Regarding Security Aspects

Similar Messages

• What kind of security aspects needed in webdynpro application for ABAP?

  Hi Experts,
            What kind of security aspects need to be considered in webdynpro for ABAP application? Do I need to use Autorization check? Where can I use Authorization check in webdynpro for ABAP?
  Please help!
  Thanks
  Gopal

  Hi Gopal,
  you can find the security issues for Web Dynpro ABAP here: http://help.sap.com/saphelp_nw2004s/helpdata/en/af/0489ce55002f44a8c927371bedf719/frameset.htm
  Regards, Heidi

• Which security aspects can be covered with using GG?

  Hi,
  Please explain what are the security aspects which are addressed by GG while doing real-time replication?
  Thanks & Regards,
  Noman.

  Security in what sense? Do you want to encrypt trails? Then use encryption. Do you want to minimize privileges of your GG user? Then follow the chart shown in the installation guide. Do you want to encrypt passwords in parameter files? Use encryption. Do you want to use your own encryption? Then specify that in the scheme/setup.

• I received a pop up regarding security certificates when opening a PDF document today.  Is it safe to say "yes" to the installation of the security updates?

  I received a pop up regarding security certificates when opening a PDF document today.  Is it safe to say "yes" to the installation of the security updates?

  If you opened it with Adobe Reader, then yes: "Yes" is safe (I just did the same thing one minute ago).

• Security aspects of PHP

  What are the security aspects of using PHP with SAP; compared to either "in-house" technologies like BSP or Web Dynpro, or using a J2EE-based environment, based on Java? The biggest drawback of PHP seems to be in the security-related area. How does this open source technology mix with highly secured, sensitive-information SAP installations?
  Trond

  Don't think of it as PHP security, Just think of it as security, and what you want to implement, and what you have available.
  1) Use Active Drirectory and place people in groups which can perform cerain tasks. using the LDAP class in PHP you can enforce those groups.
  2) Prompt users for security information which is sent to SAP. SAP will enforce what the user can or can't do. PHP will be the broker
  3) Develop a local secuirty system within php, perhaps using  something along the lines of http://phpgacl.sourceforge.net/
  4) You could even setup a SecurID security system and implement it with your application.
  Many choices are available, all with plus and minus aspects.

• Regarding Security in OBIEE

  Hi,
  We have 4 regions like UK, India, US, Japan.. when ever UK users logins to OBIEE the dashboard should get defaulted to UK region and user should see UK reports only.
  Similarly if a Japan, US users logins he should see reports corresponding to his region.
  At present we have a prompt where user select the region from the prompt . How to implement the security for this..
  Thanks

  Hi,
  Do the following steps and let me know if it was helpful:
  1. Create a separate table say table1 which will contain the USERID and REGION columns.
  Eg. User1 Region1
  User1 Region2 and so on
  2. Import the table in the physical layer. No need to create BM for it.Check in and save.
  3.Go to Manage - Variables and create a Session - Initialization Block with connection pool pointing to above table and query as select 'REGION1' ,REGION from table1 where USERID=(':USER')
  4. After the block is created go to Business Model and the table in which you want to implement the security.
  Table - Sources - Content tab - add the following in the where clause
  MAINTABLE.REGION IN (VALUEOF(NQ_SESSION."REGION1"))
  Save the rpd. Log in and check if it is working.
  Regards,
  Swati

• Please help me regarding Secure RMI Applet Application

  Hi Friends..
  Currently i use Java Card 2.2.1..
  I'm learning about SecureRMIDemo application that shipped with JCDK 2.2.1..
  Assume that i've loaded the SecureRMIApplet.cap successfully, and i've created the Secure RMI Client using SmartCardIO..
  And then i tried to do any process provided by Purse interface, such as debit, credit, setAccountNumber, etc..
  But i got this error message :
  java.rmi.RemoteException: Signature mismatch
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.throwError(Unknown Source)
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.throwException(Unknown Source)
       at com.sun.javacard.javax.smartcard.rmiclient.CardObjectFactory.getObject(Unknown Source)
       at com.sun.javacard.ocfrmiclientimpl.JCRemoteRefImpl.parseAPDU(Unknown Source)
       at com.sun.javacard.ocfrmiclientimpl.JCRemoteRefImpl.invoke(Unknown Source)
       at com.sun.javacard.samples.SecureRMIDemo.SecurePurseImpl_Stub.setAccountNumber(Unknown Source)
       at testRMIClient.SecureRMIClienrt.main(SecureRMIClienrt.java:27)Yes, i know that, that error message required to ensure that the application run in the Security context..
  But for me, who just getting started to Java Card Security, it becomes a problem... :(
  The message error tells that the Signature is mismatch..
  And then how to set this Signature before do any process in the SecureRMI Client application?..
  Since there's no way to set the Signature through Purse interface..
  Please help me regarding this..
  Thanks in advance..

