Preface – This post is part of the SAP Ariba series.
Table of Contents
Introduction
In the time of increasing data security issues, SAP Ariba ensures the privacy and protection of sensitive information’s provided by its customers. Ariba provides the data encryption of personally identifiable information (PII) and other sensitive information like computer name, passwords present in Ariba Configuration files. The data is encrypted before it is store in the database.
SAP Ariba Security Details
SAP Ariba provides data security for the following solutions:
- SAP Ariba Contracts
- SAP Ariba Sourcing
- SAP Ariba Supplier Information Management
- SAP Ariba Supplier Information and Performance Management
In default configuration data encryption is disabled. User needs to enable the encryption option by creating the Service Request using Designated Support Contact (DSC) and Ariba Customer Support will contact for the further process.
For data encryption in Ariba Buyer Configuration file, user needs to pass aribaencrypt command and use string as an argument. The aribaencrypt command will encrypt the data and store it in Parameter.table (Parameter.table is a table file having extension .table which is used for assigning the parameter to specified values. It is the main configuration file for Ariba Buyer.) without altering the meaning of data and its functionality.
Ariba Administrator Tasks
For a complete security, there is also a need to secure the data which is accessible through the Ariba Administrator profile.
Methods to control access to data through Ariba Administrator:
- First level security can be achieved by using the EditPermissionPull integration event. Users can provide access to files like configuration files, log files by specifying in EditPermission.csv file and importing the CSV file through the EditPermissionPull integration event.
Directory for EditPermission.csv (default configuration)::
config/variants/Plain/partitions/None/data
- Integration events and scheduled tasks. By using the ExecutePermissionPull integration event this can be secured. Users can assign permission to specific events and tasks in ExecutePermission.csv file and importing the CSV file through the ExecutePermissionPull integration event.
Directory for ExecutePermission.csv (default configuration)::
config/variants/Plain/partitions/None/data
- Workspace and task permissions need to change from the workspace configuration file.
- To restrict access to particular objects in Ariba Configuration file, assign read and edit permission to objects in ObjectPermission.csv and then load the CSV file with the ObjectPermissionPull integration event.
Directory for ObjectPermission.csv (default configuration):
config/variants/Plain/partitions/None/data/ObjectPermission.csv
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sundanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu
0 Comments