Presentation is loading. Please wait.

Presentation is loading. Please wait.

Datei: her-sec.ppt Freitag, 14-05-19 Index 1 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive SAP / Higher Education & Research.

Published byAlexander Brennan Modified over 10 years ago

Similar presentations

Presentation on theme: "Datei: her-sec.ppt Freitag, 14-05-19 Index 1 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive SAP / Higher Education & Research."— Presentation transcript:

1 Datei: her-sec.ppt Freitag, 14-05-19 Index 1 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive SAP / Higher Education & Research User Group 4 th Meeting, Amsterdam, the Netherlands on 20 th - 22 th April, 1999 An Approach For SAP R/3 Security In Open Networks

2 Datei: her-sec.ppt Freitag, 14-05-19 Index 2 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive Contact Dr. Lutz Marten IT–Management Bayerische Julius-Maximilians-Universität Würzburg Am Hubland D - 97074 Würzburg, Germany phone: +49 (0) 931 / 888 - 5078 fax: +49 (0) 931 / 888 - 7021 Lutz.Marten@mail.uni-wuerzburg.de http://www.zv.uni-wuerzburg.de/muck

3 Datei: her-sec.ppt Freitag, 14-05-19 Index 3 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive Facts & Figures University Würzburg first foundation: 1402, refoundation: 1582 12 faculties 70 departments wide spectrum of disciplines largest university in northern Bavaria over 20.000 students about 9.500 staff-members 350 professors, about 2700 academic assistants 19 university clinics budget 400 Mio. DM (without patient care, incl. research)

4 Datei: her-sec.ppt Freitag, 14-05-19 Index 4 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive User Access To Applications Students / Staff Application Systems SAP R/3, HISSOS World Wide Web up to 20.000 user campus = internet administration = intranet

5 Datei: her-sec.ppt Freitag, 14-05-19 Index 5 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive Basic Security By A Firewall Client PC Internal Application Systems Firewall campus internet adminitration intranet

6 Datei: her-sec.ppt Freitag, 14-05-19 Index 6 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive Network Topology

7 Datei: her-sec.ppt Freitag, 14-05-19 Index 7 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model - 3 Tier Model Web Browser Presentation representaion of the application Firewall Web Server Web-Adaption homogenisation authentification Application System Application Transaction data manipulation

8 Datei: her-sec.ppt Freitag, 14-05-19 Index 8 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model - General Model Web-Browser / Java-VM Presentation Web Server ( e.g. MS-IIS) Web-Adaption Application Server Application Transaction Database Server HTML/Java Transformation / User Authentication

9 Datei: her-sec.ppt Freitag, 14-05-19 Index 9 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model - TranSON Model Web-Browser Presentation TranSON Server Web-Adaption Web Server enciphered Firewall Application Server Application Transaction Database Server (optionally enciphered)

10 Datei: her-sec.ppt Freitag, 14-05-19 Index 10 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model - SAP R/3 Model Web-Browser Presentation R/3 Application Server Application Transaction R/3 Database Server (optionally enciphered) manufacturer-dependent SAP-Protokoll manufacturer-dependent SAP-Protokoll Web Server ( z.B. MS-IIS) Web-Adaption Internet Transaction Server - ITS enciphered ISAPI HTTP

11 Datei: her-sec.ppt Freitag, 14-05-19 Index 11 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model - HISSB Web-Browser with HISSB Java-applet Presentation HISSOS/GX Informix Database Application Transaction ODBC / JDBC (optionally enciphered) Web Server ( z.B. MS-IIS) Web-Adaption JDesignerPro Enterprise Server (JAGG) enciphered TCP Port 4899

12 Datei: her-sec.ppt Freitag, 14-05-19 Index 12 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW Transaction Model- TranSON + SAP R/3 Web-Browser / Java-VM Presentation Web Server ( z.B. MS-IIS) Web-Adaption Internet Transaction Server - ITS enciphered ISAPI TCP Port 4444 and HTTP TranSON Server Firewall manufacturer-dependent SAP protocol manufacturer-dependent SAP protocol Application Server Application Transaction Database Server (optionally enciphered)

