cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Rule Generation (Action & Permission) in RAR

Go to solution
Former Member

on ‎08-21-2009 9:53 AM

0 Kudos

Hi All,

I have a query about rule generation in RAR.

Although action & permission rules are generated automatically in RAR with respect to risk level but

1. How these rules are generated internally.

2. Please differentiate between Action Rule ID (0003005) & Permission Rule ID (e.g. 000300101).

Regards,

Mohit

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-09-2009 1:41 PM
0 Kudos

Hi Mohit,

a risk is the combination of (typically) two functions, lets say fucntion A and function B.

From each combination of an action of function A and an action of function B will be generated a action-rule.

From each combination of an action together with the related persmissions of function A and an action together with the related persmissions of function B will be generated a permission-rule.

Analysis on action level has findings for (e.g) roles which have both transactions. On permission level maybe there won't be a finding, because the role has only ACTVT 03 for one of these transactions.

For example on action level there will be a risk for a role with transaction FS00 and FB01, but not a because object F_SKA1_BUK is just with ACTVT 03 included in role.

Best regards,

Bianca

Show replies
Show replies

Answers (0)

Ask a Question