B2B Business Processes - there are many Business Processes which cross Company and Organisation boundaries.
What has that got to do with Enterprise Blockchain and Cyber Security ? Let's find out.
This is a great Enterprise Blockchain story, it's one of my favourites, like the BCP one, it's so easy to implement and so effective and protects Data and Systems and Business Partners across so many dimensions, read on to find out why.
So buckle up and enjoy the ride...
B2B Business Processes, also known as, Multi-Party Collaboration, the following common Business Processes and others can all include elements of 3rd Party Organisation integration:
Order-To-Cash
Procure-To-Pay
Plan-To-Produce/Plan-To-Inventory
Record-To-Report
Source-To-Pay
Idea-To-Offering
Count-To-Reconcile
Forecast-To-Monitor
Inspect-To-Comply
Cradle-To-Grave/Acquire-To-Retire
Where ever you have a Business Process which includes sending your Data to a 3rd Party Organisation, to another Company, your Data is being put at risk. When ever you send or replicate or integrate your Company's Data to another Company your Data is at risk, and this means your Business Process is at risk and therefore your Business is at risk.
This blog is going to be talking about and showing is the weakness of the current approach of working with Data across multiple Organisations which collaborate together on a Business Process.
An easy example is 3PL 3rd Party Logistics.
Your Company needs something delivered and your S/4HANA system sends an instruction to the 3rd Party Logistics company to make a collection and a delivery.
This all looks very normal and very common, but what is actually happening when your Company sends an instruction from the S/4HANA system to the Delivery Planning System at your Partner Company the 3PL 3rd Party Logistics Company ?
Data, it's all about Data, your S/4HANA system is sending Data to your Business Partner the 3rd Party Logistics Company instructing them on where to collect from or deliver to.
And this is the problem, as soon as your Data leaves your network, it's no longer your Data, and you lose control of the Data.
This is a classical Integration scenario, the S/4HANA is Integrated to the 3rd Party Logistics Company's System and you send them your Data. What happens to that Data at your Business Partner is beyond your control, you can only trust that they will care for your Data the same way as they would care for their own Data.
This is how you are doing it today, with IDOCS and API's, this is legacy Data Integration through Replication:
This creates several problems including:
Trust between Partners: The more Partners in a Business Transaction or Business Process, the less trust there is between Partners. This is a very simple graph, as the number of Partners in a Business Transaction or Business Process goes up, so the trust between the Partners goes down. What is trust in a Business Transaction or Business Process, doing what you said you would, data, instruction, confirmation. I will deliver the parcel to the address you gave me, but what if somebody in my Team changes the delivery address for their own benefit ?
Protect the Originality & Integrity of the Data - When your S/4HANA sends the Data to your Business Partner's System we need to make sure that the Data cannot be modified or destroyed and therefore protect the originality and integrity of the Data
Replicating & Integrating the Data from your S/4HANA to your Business Partner's System and at the same time Protect the Originality & Integrity of the Data - we need to get the Data from the S/4HANA to the Business Partner's System and we need to be sure, to have surety that the Data which arrives at the Business Partner's System is the same Data as was sent from your S/4HANA. If this Data can be changed in any way, we won't be able to trust the Business Processes and Insights which are depending on that Data. And so, in the activity of moving the Data we need to make sure that that piece of Data cannot be modified or destroyed and therefore protect the originality and integrity of the Data
and it doesn't end there, it's often the case that a 3rd Party Organisation will be getting Data directly from your S/4HANA (as the Source) or posting Data to your S/4HANA (as the Target), in both cases it could be an API which through your Integration Technologies is ultimately exposed to the Internet and where the system calling the API needs to have a User on your S/4HANA.
And 3rd Party Logistics is only the tip of the iceberg when it comes to Multi-Party Collaboration and Business Transactions and Business Processes. You know how integrated your Systems are with your Business Partners how the data is flowing in and out of your network to and from your Partner's networks.
And so, here we are,
The biggest threat to B2B Business Processes is Cyber Security and Cyber Attacks
The biggest threat to Multi-Party Collaboration is Cyber Security and Cyber Attacks
And that's where the Enterprise Blockchain comes in, and this blog is going to explain why.
This blog will be less about deep dives into Use Cases and more about how Enterprise Blockchain is:
. A Secure Store of Data
. A Secure Communication Channel for Data
. A Common Shared Single Source of Truth in your Organisation and across Organisations
. The next generation Data Integration is about having a Common Shared Single Source of Truth
Subsequent blogs will deep dive individual use case by use case, this one will focus on the principle of Enterprise Blockchain already today being the next generation Secure Store and Secure Communication Channel for Data and how and why.
