on 10-28-2015 8:39 AM
Hello,
We are working on a project, where we will pull data about our customer transactions from Bank, through PI to SAP IS-U. PI and IS-U are inside our LAN Network. Web service provided by Bank except operations which allow to pull history data like statements etc. have also operations like transfer, international transfer etc.
Connection beetwen bank and PI is secured (certificate will be loaded on PI), connection between PI and IS-U isn't but it is inside LAN. But our architect has security concerns and he recommended a separate PI for FI operation only where limited number of people have access.
Is there any way to achieve same goal without using second instance of PI, for example by using roles, etc...
I would be very grateful for your opinions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
First of all this should be restricted at ERP end with AUTH OBJECTS.
For that particular ICO, you can assign users who are allowed to access the configuration during runtime.Check your sender agreement or ICO for 'assigned users' tab.
Moreover if you are not implementing a particular operation how can a end user even trigger that operation.
I will also check if this can be restricted using any actions.
Hi Marcin,
I am sure the access needs to be restricted to the payload, so as Eng suggested deploy the "role" file and assign this new role only to qualified users.
Also you may want to use Message level encryption for these particular interfaces.
An additional security aspect which you can use if you are on 7.31+ is to use the "Sensitive Data" option on your interface.This stores the encrypted data in DB.
BR,
Harish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Marcin,
you can restrict access to particular objects like SWCV in PI.
In your case it can be restricted to Banking SWCV and related objects
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.