WEB SECURITY ADVISOR
SAP Security: Authentication and single sign-on
Dr. Juergen Schneider
05.07.2001
Rating: -2.33- (out of 5)
This tip is excerpted from "Internet Insights: SAP System Security
for the Intranet and Internet" by Dr. Juergen Schneider in the
April/May/June 2001 edition of SAP Insider.
To authenticate users when they access SAP applications, several
mechanisms are supported (depending on security requirements and the
SAP product release used). Everybody understands the concept of
passwords, along with their advantages (easy to use, remember and
carry around) and drawbacks (weak passwords can be guessed, you may
need several to access different systems and the danger of
wiretapping).
With SAP's SNC option, you can switch off passwords and achieve
single sign-on from a separate security infrastructure deployed in
your company. This can be your Windows NT or Windows 2000 network, or
other security infrastructures as provided by SAP partner products.
It is also possible to equip your users with digital certificates
according to the X.509 standard and use them for SAP logon (with or
without smartcards).
With HTTPS and SSL client authentication, digital certificates can be
used for logon to SAP systems from a standard Web browser over the
SAP Internet Transaction Server (ITS). A painless certificate
enrollment procedure is provided with mySAP Workplace using the SAP
Trust Center Service.
To allow even more options for flexible and secure user
authentication and single sign-on, SAP recently introduced the SAP
Logon Ticket mechanism. Using Pluggable Authentication Services
(PAS), customers can install their favorite authentication service
(for example, NT logon, LDAP logon, RADIUS, etc.) on the ITS and use
it for the initial authentication to the first SAP application, such
as the mySAP Workplace enterprise portal.
Upon successful authentication, an SAP Logon Ticket, which is valid
for a limited period of time (typically a few hours), is created for
the user and stored in the browser's main memory. This ticket is then
used to access other SAP and non-SAP applications without additional
user intervention.
To subscribe to SAP Insider, go to the magazine's Web site.
Related book
Security Fundamentals for E-Commerce
Author : Vesna Hassler
Publisher : Artech House
ISBN/CODE : 1580531083
Cover Type : Hard Cover
Pages : 416
Published : Nov. 2000
Summary:
If you're charged with maintaining the security of e-commerce sites, you need this unique book that provides an in-depth understanding of basic security problems and relevant e-commerce solutions, while helping you implement today's most advanced security technologies. From designing secure Web, e-commerce and mobile commerce applications ... to securing your internal network ... to providing secure employee/user authentication, this cutting-edge book gives you a valuable security perspective you won't find in other resources.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
