Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prerequisites, Scope and Considerations Jan 2013 UI Field Level Security.

Published byClyde Jacobs Modified over 8 years ago

Similar presentations

Presentation on theme: "Prerequisites, Scope and Considerations Jan 2013 UI Field Level Security."— Presentation transcript:

1 Prerequisites, Scope and Considerations Jan 2013 UI Field Level Security

2 ©2012 SAP AG. All rights reserved.2 UI Field Level Security Pre-requisites  SAP BASIS 700 (SP 14)/ 702 (SP 09)  SAP_APPL 600 (SP 11)/ 605 (SP 05)  SAP_HR 600 (SP 22)/ 600 (SP 45) Feature Considerations  The data element is generated for character type fields, date and currency (with restrictions) fields but the field must not be/have a  Primary key  Foreign key relationship  Input help, search help or check table  Standard conversion exit  UI Masking solution supports single currency formatting in general. There are limited number of transactions and fields for which multiple currency formatting has been enabled (kindly refer SAP Note 1971032 for more details).

3 ©2012 SAP AG. All rights reserved.3 UI Field Level Security - Scope  In ALV data display, data is masked in ‘Display’ and ‘Edit’ mode for unauthorized users. However, the masked data column shall be changed into display mode for unauthorized users if the ALV is in ‘Edit’ mode.  In “Table Control” data display, data is masked in ‘Display’ mode for unauthorized users. However, the masked data column shall be hidden for unauthorized users if table control is in ‘Edit’ mode. Note: Table Control data masking needs to be analyzed as masking solution does not provide complete coverage.  The masking pattern can be set for character type fields. For e.g. Bank Account Number can be displayed as ‘**18**’ or ‘&&&&&&’ based on the configured masking pattern. The masking pattern for ‘date’ or ‘currency’ field will be taken as ‘*’ for the entire field length.  User Interface Field Security logs data when the user accesses the registered fields (masking configuration). The functionality is provided to archive the User Interface (UI) Logs from the UI Log table to the archive files.  Configure the ‘critical’ database table in the UI Masking Configuration which allows only authorized users to see the data in SAP Transactions SE11, SE12, SE16, SE16N, DB02 and ST04. Note: DB02/ ST04 functionality for customer’s on Oracle database only.

4 ©2012 SAP AG. All rights reserved.4 UI Field Level Security - Scope  UI Masking configuration allows maintenance of role assignment for every table-fieldname to check the user authorization. A user assigned to this role is authorized to see the unmasked data. In case, someone tries to change the critical role(configuration) then an email notifications will be triggered to a configured administrator. Note: Email Notification will be triggered using SAP standard email configurations. Customer specific mail subject and mail content can be created through BADI implementation.  The unauthorized users must not be allowed to create the data in the ‘create’ transactions if it contains any masked field(for instance XD01, FK01, etc). For e.g. User can have an authorization to create new ‘Customer’ via SAP Transaction ‘XD01’ but user does not have authorization to access ‘Bank Account Number’ of the customer.  Specific masking scenarios delivered in the solution via standard program modifications will be covered in the next slides.

5 ©2012 SAP AG. All rights reserved.5 UI Field Level Security – Special Consideration  1. Bank Account Number (BANKN)  The masking functionality is delivered for the Bank Account Number in the following scenarios:-  For Table- LFBK & KNBK; Field- BANKN, standard program modifications are delivered for SAP Transactions XD02, XD03, MK02, MK03, FK02, FK03, XK02, XK03, FD02 & FD03 to mask/ hide the number for unauthorized users.  For Table- LFBK, KNBK, TIBAN; Field- BANKN: The Bank Account Number is masked for unauthorized users in SAP Transactions SE11, SE12, SE16, SE16N.  The column IBAN and IBAN Value will be hidden in ‘Display’ and ‘Edit’ mode for unauthorized users in SAP Transactions XD02, XD03, MK02, MK03, FK02, FK03, XK02, XK03, FD02 & FD03. An authorization will be required for Bank Account Number in the specified transactions to access the unmasked IBAN value.

6 ©2012 SAP AG. All rights reserved.6 UI Field Level Security – Special Consideration  Note: The data is masked in ‘Display’ mode for unauthorized users but data column will be hidden in ‘Edit’ mode for Bank Account Number. This is applicable for mentioned SAP Transactions except SE11, SE12, SE16, SE16N.

7 ©2012 SAP AG. All rights reserved.7 UI Field Level Security – Special Consideration  2. Credit Card Number (CCNUM)  The masking functionality is delivered for the Credit Card Number in the following scenarios:-  For Table- VCNUM; Field- CCNUM: The Credit Card Number is masked for unauthorized users in SAP Transactions XD02 & XD03. In Edit mode, “Unmasked Card” button is hidden for unauthorized users.  For Table- VCNUM, VCKUN; Field- CCNUM : The credit card number is masked for unauthorized users in SAP Transactions SE11, SE12, SE16, SE16N. Note: The data is masked in ‘Display’ mode for unauthorized users but data column will be hidden in ‘Edit’ mode for Credit Card Number. This is applicable for mentioned SAP Transactions except SE11, SE12, SE16, SE16N.