13 Datei: her-sec.ppt Freitag, 14-05-19 Index 13 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive WWW PKI (public key) Model - TranSON + SAP R/3 Web-Browser / Java-VM Web Server ( z.B. MS-IIS) Application Server Database Server Internet Transaction Server - ITS, Agate/Wgate running on one or two servers optionally with SNC TranSON Server / Firewall SAP protocol SNC optional Smartcard with keys and crtificates CA - Certificate Authority CA - Certificate Authority SSLv3 / TLSv1 using private key public key certificate Directory Services LDAP

14 Datei: her-sec.ppt Freitag, 14-05-19 Index 14 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive more information and contacts can be found at http://www.zv.uni-wuerzburg.de/muck Thank you for your attention !

Download ppt "Datei: her-sec.ppt Freitag, 14-05-19 Index 1 University Würzburg, Dr. L.Marten University Würzburg Bavarian future offensive SAP / Higher Education & Research."

Similar presentations

HiPath SIcurity Card Manager Smartcard Management and Personalization System Sales Presentation.

HiPath SIcurity Card Manager Smartcard Management and Personalization System Sales Presentation.
Interdisciplinary approach to health promotion Marek Jankowski Amsterdam, 2010 Polish Society for Health Programs 1.

Interdisciplinary approach to health promotion Marek Jankowski Amsterdam, 2010 Polish Society for Health Programs 1.
Chapter 14 Intranets & Extranets. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Introduction Technical Infrastructure Planning an Intranet.

Chapter 14 Intranets & Extranets. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Introduction Technical Infrastructure Planning an Intranet.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
J0 1 Marco Ronchetti - The Web: an architectural view.

J0 1 Marco Ronchetti - The Web: an architectural view.
SSL Trust Pitfalls Prof. Ravi Sandhu.

SSL Trust Pitfalls Prof. Ravi Sandhu.
SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute.

SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.

By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
The World Wide Web and the Internet MIS XLM.B Jack G. Zheng May 13 th 2008.

The World Wide Web and the Internet MIS XLM.B Jack G. Zheng May 13 th 2008.
1 MyAPNIC Project update Database SIG APNIC 23, Bali 28 February 2007.

1 MyAPNIC Project update Database SIG APNIC 23, Bali 28 February 2007.
MyProxy Jim Basney Senior Research Scientist NCSA

MyProxy Jim Basney Senior Research Scientist NCSA
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
International Telecommunication Union Workshop on Standardization in E-health Geneva, 23-25 May 2003 The Use of X.509 in E-Healthcare Professor David W.

International Telecommunication Union Workshop on Standardization in E-health Geneva, May 2003 The Use of X.509 in E-Healthcare Professor David W.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Addition Facts 1 - 20.

Addition Facts
EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication Library Hosted Navigator EZproxy and.

EVERY CONNECTION has a starting point. EVERY CONNECTION has a starting point. WorldCat Navigator - Authentication Library Hosted Navigator EZproxy and.
INFORMATION TECHNOLOGY, THE INTERNET, AND YOU

INFORMATION TECHNOLOGY, THE INTERNET, AND YOU
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
Graduate Surveys in Germany as a Tool to Measure and Improve the Relevance of Higher Education Contribution to the International Seminar The Relevance.

Graduate Surveys in Germany as a Tool to Measure and Improve the Relevance of Higher Education Contribution to the International Seminar The Relevance.
1 Page: Objectives and main tasks of the German CAF Centre Referat VIII 1 German CAF Centre Dr Astrid Stein Cologne, February 2007.

1 Page: Objectives and main tasks of the German CAF Centre Referat VIII 1 German CAF Centre Dr Astrid Stein Cologne, February 2007.

Similar presentations

Ads by Google