  Thanks Shane for your reply..
  does it mean i've to send APDU?.. Because in the MySecurityService class code there's method that checks the CLA and INS byte..
  Or can i send an APDU Object while we're using the Java Card RMI Application mode?..
  Actually, in my opinion, i would say that if we use RMI mode, we don't need APDU Command anymore..
  Please correct me if i'm wrong..
  Thanks in advance..

• Regarding Security In SAP XI

  HI All,
  What is the Purpose of Security in SAP XI ???
  When We will USe it And How We Will Use this ????
  Regards
  Vamsi

  Krishna,
  If your user id is not secure then you can do any changes in XI. So to control this we need to have some secured roles for every user.
  It is used for message level security also. Check this document:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Regards,
  ---Satish

• Regarding security in Xi

  hi
  how can we handle security in Xi,i mean if i connect different systems using Xi
  how can flow of files  from one system to other system be secure.
  regards
  ramakrishna

  HI Ramakrishna
  Check the following links.. you will get the information all about the securities...
  http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
  Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Also find soeminformation in these links
  http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
  You can define a security level for incoming messages handled by certain HTTP-based sender adapters.
  Possible HTTP security levels are (in ascending order):
  -- HTTP without SSL
  -- HTTP with SSL (= HTTPS), but without client authentication
  -- HTTP with SSL (= HTTPS) and with client authentication
  This will clear most of ur doubts
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
  Cheers..
  Vasu
  <i>** Reward Points if found useful **</i>

• Boolean return value & security aspect

  Again in the JCOP specification I read these lines:
  In case the Java Card API method returns the boolean value, it should be immediately transferred to a short representation. Now I am having this part of the code:
  boolean status = false;
            status = pin.check(buffer, (short) OFFSET_CDATA, (byte) lc);
            crypto.updateCIAPinByP2(p2, pin);
            if (!status) {
                 ISOException.throwIt((short) (ISO7816Ext.SW_PIN_INCORRECT_TRIES_LEFT | pin
                           .getTriesRemaining()));
            }Is this optimal regarding to the lines at the beginning of the post. Do I need to do this:
            boolean ret = pin.check(buffer, (short) OFFSET_CDATA, (byte) lc);
            short status = ret ? (short) 0xA5A5; (short) 0x5A5A
            crypto.updateCIAPinByP2(p2, pin);
            if (status == (short) 0x5A5A) {
                 ISOException.throwIt((short) (ISO7816Ext.SW_PIN_INCORRECT_TRIES_LEFT | pin
                           .getTriesRemaining()));
            }Also, the specification says that to ensure the security of the system, variables of type Boolean should not be used for storing security relevant data. Instead a short value should be used and a constant for True and a constant for the False. Should be defined and used. It is also said that these short values, representing Boolean values, shall be checked for the integrity in any kind of branching which would have an impact on security function. My question why is that so? Regarding to this text, do I need to modify anything in the first code because the returned variable is the local which value is stored in RAM?

  In the code from the first post, in order to have the most secure code, I believe that I need to implement double check of PIN value:
  public static final short TRUE = (short) 0xA5A5;
  public static final short FALSE = (short) 0x5A5A;
  status = pin.check(buffer, (short) dataOffset, (byte) lc) == true ? IASECCUtil.TRUE : IASECCUtil.FALSE;
  if(status == IASECCUtil.TRUE) {
       status = pin.check(buffer, (short) dataOffset, (byte) lc) == true ? IASECCUtil.TRUE : IASECCUtil.FALSE;
  }In this example, if at the first line, the result of the method check() is false but the fault occurs on the bus (transient fault) between the RAM and CPU register, then the program flow will be able to reach the second line that contains the check. The double check will not be affected by a second fault because the time to charge the laser is much larger. Is this correct?