8 ©2012 SAP AG. All rights reserved.8 UI Field Level Security - Special Consideration  3. Korean Supplement (Tax Number STCD1)  In SAP Transactions XD02, XD03, MK02, MK03, FK02 & FK03, Tax Number (STCD1 within ‘Korean Supplement’) will be hidden for unauthorized users in ‘Display’ and ‘Edit’ mode.  In SAP Transactions BP & BUG2, Tax Number will be hidden in ‘Edit’ mode and masked in ‘Display’ mode for unauthorized users.  Note: Tax Number column is hidden for unauthorized users.

9 ©2012 SAP AG. All rights reserved.9 UI Field Level Security - Special Consideration  4. Communication Data  In SAP Transactions XD02, XD03, MK02, MK03, FK02 & FK03, ‘Preview’ button will be disabled for unauthorized users in ‘Display’ and ‘Edit’ mode. The preview functionality will be disabled if any of the following characteristics are active for masking: o Name, City, Post Code, Street or Country.  In ‘Edit’ mode, communication data such as Telephone Number, Email and Fax number will be hidden for unauthorized users.

10 ©2012 SAP AG. All rights reserved.10 UI Field Level Security - Conclusion  The customer’s masking field list MUST be analyzed to verify the technical feasibility of the solution. The customer fields not covered within the technical feasibility will be considered as separate development request for the customer.

11 Thank You

Download ppt "Prerequisites, Scope and Considerations Jan 2013 UI Field Level Security."

Similar presentations

Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
Module 4: System Maintenance Intuit Financial Services University Internet Banking Certification Training.

Module 4: System Maintenance Intuit Financial Services University Internet Banking Certification Training.
© 2010 Bennett, McRobb and Farmer1 Use Case Description Supplementary material to support Bennett, McRobb and Farmer: Object Oriented Systems Analysis.

© 2010 Bennett, McRobb and Farmer1 Use Case Description Supplementary material to support Bennett, McRobb and Farmer: Object Oriented Systems Analysis.
Page 1 Customer Platform: Basic Services Intuit Financial Services University Business Banking Certification Training.

Page 1 Customer Platform: Basic Services Intuit Financial Services University Business Banking Certification Training.
Hidden Features. What will we cover 16 hidden features for Admins Bonus: –2 hidden features for Employers –Live examples!

Hidden Features. What will we cover 16 hidden features for Admins Bonus: –2 hidden features for Employers –Live examples!
5/15/2012. An OARRS Account Administrator is the person(s) who approves the personnel from your jurisdiction or agency to have access to the system. Each.

5/15/2012. An OARRS Account Administrator is the person(s) who approves the personnel from your jurisdiction or agency to have access to the system. Each.
1 Payables Efficiency Through… Access Online PAYMENT PLUS.

1 Payables Efficiency Through… Access Online PAYMENT PLUS.
©© 2013 SAP AG. All rights reserved. Request-to-Resolve Scenario Overview Handling an Incoming Customer Inquiry Creating, Assigning, and Resolving a Service.

©© 2013 SAP AG. All rights reserved. Request-to-Resolve Scenario Overview Handling an Incoming Customer Inquiry Creating, Assigning, and Resolving a Service.
Protect Yourself from Your Customer Kristin A. Stedman, AAP Senior Vice President Education Services 1 © 2014 TACHA. All Rights Reserved.

Protect Yourself from Your Customer Kristin A. Stedman, AAP Senior Vice President Education Services 1 © 2014 TACHA. All Rights Reserved.
Introduction to the ABAP Data Dictionary

Introduction to the ABAP Data Dictionary
Better Maintenance of the Schedule of Classes Through Customization and Security.

Better Maintenance of the Schedule of Classes Through Customization and Security.
Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
Copyright © 2003 Americas’ SAP Users’ Group Custom Archiving 101 Session Code 108 Karin Tillotson Sr. Basis Administrator Tuesday, May 20 th, 2003.

Copyright © 2003 Americas’ SAP Users’ Group Custom Archiving 101 Session Code 108 Karin Tillotson Sr. Basis Administrator Tuesday, May 20 th, 2003.
Guide to Oracle10G1 Introduction To Forms Builder Chapter 5.

Guide to Oracle10G1 Introduction To Forms Builder Chapter 5.
 SAP AG CSU Chico 102/14/981SAP Security Lecture MINS 298C SAP Configuration & Use: Security Copyright 1996, 1997, 1998- James R. Mensching, Gail Corbitt.

 SAP AG CSU Chico 102/14/981SAP Security Lecture MINS 298C SAP Configuration & Use: Security Copyright 1996, 1997, James R. Mensching, Gail Corbitt.
A Guide to Oracle9i1 Introduction To Forms Builder Chapter 5.

A Guide to Oracle9i1 Introduction To Forms Builder Chapter 5.
Chapter 3: System design. System design Creating system components Three primary components – designing data structure and content – create software –

Chapter 3: System design. System design Creating system components Three primary components – designing data structure and content – create software –
Employee Central Presentation

Employee Central Presentation
SABAL SHRESTHA SHERIF HALAWA SHAMA KHADPEKAR JIANWEI LAI SI TRAN GROUP A Tri-Airport Shuttle System.

SABAL SHRESTHA SHERIF HALAWA SHAMA KHADPEKAR JIANWEI LAI SI TRAN GROUP A Tri-Airport Shuttle System.
Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.

Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.

Similar presentations

Ads by Google