SAP Security

transcript

Dr. Michael Woitass Version 02/04

Security in SAP Systems

FIST Conference26th of November 2004

BarcelonaDr. Michael Woitass

Agenda

Security risks

High-level security in SAP systems

Single Sign-On to SAP

Secure Network Communication (SNC) in SAP

Digital signature of documents (SSF) in SAP

Information security

¿Do organisations need cryptographic solutions?

The competitive advantage of many companies and institutions results from obtaining ad managing information.

The loss of information can generate a serious risk for these organisations.

Without protection internal data may be accessible via the network:

Personal data

Financial data

Customers and providers

Product and service prices

Intellectual proprietary

Confidential corporate information.

SAP systems environment

SAPgui / SAPlogon

SAPlpd

rfc accessSAP RouterSAP Router

WEB Browser

Internet

SAP WEBApplication Server

WEBBrowser

Internet

ITSWEB Server

Insecurenetwork

SAP data are transmitted by an insecure network.

Security of SAP systems

Standard SAP:

The security of SAP systems depends on the security of the network.

The login information (userid and password) can be captured during transmission.

SAP data are transmitted as legible text.

R/3SAPgui / SAPlogon

Security risks

Attack Security purpose

• Man-in-the-middle Authentication• Unauthorised modification Data integrity• Unauthenticated sender Proof of origin• Wiretapping Confidentiality

Appropriate security purposes eliminate the risks.

Security technology

Security purpose Technology

• Autentication Strong authentication• Data integrity Digital signature• Proof of origin Digital signature• Confidentiality Encryption

Asymmetric cryptography provides the technology to guarantee high-level security.

Basics: asymmetric encryption

Encryption and decryptionwith public-key-cryptography

Basics: hybrid encryption

Encryption and decryptionwith hybrid cryptography

Basics: digital signature

Digital signature and its verification

Cryptographic solutions facilitate

Secure Single Sign-On to SAP (SSO)

Encryption of data communications in SAP (SNC)

Digital signature of SAP documents (SSF)

SAP Security

Authenticationwith certificateSecure Sign-On

Secure access to SAP

SecurityLibrary

NetworkInterface

SAPguiClient

NetworkInterface

SAP R/3Server

Single Sign-On by means of:

Crypto libraries at client and server side Strong authentication using digital certificates

Secure Login with certificates

User Server

Generates anarbitrary message

Signs the messagefrom the user

Generates anotherarbitrary message

Verifies the signatureof the server

Signs the messageof the server A

Verifies the signatureof the user

Strong authentication between SAP clients and servers

Secure Single Sign-On

Secure Single Sign-On to all SAP servers

Single Sign-On with smartcards

Certificate and private key

IdentificationwithPIN

Access

Motivation:

• The company wants to establish a Single Sign-On via the logon to the network (e.g. Windows Active Directory authentication, one-time tokens).

• The company uses SAP systems.

• The objective is to implement a certificate-based Single Sign-On to SAP without the need to have a PKI installed.

SSO Integration

Architecture

Windows Logon

Secure LoginClient

UserID, Domain, Password1

Secure LoginServer

scalable

GenerateCertificate

Soft Token

scalable

Active Directory

Architecture

SecurityLibrary

Soft Token

SAP GUI – SAP Server

Single Sign-On Secure Communication

SAP GUIClient

SecurityLibrary

SAP R/3Server

GSS-API GSS-API

Architecture

Web Browser – Web Server

Single Sign-On Secure Communication

Soft Token

InternetExplorer WEB

ServerMicrosoftCrypto

Advantages

High User AcceptanceThe user doesn’t need to learn a new software.The user will not be afflicted to enter his login data again and again.

High SecuritySecure authentication and communication in SAP applications via SNC.Secure authentication and communication in Web applications via SSL.

Reduced AdministrationNo overhead of a Public Key Infrastructure, nevertheless certificate-based login to SAP applications and Web applications.

Reduced CostsReuse of established authentication method.Single Sign-On assures an optimized workflow.

SAP Security

SecurityLibrary

Architecture

Protocol

GSS APIGeneric Security Services

Compression

Workprocess

Integration in SAP with Secure Network Communication (SNC)

Authenticationwith certificate

Secure network

SecurityLibrary

NetworkInterface

SAPguiClient

GSSAPI

SNC NetworkInterface

SAP R/3Server

End-to-End security by means of:

Crypto libraries at client and server side SAP standard interface SNC

SecurityLibrary

Architecture

Protocol

GSS APIGeneric Security Services

Compression

Workprocess

Secure Network Communications (SNC) in SAP

Application Programming Interface standardised by the IETFAbstraction from mechanisms used behind the APICertification within SAP‘s CSP Program (BC-SNC Interface)

Integration on the R/3 server side

SNC configuration: central user administration

Integration in SAPlogon

SNC configuration: selection of the security level

Requerimientos:

La LOPD (Ley Orgánica de Protección de Datos) entró en vigor el 1 de julio de 2002.

La ley exige medidas de seguridad de nivel alto, entre ellos el cifrado de los datos.

Las empresas y administraciones públicas españoles que tienen SAP R/3 y tratan datos de nivel alto de seguridad deberán cumplir con la ley.

Example: Spanish Data Protection Law

Medidas de seguridad de nivel alto:

Los ficheros que contengan determinados datos personales requerirán la implantación de medidas de nivel alto:

– ideología, religion, creencias– origen racial, salud o vida sexual de las personas físicas– datos recabados para fines policiales.

Principalmente, estas medidas consisten en:– el cifrado previo de los datos– el almacenamiento de la información relativa al acceso a los ficheros durante al menos dos años– el almacenamiento de las copias de seguridad en un lugar distinto a donde se encuentren los equipos informáticos.

Example: Spanish Data Protection Law

SAP Security

Digital signature of SAP documents

The digital signature guarantees

the identity of the user

the integrity of the data.

Digital signature in SAP

DigitalDigitalsignaturesignature

Data Data extractionextraction

EncryptionEncryption RSA Algorithm RSA Algorithm with asymmetricwith asymmetric

1.024 Bits1.024 Bitsencryptionencryption

Extraction ofExtraction ofsigned datasigned data

Private keyPrivate key

Example: Project ArchiSig

Electronic Signature of Medical Documents – Integration and Evaluation of a Public Key Infrastructure (PKI) in Hospitals

Workflow in SAP IS-H*MED

SAP IS-H Med SECUDE SecurityLibrary

The secretary writesA medical document.

The Workflow passes the document to the daprtment head.

IXOS-eCONserver

The medical document and the signatures are transferred to the archiving system.

The department head countersigns.

The doctor signs the document.

Time stamp

Document workflow: create, modify, sign, verify

„My letters“

Crear un expediente

Determinar el siguiente paso

Mostrar pdf

Función de firma

Firmar el documento

Enviar a la secretaria

- Tareas

- Lista de documentos

Archivo del documento

Historial de firmas

Verificación

Integration of the signature in SAP IS-H*MED

Certificate-based security technology facilitates:

Secure Single Sign-On to SAP

Encryption of SAP data

Digital signature of SAP documents.

Resume

Security in SAP Systems

¡Muchas gracias por su atención!

Michael Woitass mwoitass@telefonica.net