We have a theoretical scenario where we want to develop an application that will require to handle Sensitive Data. This data is not persisted in SAP, rather brought in through an interface. There is going to be a custom authorization object created and roles based on that would restrict the use and visibility of this data to selected people. There are legal & IP ramifications to having this data even accidentally visible to unauthorized personnel.
Like any program in general, one cannot guarantee that the problem will never throw an error. So, there is a possibility of an ABAP Dump even in this sensitive program.If this were to happen then the "Chosen Variables" section of the dump,which randomly selects some variables to log, may have sensitive data in them. ABAP Dumps are visible to the entire support team in the company so that is unacceptable.
So the question is, is there any way we can hide the "Chosen Variables" section in ABAP Dumps? Or preferably, is there any way in which we can guarentee that certain variables and internal tables will never get chosen to be put in the ABAP Dump?
This little issue can potentially stop a big implementation that we are in the middle of.
Any help would be greatly appreciated.
Thanks & Regards,