Search This Blog

Thursday, June 19, 2008

Secure Network Communications (SNC)

Secure Network Communications (SNC) integrates an external security product with SAP systems. With SNC, you strengthen security by using additional security functions provided by an external product that are not directly available with SAP systems.
SNC protects the data communication paths between the various client and server components of the SAP system that use the SAP protocols RFC or DIAG. There are well-known cryptographic algorithms that have been implemented by the various security products, and with SNC, you can apply these algorithms to your data for increased protection.

If you are using standard protocols such as HTTP, then you can use the Secure Sockets Layer (SSL) protocol to provide such protection.

Features
1) SNC secures the data communication paths between the various SAP system client and server components. There are well-known cryptographic algorithms that have been implemented by the external security products supported and with SNC, you can apply these algorithms to your data for increased protection.
2) With SNC, you receive application-level, end-to-end security. All communication that takes place between two SNC-protected components is secured (for example, between the SAP GUI for Windows and the application server).
3) You can use additional security features that SAP does not directly provide (for example, the use of smart cards).
4) You can change the security product at any time without affecting the SAP business applications.

Levels of Protection
There are three levels of security protection you can apply. They are:
1. Authentication only
2. Integrity protection
3. Privacy protection
Authentication only
When using authentication only, the system verifies the identity of the communication partners. This is the minimum protection level offered by SNC.
No actual data protection is provided!
Integrity Protection
When using integrity protection, the system detects any changes or manipulation of the data which may have occurred between the two end points of a communication.
Privacy Protection
When using privacy protection, the system encrypts the messages being transferred to make eavesdropping useless. Privacy protection also includes integrity protection of the data. This is the maximum level of protection provided by SNC.

Constraints
The product that you use must meet the following requirements:
- The product must provide the entire functionality defined in the GSS-API V2 (Generic Security Services Application Programming Interface Version 2) standard interface. SNC uses this interface to communicate with the external security product.
- The functions must be dynamically loadable.
- The product must be available on platforms supported by SAP.
- The product must be certified for use by SAP.

No comments:

Post a Comment