Search This Blog

Wednesday, April 20, 2011

Trust Relationships Between SAP Systems


SAP systems may establish trusted relationships between each other.

If a calling SAP system is known to the called system as a trusted system, no password must be supplied.

The calling SAP system must be registered with the called SAP system as a trusted system. The called system is called the trusting system.

Trust relationships between SAP systems have the following advantages:

·        Single Sign-On is possible beyond system boundaries.

·        No passwords are transmitted in the network.

·        Timeout mechanism protects against replay attacks.

·        User-specific logon data are checked in the trusting system.

Using this feature, you can create a virtual SAP system consisting of various SAP systems that are called remotely. Remote logon data are checked in the trusting system.
 
The trust relationship is not mutual, which means, it applies to one direction only. To establish a mutual trust relationship between two partner systems, you must define each of the two as trusted systems in its respective partner system.
 

For additional security, you can make use of SAP's SNC interface (Secure Network Communications) for third-party security systems such as Kerberos and SECUDE.



No comments:

Post a Comment