Ok let's go ๐
Welcome to the ninth blog in this series on Enterprise Blockchain and SAP. If you have been following the previous blogs then you'll be familiar with the blog template. We'll begin by talking about and framing the problem, in this case Data Cyber Security for B2B Business Processes and then go in to identifying the enabling technology which will have the best capabilities and be the most appropriate to solving the problem all the way through to the reference solution architecture to be able to implement the solution.
The blog is going to break the subject down in to three sections:
Section 1.0: The What is it of B2B Business Processes and SAP, and Enterprise Blockchain
Section 2.0: The Why is it, of B2B Business Processes and SAP, and Enterprise Blockchain
Section 3.0: The How is it, of B2B Business Processes and SAP, and Enterprise Blockchain
In case you missed them, the previous blogs in this series are here:
Why I love SAP and Blockchain Databases and why you should too ๐
SAP Enterprise Architecture: Let the Use Case find the Blockchain๐
Oil & Gas - Ultimate Data Security - Blockchain Data Backbone from OT to SAP IT๐
The What Is... The Why To... The How To... of: ESG & SAP & Enterprise Blockchain ๐
BCP: Business Continuity Planning for SAP S/4HANA - made easy with Enterprise Blockchain ๐
Trustable AI thanks to - SAP AI Core & SAP HANA Cloud & SAP S/4HANA & Enterprise Blockchain ๐
IoT - Ultimate Data Cyber Security - with Enterprise Blockchain and SAP BTP ๐
tl:dr
Enterprise Integrations and Integration Architecture centered around sending and replicating Data to Business Partners results in you losing control of your Data, and losing surety that the Business Partner is looking at the same Data as you are.
The Digital Transformation of Enterprise Integrations is to have a shared common single source of truth for data with your Business Partners.
Enterprise Blockchain is the answer, Enterprise Blockchain enables both Business Partners, you and your Business Partner to share the same Distributed Ledger and consequently have a common shared single source of truth for data across multiple Companies.
That's one thing, the next thing is that thanks to the special characteristics of the Enterprise Blockchain Distributed Ledger, namely, Immutable, Hash Mechanism, Consensus, Distributed, when you or your Business Partner write data to the Enterprise Blockchain, you know, that nobody can modify the Data for their own gains, your know that natively, out of the box you have the highest level of Data Cyber Security and Resilience of any commercial database product available.
In the 3PL scenario, this is what your SAP Technical Architecture would look like:
[the finer technical details of the Technical Solution Architecture will be elaborated in the rest of the blog]
The Future of Enterprise Collaboration and Cross Organisation Data Integration and B2B Business Processes (and this is possible today with the SAP BTP and SAP Partner Edge Open EcoSystem Partner Enterprise Blockchain Products).
And as will be explained later in the blog, it's not only about the Enterprise Blockchain being a common shared source of truth across organisations, it's about digitally decoupling the S/4HANA from 3rd Party System Integrations and gradually ring fencing the S/4HANA away from being directly accessed by 3rd Party Systems as it is today with API's.
This is like pick your own strawberries, instead of sending your Partners the strawberries, you tell your Partner the strawberries are ready and which field they are in and you let your Partners pick the strawberries themselves from the Enterprise Blockchain.
S/4HANA Data Events write the Data to the Enterprise Blockchain and S/4HANA Notification Events notify the Partner that something has happened, then, instead of calling an API on your SAP S/4HANA, the Partner then calls the API of the Enterprise Blockchain and Reads the Data from there.
The Enterprise Blockchain Database software is running on your SAP BTP Kyma Runtime and in your Partner's Servers, therefore, creating natively, out of the box, the most secure and resilient common shared single source of truth. Your have a Distributed Ledger running from your SAP BTP to the Partner's Servers.
Therefore, S/4HANA Data Event Writes to the Enterprise Blockchain as the Common Shared Single Source of Truth across the Organisations, and the S/4HANA Notification Event notifies the Partner that something has happened and that they should call the Enterprise Blockchain API to get the Data of what has happened.
Enterprise Blockchain is:
. a Secure Store
. a Secure Communication Channel
. a Shared Common Single Source of Truth for Master and Transactional Data across Organisations
Enterprise Blockchain is the Cyber Security for Enterprise B2B Business Processes and Multi Party Collaboration.
and now.... the long answer...
Section 1.0: The What is it of B2B Business Processes and SAP, and Enterprise Blockchain
What are B2B Business Processes, what is Multi-Party Collaboration, what are 3rd Party Integrations, what is it all and why do we need it ?
B2B Business Processes, Multi-Party Collaboration, in the context of this subject, these are any Business Process in your Company which includes your Master and Transactional S/4HANA Data being used by another Company, and results in the other Company needing access to your Data.
