How relevant is SAP Basis?
ABAP Code Security - SAP Code Vulnerability Analyzer / Virtual Forge CodeProfiler for ABAP
The task of SAP Basis is to ensure trouble-free, interoperable and portable (mobile) operation of SAP systems in the company. Interoperable means that independent and heterogeneous IT systems can work together.
SAP Basis consultants are experts in consulting. The job of an SAP Basis consultant has many areas of responsibility, such as designing applications, installing support for SAP modules, analyzing and optimizing processes, creating reports, and modeling and extracting data.
SAP Basis - operation, structure and definition
Overall, the application layer is the link between the database layer on the one hand and the presentation layer on the other. Thus, the applications on the application layer request required data from the database in order to process it afterwards.
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
All risks known for a normal SAP system also apply to a SAP-HANA system.
The definition, organisational structure as well as the naming of the SAP basis is historically conditioned by previous SAP software versions and components.