10-05-2009 12:42 AM
Experts,
Do you have any documentation for a good Security Design and SAP recommended design. Your help in getting documentation/ideas related to good security redesign is highly appreciated.
Thanks in Advance
10-05-2009 7:06 PM
Try https://service.sap.com/securityguides and the FAQ sticky thread at the top of the forum page.
The SDN Wiki could be another option, but there is nothing specifically about role design there yet.
There is more to secuirty than role design...
Cheers,
Julius
10-05-2009 7:01 AM
Have you had a look at the sticky thread in this forum? You'll find some usefull discussions there. I doubt a general question like yours will get a satisfying answer.
10-05-2009 8:22 AM
10-05-2009 4:24 PM
So a little details about the current design, we have roles which are derived on non org level values, we have a combination of positional roles, single roles, there are multiple TCODES in multiple roles, we have derived display roles, lot of custom TCODES and programs. We have 28K+ roles in the system .The design was good enough for the client 10 years ago. It has changed a lot lately and need a redesign.We were planning on redesigning and cleanup the system. Wanted to propose a design which can be continued for a while. Hence asking for expert opinions to see how we can start and proceed towards a good design.
thanks in advance
10-05-2009 4:51 PM
28K roles !!
Good decision of course. Please go through ASAP method of Role designing or IBM Phase Model. Just to give you one hints: Please do not use several design principle together. Use only one. Like... do not use Standalone Roles several in number(of course there should if your going to use Ref-Derive role design.
Regards,
Dipanjan
10-05-2009 5:13 PM
Can you provide me with the links or document attachments for the same
Thanks
10-05-2009 5:19 PM
No such Links exists as much as I know. A starting point would be SAP course ADM 940. Another source is the book SAP Authorization System - by SAP Press.
Regards,
Dipanjan
10-05-2009 7:06 PM
Try https://service.sap.com/securityguides and the FAQ sticky thread at the top of the forum page.
The SDN Wiki could be another option, but there is nothing specifically about role design there yet.
There is more to secuirty than role design...
Cheers,
Julius