Secure network communications and secure store & forward mechanisms within the SAP R/3 system

Abstract

Information security and data protection is gaining more and more importance with business software such as R/3 because: • Business applications become “mission-critical” if companies carry out their most important business processes with them. • Programs and data are subject to a greater danger of loss, change and espionage in client/server environments than in mainframe based systems. • The danger increases even more as the systems become interconnected with publicly accessible LANs and WANs. R/3 processes highly sensitive data (for example, company-internal and person-related information). Therefore a number of security mechanisms are already active in R/3 since the beginning: • authentication of all users by means of passwords, • R/3 authorization concept, and • protection of the communication between front-end and application server by compression. Now SAP enhances the security of R/3 by • Securing online network communications (the SNC Project) and by • Implementing secure store&forward mechanisms for electronic payment (the SSF Project).