This security guide explains the security features included in SAP NetWeaver usage type Process Integration (PI) and recommends how to apply these features to protect data and to maximize the confidentiality of data that passes through a PI landscape.
The security guide
· describes recommended deployment scenarios
· explains the data protection options offered by each component
· contains a description of how to configure each component for secure communication
The security guide lists the tools that can be used to configure the various security features, but does not include detailed instructions on how to use these tools.
As the central infrastructure for exchanging business documents, PI has to make sure that the involved processes can be executed in a secure manner. Particular security requirements have to be considered if business partners communicate over the Internet.
XML messages may contain confidential business data. In order to protect them against eavesdropping and unauthorized access, the communication lines as well as the storage locations of XML messages need to be made secure.
In addition to the business data exchanged using PI, the various components of PI need to communicate with each other on a technical level in order to keep the infrastructure running. Security requirements apply to these technical communications as well, because confidential information such as user names and passwords may have to be sent or stored, or both.
· Technical consultants
· System administrators
Security guides are not only relevant for a certain phase of the software life cycle, but provide information that is relevant for all time frames.