Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Role Redesign Tips

Go to solution
Former Member

‎2009 Oct 05 12:42 AM

0 Likes
1,084

Experts,

Do you have any documentation for a good Security Design and SAP recommended design. Your help in getting documentation/ideas related to good security redesign is highly appreciated.

Thanks in Advance

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2009 Oct 05 7:06 PM

0 Likes
848

Try https://service.sap.com/securityguides and the FAQ sticky thread at the top of the forum page.

The SDN Wiki could be another option, but there is nothing specifically about role design there yet.

There is more to secuirty than role design...

Cheers,

Julius

7 REPLIES 7
Read only

Go to solution
jurjen_heeck
Active Contributor

‎2009 Oct 05 7:01 AM

0 Likes
848

Have you had a look at the sticky thread in this forum? You'll find some usefull discussions there. I doubt a general question like yours will get a satisfying answer.

Read only

Go to solution
Former Member

‎2009 Oct 05 8:22 AM

0 Likes
848

Hi

what do you mean good security design?

Read only

Go to solution
Former Member
In response to Former Member

‎2009 Oct 05 4:24 PM

0 Likes
848

So a little details about the current design, we have roles which are derived on non org level values, we have a combination of positional roles, single roles, there are multiple TCODES in multiple roles, we have derived display roles, lot of custom TCODES and programs. We have 28K+ roles in the system .The design was good enough for the client 10 years ago. It has changed a lot lately and need a redesign.We were planning on redesigning and cleanup the system. Wanted to propose a design which can be continued for a while. Hence asking for expert opinions to see how we can start and proceed towards a good design.

thanks in advance

Read only

Go to solution
sdipanjan
Active Contributor
In response to Former Member

‎2009 Oct 05 4:51 PM

0 Likes
848

28K roles !!

Good decision of course. Please go through ASAP method of Role designing or IBM Phase Model. Just to give you one hints: Please do not use several design principle together. Use only one. Like... do not use Standalone Roles several in number(of course there should if your going to use Ref-Derive role design.

Regards,

Dipanjan

Read only

Go to solution
Former Member
In response to Former Member

‎2009 Oct 05 5:13 PM

0 Likes
848

Can you provide me with the links or document attachments for the same

Thanks

Read only

Go to solution
sdipanjan
Active Contributor
In response to Former Member

‎2009 Oct 05 5:19 PM

0 Likes
848

No such Links exists as much as I know. A starting point would be SAP course ADM 940. Another source is the book SAP Authorization System - by SAP Press.

Regards,

Dipanjan

Read only

Go to solution
Former Member

‎2009 Oct 05 7:06 PM

0 Likes
849

Try https://service.sap.com/securityguides and the FAQ sticky thread at the top of the forum page.

The SDN Wiki could be another option, but there is nothing specifically about role design there yet.

There is more to secuirty than role design...

Cheers,

Julius