Our toolbox ...
Willingness for further training
Depending on whether the user should edit or display the table, either "UPDATE" or "SHOW" can be used here. Enter an X as the value. It is important to use either"'SHOW" or "UPDATE" because a combination will cause an error when calling the parameter transaction. In addition, the table must set the view to be called. Use the "VIEW" field. Finally, the parameter transaction can be created using the "Save" button. As usual, it must be assigned to a package and a workbench order to become available. If a person's role is now assigned permission for this parameter transaction, it can open the specified view above it and does not have the ability to enter all possible views in the SM30.
An SAP HANA system lives on applications. When you develop these applications, you should think about securing them early. Using HTTPS instead of HTTP is one of the basics. In addition, you ensure secure authentication and implement a Secure Software Development Lifecycle to ensure backup in your own developments. In your applications, you better start to check them for risks early on and run this backup process regularly. You can analyse and restrict access to source code later. Create a risk register and address security vulnerabilities in a risk-based manner. The later you discover a risk, the more expensive the fix will be. Further information on SAP Security in addition to the article can be found here. Do you have any further questions or suggestions concerning this topic? Would you like us to go further on the subject? I look forward to your feedback!
Planning and design of the system landscape, system layout, hardware sizing, system monitoring
Database layer: All of a company's data is stored in the database, which is located on a database server. Application programs pull the data they need from the database. This data can consist of data tables, applications or system control tables. In addition, the database also takes new information from users and backs it up.
So-called Access Control Lists (ACL) offer a good possibility to secure your gateway in order to exclude unwanted external accesses to the database of the application server. With the help of the ACL files reginfo and secinfo an access control can be implemented, in which allowed as well as forbidden communication partners can be defined. The reginfo file controls the registration of external programs on the gateway, which means that rules can be defined that allow or prohibit programs. With the help of the file secinfo you can define which users are allowed to start an external program. To be able to use these files, you must set the parameters gw/reg_info and gw/sec_info (transaction RZ11). For more information, refer to SAP Note 1408081.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
Error situations should be catchable: If they are non-critical elements, the following job can perhaps be started anyway.
CANNOT_MODIFY_BUFFER: An attempt was made to modify the transport buffer without success.