivity Controls ... 479


13.4 ... Unified Connectivity ... 486


13.5 ... Summary ... 491


14 ... Securing Data in Motion ... 493

14.1 ... Decrypting Cryptography ... 494


14.2 ... SSL and TLS Protocols ... 504


14.3 ... Internet Communication Manager ... 515


14.4 ... Summary ... 526


15 ... Securing SAP Infrastructure ... 527

15.1 ... On-Premise Versus Cloud ... 528


15.2 ... Planning for Secure SAP Landscape ... 532


15.3 ... Developing Policies ... 542


15.4 ... Other Infrastructure-Related Considerations ... 548


15.5 ... Summary ... 566


16 ... Securing Cloud-Based Applications ... 567

16.1 ... Identity and Access Management ... 568


16.2 ... SAP Business Technology Platform Security ... 586


16.3 ... Integration Security ... 599


16.4 ... Best Security Practices for Cloud-Based Applications ... 602


16.5 ... Summary ... 607


... The Author ... 609

... Index ... 611

Details
Erscheinungsjahr: 2026
Fachbereich: Datenkommunikation, Netze & Mailboxen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Buch
Inhalt: 622 S.
ISBN-13: 9781493227747
ISBN-10: 1493227742
Sprache: Englisch
Einband: Gebunden
Autor: Kumar Mishra, Pradeep
Hersteller: Rheinwerk Verlag GmbH
Rheinwerk Publishing Inc.
Verantwortliche Person für die EU: Rheinwerk Verlag GmbH, Rheinwerkallee 4, D-53227 Bonn, service@rheinwerk-verlag.de
Maße: 260 x 182 x 35 mm
Von/Mit: Pradeep Kumar Mishra
Erscheinungsdatum: 08.07.2026
Gewicht: 1,228 kg
Artikel-ID: 135489955

Ähnliche Produkte