SAP Authorizations SAP Security Concepts - SAP Basis

Direkt zum Seiteninhalt
SAP Security Concepts
Set up permission to access Web Dynpro applications using S_START
No matter what the reason, it is quickly said that a new authorization concept is needed. But this is not always the case. And if it is, the question is which authorization concept in SAP HCM is the right one. Yes, exactly which concept, because in SAP HCM there are three ways to implement an authorization concept.

The goal of an authorization concept is to provide each user with the appropriate authorizations in the system individually for their tasks according to a previously defined rule. For this purpose, an authorization concept must be defined as the foundation for efficient authorization assignment. In this way, each employee is given system access through the role-specific assignment of authorizations according to his or her tasks. On the one hand, this protects sensitive information and, on the other, prevents damage caused by incorrect use of data.
Service User
With the introduction of security policy, it is now possible to define your own security policy for System or Service users. This way you can ensure that backward-compatible passwords are still used for these users. This eliminates the reason that password rules were not valid for System/Service type users; Therefore, the rules for the content of passwords now apply to users of these types. Password change rules are still not valid for System or Service type users. If you are using security policy in your system, you can use the RSUSR_SECPOL_USAGE report to get an overview of how security policy is assigned to users. This report can be found in the User Information System (transaction SUIM). In addition, the user information system reports have added selected security policies to the user selection. This change was provided through a support package; For details, see SAP Note 1611173.

In an SAP® system, authorizations are not the only focus of the auditor. Essential system parameters are also part of the audit. For this reason, it should also be ensured in advance that all parameters are set up in accordance with the company's specifications. The parameters concerned are all those that ensure system and client security. Among other things, it must be ensured that the production system is protected against any kind of changes and therefore no direct development is possible.

With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.

The Profit Centre is not intended as a reporting unit here.

Create a new query named ZMYSUIM on the entry screen.
SAP BASIS
Zurück zum Seiteninhalt