SAP Security Modification Solution
Publication Date: 2013-Jan-09
The IP.com Prior Art Database
Disclosed is a technical end-to-end solution to detect, fix and test security issues in SAP® (Systems Applications & Products in Data Processing) custom programs. The solution utilizes a workflow-like approach to ensure complete documentation of the process. Disclosure is a system that transforms custom SAP programs with identified security risks into highly secured programs through automation. The rapid modification approach of the system to ensure SAP security measures is an alternate method to cut down modification costs and human error during SAP security implementation and support projects.
Page 01 of 4
SAP Security Modification Solution
Given a list of selected SAP authorization objects to be applied in custom ABAP programs, inserting these would involve manually typing lines of code. This causes high cost and time with potential quality issues due to human error.
The disclosed solution of the disclosure enables the the rapid and consistent application of authorization objects into SAP ABAP Objects. The solution creates a custom table that will contain the list of authorization objects to be inserted into programs. This will enable users to make any changes from one centralized location instead of having to make changes to multiple programs. Aside from inserting authority objects, this solution also handles the modification of programs with static text elements that could be a security risk for clients.
The disclosure offers an automated approach to modifying multiple objects. It will insert security fixes into programs rather than doing the process repetitively and manually. This will enable these objects to adhere to SAP Security best practices.
The solution of the disclosure will basically have two stages of SAP security fixes. The first stage involves correcting and replacing any static or hard-coded values that are present in SAP ABAP objects. These static values do not adhere to best SAP development and implementation practices, and thus must be removed from objects. The second stage involves the insertion of authorization objects and fields into programs. The solution involves the use of both a custom ABAP Function Module and a Custom Mapping Table in order to accomplish the task.
The main strength of this solution, apart from automation, is the flexibility it offers. Future maintenance of authorization objects are managed in a central location: the Custom Mapping Table. This significantly reduces the need for SAP ABAP Developers when maintaining security checks for custom objects.
As this solution will be packaged with other related solutions, another major advantage of the solution is that it uses the same file format as the programs it comes with. Meaning, only a single file need be exchanged with clients from the initial scanning of programs to the actual application of fixes.
Page 02 of 4
BRIEF DESCRIPTION OF THE DRAWINGS
[Figure 1] This diagram displays the overview of how SAP (Systems
Applications & Products in Data Processing) Security Modification Solution works on end-user's perspective. It is a step-by-step illustration of the whole process of the
Page 03 of 4
[Figure 2] This diagram displays how SAP Security Modification Solution works technically. It shows a detailed overview of how the Solution works.
DESCRIPTION OF THE SPECIFIC EMBODIMENTS Figure 1
[1.1] The automated insertion of static text fixes will be initiated.