SAP Basis What is BASIS?

Direkt zum Seiteninhalt
What is BASIS?
KEEP COMPLEXITY PER CAPITA EXPECTABLE
The definition, organisational structure as well as the naming of the SAP basis is historically conditioned by previous SAP software versions and components. This also results in the perception of the SAP basis and the related focus of the SAP NetWeaver and the ABAP system core, which is still widely used today. However, the scope of activities has changed significantly in terms of tasks and technology and will continue to change in view of SAP's perspective and product strategy and the changing roles of IT. In order to accommodate this change and to change perceptions both in the overall context of the SAP ecosystem and within its own company, the SAP basis must develop a new self-understanding and establish a marketing for the publication of its own performance. The underlying information can be found in the master thesis in chapters 7.4 and 9.2.

Presentation layer: The presentation layer is the interface to the users. With the help of SAP GUI, the data is graphically prepared here and made available to the user on the screen. Furthermore, the data newly collected here is passed on to the application programs of the application layer.
SPAM/SAINT - the update tools integrated in ABAP
In the result table USERTCODE are the transaction codes of the SAP users. Afterwards you simply have to output the complete list via "Object > Output complete list". Then save the list via "System > List > Save > Local file". The column Account contains the SAP user. This way you can see the used transactions grouped by SAP user.

In this article on SAP Security Automation I would like to take a look at the future of automated processes in the SAP Security area. For many companies, the topic of security automation still offers a lot of potential in terms of time savings and process optimisation. Our daily work environment offers numerous tasks that could be handled excellently automatically. For this reason, in this article I present two of the possibilities that already exist in the broad area of security automation. Security Automation via SAP Security Check The first option of Security Automation, which I want to introduce here, is the automatic verification of the existing permissions. Have you ever wondered who has critical permissions in your SAP system? And have you ever tried to do this by hand? Depending on the level of expertise and experience of the privilege administrator, this is a time-consuming work. If an audit is also announced and the SAP system is to be checked for critical permissions and segregation of duties, then it is very difficult to meet all requirements and secure the eligibility landscape in this respect. For this reason, various vendors provide solutions to automate the verification of the permission system with regard to critical permissions and segregation of duties using tool support. This allows permission administrators to use their valuable time to correct the errors rather than just looking for them. For example, we use a tool that runs through the verification of over 250 rules. We then get an evaluation of which rules are violated and which points are correct. A simple example of such rules is the use of the SAP_ALL profile. Another would be to grant the jump permission in debugging (S_DEVELOP permission object with the ACTVT = 02 field). These are two relatively simple examples of Security Check tools' rulebook. In addition, queries are also made, which are located in the field of Segregation of Duties. Using this tool allowed us to move from manual validation of critical permissions to an automatic process.

"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.

From a purely technical point of view, each generated authorization role contains a profile from which a user receives the actual authorization objects and authorization characteristics.

To play the latest SPAM update, select Support Package Insert SPAMUpdate.
SAP Corner
Zurück zum Seiteninhalt