• Bit of a strange question regarding security and internet connection

  This is a bit of an odd question so bear with me for a moment.
  I sold my old G4 to someone I didn't know yesterday. While he was looking at it to make sure it was working I allowed him to plug my ethernet cable in (connected to both a netgear router and a cable modem) and go online to install an application on the computer he was buying. It did't take long and I didn't actually see what he installed but after he left and I plugged back in to my mac pro, my internet connection started suffering. It started by being very slow and then timing out with servers. I reset the modem and even bypassed the router but the connection did not improve and eventually I could only get a self assigned IP address with no internet, although the modem appeared to be fine.
  Aside from finding my I.P. address at my location, is there anything else he could have compomised security wise, either in the name of harvesting some kind of info or just creating a problem in the cable network when I let him use my connection on the g4?
  I think that most likely I'm being a little paranoid but the timing of this is a bit strange. It literally went down hill just after he left.
  Today the cable company is reporting a wider internet outage than just me but I just though I'd throw it out there to see if there are any security wholes exploitable when someone uses your internet connection (I would think and hope that there are not).
  thanks a bunch

  Well, in the closing the stable door approach it is a good idea to do a complete erase and install when selling any computer. There's lots of references to this and even one about removing a certain file so when they start up they get the brand new Mac greeting window. If you do not erase the drive using the secure erase feature in Disk Utility then with an $80 investment plus an empty spare drive the purchaser can likely recover any files you had on the computer recently if they consider it worth the effort.
  I suspect the internet issue is not related to this, especially since your ISP commented about problems.

• I did not recieve an email regarding security question at  rescue email address

  i forgot my security question answers and i asked to send me the information on my rescue email . but, i did not receive any emails despite sending it successfully from apple
  mac book pro ,OS X 10.9.4

  You need to ask Apple to reset your security questions; this can be done by clicking here and picking a method, or if your country isn't listed, filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (111158)

• Does anyone have any information regarding securing data.

  I want to secure data to assure that each department can only view their own PO's, req's, invoices and payments. Can anyone provide or direct me to the documentation on this? Thank you for any help.

  Hi,
  You can try using security hierarchy or other appropriate document security control, but I'm afraid it only works for purchasing document
  One way is to separate the OU, but that would take an implementation and maintenance effort
  Gerry

• Question Regarding Security Updates 2006-005 and 2006-006?

  Okay I just noticed Apple Security Update 2006-005 and 2006-006 are available for download. Has anyone had any problems with these updates? I remember the Security Update 2006-001 was a nightmare for me -- Safari was broken after that update I had to do a complete OS reinstall then re-update to Mac OSZ 10.3.9 Panther and I only want to update if the likelihood of any problems occuring is very slim. Anyone running Mac OS X on PowerPC chips (i.e. using a PowerBook, an older iMac, Mac Mini, PowerMac etc) or on Intel chips (i.e. MacBook Pro, the new iMacs, new Mac Mini's etc) with Mac OS X Panther, Mac OS X Tiger etc having any problems with either update?

  (10.3.9 Client) seems to have broken my CS2 Version Cue after loading Security Update 2006-006 via Software Update - 27MB or something.
  Though afterwards all apps (Illustrator 12.0.1, Acrobat 7.0.8, PS 9.0.1 and InDesign 4.0.4) open and run fine, Version Cue disappeared from the Desktop Menu and System Preferences and says it's no longer installed, all this immediately after loading the Update and restarting.
  Two restarts and a Repair Permissions haven't resolved the issue. I've downloaded the stand alone Update and have run that but without any luck. I'd had no history of any trouble with any Security Update prior to this, and have run good maintenance schedules.
  I've not seen any other posts or related issues to mine, so maybe it's just my isolated event?

• Question regarding security on this forum please

  I am new here (am assuming label 'Newbie' is related to posts etc?) - can anybody help with this please?  When I click on my user ID when I'm signed in I can see my email address under 'Public Statistics' - yet I can't see anybody else's. Is it only me that can see it? I ask because I really don't want my email address visible in case spam robots read it - this might be a silly question to an experienced user of this forum but do I need to worry? Thanks! Dave T.
  Solved!
  Go to Solution.

  No probs
  Ah, beginner status already - you could have a quick read of http://community.bt.com/t5/Forum-Guidance-Ideas/Ranking-structure/td-p/145 for a bit (12 pages!) of info regarding the ranking structure.
  -+-No longer a forum member-+-