BCB/ICI Security

Purpose

This guide describes the security aspects for the Business Communication Broker (BCB) and the underlying Integrated Communication Interface (ICI). Since both components are running on the SAP J2EE Engine - the BCB as library, the BCB administration as web application and the ICI as enterprise application resp. web service -  most of its security features are explained in the SAP Web AS Security Guide for Java Technology.

Why Is Security Necessary?

As the SAP part of the ICI is implemented as web service communicating with the external contact center software via HTTP, there could be attacks from the Internet to this web service. To be safe against such attacks the SAP Web AS with the deployed ICI as well as the external contact center software should be placed behind a firewall at customer side.

With the current ICI version on SAP NetWeaver 04 only HTTP will be supported. Using a HTTPS connection between the SAP J2EE Engine and the external contact center software for exchanging the ICI-related SOAP messages is not possible.

Target Groups

·        Technical consultants

·        System administrators

This document is not included as part of the Installation Guides, Configuration Guides, Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certain phase of the software life cycle, whereby the Security Guides provide information that is relevant for all time frames.


Further Information

See also the Security Guide for the SAP J2EE Engine: