Overview of authorizations in an SAP enterprise portal environment
Sorsa, Petteri (2010)
Sorsa, Petteri
Turun ammattikorkeakoulu
2010
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2013061914408
https://urn.fi/URN:NBN:fi:amk-2013061914408
Tiivistelmä
This Bachelor’s thesis describes how authorizations for an SAP ERP system are built and what different aspects and components are involved when securing enterprise data in an SAP environment.
The first part of the work deals with basic theory of the authorizations and application security of SAP ERP system. Things that are covered also include Sarbanes-Oxley (SOX) act and in more detail the Internal Controls of and enterprise.
We will have a look what are role based authorizations in and SAP environment and what are the different components of authorizations in a Portal solution.
The second part of the Thesis takes a more detailed look on different work phases that are needed when SAP ERP authorizations are built and what is needed from authorization’s point of view to a Portal solution. The thesis describes what different systems are needed and how roles are built for the back end system as well as how users are authorized to use the portal?
From the findings of the second part we can study what affects and challenges the portal brings to traditional authorization model?
The first part of the work deals with basic theory of the authorizations and application security of SAP ERP system. Things that are covered also include Sarbanes-Oxley (SOX) act and in more detail the Internal Controls of and enterprise.
We will have a look what are role based authorizations in and SAP environment and what are the different components of authorizations in a Portal solution.
The second part of the Thesis takes a more detailed look on different work phases that are needed when SAP ERP authorizations are built and what is needed from authorization’s point of view to a Portal solution. The thesis describes what different systems are needed and how roles are built for the back end system as well as how users are authorized to use the portal?
From the findings of the second part we can study what affects and challenges the portal brings to traditional authorization model?