Security Guide for SAP NetWeaver BI

This guide does not replace the handbook for daily operations that the customer is supposed to create for productive operation.

About this Guide

This guide describes the security-relevant aspects of the usage types BI and BI Java, which are based on the usage types AS ABAP and AS Java. As such, the guide describes the security information that is different or additional to the usage types AS ABAP and AS Java.

The usage type BI and BI Java support the scenarios Enterprise Data Warehousing, Enterprise Reporting, Query, and Analysis, as well as Business Planning and Analytical Services. If you want to implement these scenarios, additional usage types are required.

The following table provides an overview of the relevant security guides:

Application

Security Guide

Application Server for ABAP

Application Server for Java

SAP NetWeaver Application Server ABAP Security Guide

SAP NetWeaver Application Server Java Security Guide

Enterprise Portal

Knowledge Management

Portal Security Guide

Knowledge Management Security Guide

Process Integration

SAP NetWeaver Process Integration Security Guide

Why Is Security Necessary?

SAP NetWeaver BI serves to integrate, transform, and consolidate data from all areas of an enterprise in order to provide this for analysis, interpretation and distribution. This includes confidential corporate data, for example, personal data from Personnel Administration. Decisions are made in all enterprise areas and target-oriented actions are determined on the basis of this data. For this reason, security when accessing data and the ability to guarantee data integrity is of great importance.

The following examples show the dangers to which BI can be exposed:

·        Attacks from the Internet or Intranet when using BEx Web functionality and Web Services

·        Infringement of data protection guidelines through unauthorized access to personal data

Target Groups

·        Technical consultants

·        System administration