Data Storage Security

Data Storage Location

The data that the TREX queue server (queues) and the TREX index server and the TREX engines (search index, text-mining index, and attribute-engine index) access is stored on the file system in special directories. SAPinst creates the following directory for the TREX instance being installed:

·        On UNIX /usr/sap/<SID>/TRX<instance_number>

·        On Windows <disk_drive>:\usr\sap\<SID>\TRX<instance_number>

The queues and indexes are then stored in the subdirectories /index and /queue. The directory paths are determined by SAP_RETRIEVAL PATH when TREX is installed. In the case of a distributed scenario, the system also stores the data for the queues and indexes in distributed form. The data is not stored in other places, either temporarily or permanently.

Lifetime of Data

The application using TREX (for example, SAP Enterprise Portal) decides on the lifetime of the TREX data.

Type of Data Access

Only read access to data takes place for search requests. If new documents are added to the collection, the indexes and queues have to be changed and enhanced. This takes place using write, delete, or change access.

Level of Protection

Access to the stored TREX data by the application using TREX is as secure as the access control lists (ACLs) of the application in question allow it to be. Configuring secure communication (client/server authentication) ensures that only requests from authenticated clients (TREX Java client) are accepted by the TREX servers. Communication that takes place using these clients is secure. For more information on client/server authentication, see Configuration of the TREX Security Settings.

You protect the TREX configuration files by configuring the security of your file system. You can find details on this in the security documentation for your operating system.