Problem solve Get help with specific problems with your technologies, process and projects.


Security is an important issue for all Internet scenarios.

C-business is collaborative business, in which various business entities, using technology available from SAP, develop their business strategies and tactics in concert. This tip on C-business is excerpted from Cay Rademann's Achieving Successful Business Collaboration Using SAP C-Business Scenarios, in the January, February, March 2001 issue of SAP Insider.


Security is an important issue for all Internet scenarios. You need to address issues such as secure communication channels, authentication, authorization, and the provision of evidence of the business transactions.

Secure communication channels

For secure communication channels, you can use Internet standards like Secure Socket Layer (SSL) or firewalls, and Secure Network Configuration (SNC), a security layer included in the SAP system architecture. These technologies are supported by SAP application components, as well as by the SAP Business Connector and the SAP Internet Transaction Server.

Authentication and authorization

In addition to secure communication, you must ensure that only the right people can access the systems and that they can use only the functions you specify. Authentication -- making sure the right person is accessing your system -- is accomplished through a combination of user ID and password. Digital certificates can be used as well to allow single sign-ons to multiple systems via the mySAP Workplace. The authorization of the different users -- making sure a user accesses only the data and functions he or she is allowed to -- is implemented by assigning roles to the user and authorization objects to the roles. The roles define which transactions the user may use on the system, and the authorization objects define which information the user may access.

For example, you may specify that a partner can only retrieve information about the orders that it has created at your system, and not get any information about the orders of one of its competitors who is also one of your business partners. This can be achieved by following SAP's authorization procedures. With the correct authorizations, you can make sure that users get permission to display only information belonging to their own customer or vendor number on your system.

Transaction evidence

To avoid disputes over a business transaction, you can use the digital signature services in the C-Business Scenario. Digital signatures can specifically identify the "signer" of a digital document and also protect the integrity the document. With digital signatures, you can also state that a partner has created a document with specific content (for example, an approval of a request), or you can confirm each party's obligation to the terms of the document (for example, the terms of a contract).

To subscribe to SAP Insider, go to the magazine's web site.

Did you like this tip? Like it or not, why not let us know? Email to sound off, or to submit a tip of your own.

Related book
Security Fundamentals for E-Commerce
Author: Vesna Hassler
Publisher: Artech House
ISBN/CODE: 1580531083
Cover type: Hard Cover
Pages: 416
Published: November 2000
If you're charged with maintaining the security of e-commerce sites, you need this unique book that provides an in-depth understanding of basic security problems and relevant e-commerce solutions, while helping you implement today's most advanced security technologies.

From designing secure Web, e-commerce, and mobile commerce applications... to securing your internal network... to providing secure employee/user authentication, this cutting-edge book gives you a valuable security perspective you won't find in other resources.

Flexibly structured to give you a comprehensive overview or to help you quickly pinpoint topics of immediate concern, the book includes sections on basic security mechanisms, the specific requirements of electronic payment systems, address communication security, and Web- and Java-related security issues. A full section is devoted to the security aspects of code and customer mobility, specifically mobile agents, mobile devices, and smart cards. Over 70 illustrations help clarify important points throughout the book.

Dig Deeper on SAP security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.