Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

tracking displayed data

Go to solution
Former Member

‎2009 Nov 10 2:27 PM

0 Likes
441

Hi,

What method can be used to track what data user had on his/her screen? There are privacy laws associated with certain data elements such as social security numbers. What method could be used to record each instance where an SAP user displayed data that is classified as sensitive and actually record the data that was displayed?

It may help illustrate this with an example: say it is a bank. customer calls and does not have her account number handy. the call center rep attempts to locate it and finds out by accident sensitive information about another bank customer. The idea here is to have a log that shows that this call center rep was looking for customer account X, but also had on the screen information about customer account Y and that is how that call center rep could have come to possession of the information on customer account Y.

Any ideas on how this could be done are appreciated.

Thank you,

Mike

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2009 Nov 10 4:31 PM

0 Likes
402

1) make one custom table with fields like [sy-uname, sy-datum, sy-uzeit, screen number etc...)

2) Identify appropiate PBO Module (for the screen in which you want the security feature)

3) make one implicit enhancement (only in the case where you are unable to identify user-exit or BADI's) at start or end of module.

{this ensures your code will run each time any user opens the screen}.

4) in the implicit enhancement implementation code to fill (INSERT) in the table with the system values.

5) make a simple report to display the contents of the table.

Working : each time any user opens a particular screen, the custom table will get appended with the name, date, time etc. detials of the access of particular screen.

Hope this will help.

2 REPLIES 2
Read only

Go to solution
Former Member

‎2009 Nov 10 4:31 PM

0 Likes
403

1) make one custom table with fields like [sy-uname, sy-datum, sy-uzeit, screen number etc...)

2) Identify appropiate PBO Module (for the screen in which you want the security feature)

3) make one implicit enhancement (only in the case where you are unable to identify user-exit or BADI's) at start or end of module.

{this ensures your code will run each time any user opens the screen}.

4) in the implicit enhancement implementation code to fill (INSERT) in the table with the system values.

5) make a simple report to display the contents of the table.

Working : each time any user opens a particular screen, the custom table will get appended with the name, date, time etc. detials of the access of particular screen.

Hope this will help.

Read only

Go to solution
ThomasZloch
Active Contributor

‎2009 Nov 10 5:07 PM

0 Likes
402

Implement a proper authorization concept, so users can only see what they're supposed to see, rather than recording user activity (which might be illegal by itself, depending on local legislation).

Thomas