Secure network communications and secure store & forward mechanisms within the SAP R/3 system

Abstract

Information security and data protection is gaining more and more importance with business software such as R/3 because:

• • Business applications become “mission-critical” if companies carry out their most important business processes with them.

• • Programs and data are subject to a greater danger of loss, change and espionage in client/server environments than in mainframe based systems.

• • The danger increases even more as the systems become interconnected with publicly accessible LANs and WANs.

R/3 processes highly sensitive data (for example, company-internal and person-related information). Therefore a number of security mechanisms are already active in R/3 since the beginning:

• • authentication of all users by means of passwords,

• • R/3 authorization concept, and

• • protection of the communication between front-end and application server by compression.

Now SAP enhances the security of R/3 by

• • Securing online network communications (the SNC Project) and by

• • Implementing secure store&forward mechanisms for electronic payment (the SSF Project).