There are many examples, in today's world of outsourcing that which is not considered part of the core Business, Multi-Party Collaboration is very common across most lines of the Business. Another easy and common one is outsources Payroll.
As described in this blog, by @mert_turan , your Company is using a 3rd Party Payroll provider to take care of your Payroll, the process and the integration can look like this:
This is a classic example of a B2B Business Process, where your Company is sending highly sensitive and highly confidential Data, transferring that Data to a 3rd Party Company, in this case a 3rd Party Payroll Provider. Look at all of the Data transfers which are going on in that Payroll Business Process.
Just look at the sensitivity and confidentiality of the Data which is being transferred to the 3rd Party Company, Personal and Business Sensitive Master and Transactional Data.
What could possibly go wrong ?
What could possibly go wrong with any of these Multi-Party Collaborative Business Processes, Payroll, Supplier Network Collaboration, 3rd Party Logistics, Contract Manufacturing ?
What is the biggest risk ?
The Data, again, it's all about the Data, and keeping the Data safe, and reducing the chance that somebody can mess with the Data.
What about the Enterprise Blockchain, what is Enterprise Blockchain ?
Enterprise Blockchain is both:
. a Secure Store
. a Secure Communication Channel
McKinsey & Company, in their December 2023 Featured Insights Publication, gave a beautiful description of what is unique and special about Blockchain, "Blockchain is a secure database shared across a network of participants, where up-to-date information is available to all participants at the same time". If we just pause for a moment and let that sink in, and think about what that means, to Business Processes, to Collaboration, to System Resilience, we start to see what is so special about Blockchain Databases and Distributed Ledger Technology.
In these previous blogs, I made a deep dive in to what Enterprise Blockchain is and why we should be positioning it in our Enterprise Architecture:
Why I love SAP and Blockchain Databases and why you should too๐
SAP Enterprise Architecture: Let the Use Case find the Blockchain ๐
and in a nutshell, Enterprise Blockchain is:
. The Digital Transformation of Information Security into Cyber Security
. The Next Generation Data Integrity, Originality, Confidentiality Protection
. Re-imagining Information Security
. Natively, out of the box, due to its special characteristics the strongest, hardest, most resilient Enterprise Database product
To wrap up this section:
. B2B Business Processes are about Data
. Enterprise Blockchain is about Cyber Security of Data
Section 2.0: The Why is it, of B2B Business Processes and SAP, and Enterprise Blockchain
So, why B2B Business Processes in the Enterprise IT, when implemented in conjunction with SAP Applications need Enterprise Blockchain ?
Multi-Party Collaboration is about replicating Data to 3rd Party Company, and the Data, this is your Company's Data and in most cases highly sensitive and highly business and personally confidential.
The problem is the Cyber Security of getting the Data from the your Company's SAP S/4HANA to the 3rd Party Company's Application, and ensuring the originality and integrity of the highly sensitive and confidential Master and Transactional Data which you are replicating to the Partner Company remains intact.
As we talked about earlier, and this is worth repeating because this is the problem of Multi-Party Collaboration:
Trust between Partners: The more Partners in a Business Transaction or Business Process, the less trust there is between Partners. This is a very simple graph, as the number of Partners in a Business Transaction or Business Process goes up, so the trust between the Partners goes down. What is trust in a Business Transaction or Business Process, doing what you said you would, data, instruction, confirmation. I will deliver the parcel to the address you gave me, but what if somebody in my Team changes the delivery address for their own benefit ?
Protect the Originality & Integrity of the Data - When your S/4HANA sends the Data to your Business Partner's System we need to make sure that the Data cannot be modified or destroyed and therefore protect the originality and integrity of the Data
Replicating & Integrating the Data from your S/4HANA to your Business Partner's System and at the same time Protect the Originality & Integrity of the Data - we need to get the Data from the S/4HANA to the Business Partner's System and we need to be sure, to have surety that the Data which arrives at the Business Partner's System is the same Data as was sent from your S/4HANA. If this Data can be changed in any way, we won't be able to trust the Business Processes and Insights which are depending on that Data. And so, in the activity of moving the Data we need to make sure that that piece of Data cannot be modified or destroyed and therefore protect the originality and integrity of the Data
ITSecurityWire.com, in their article, Best Practices to Secure Data Integration, put it like this:
The LinkedIn Community describe the risks of Data integration like this:
Those are the problems with today's legacy ways of making your S/4HANA Master and Transaction Data available for 3rd Party Companies in your B2B Business Processes.
And what's the solution ?
The solution is the Enterprise Blockchain as the Common Data Back Bone across Companies.
Instead of replicating and sending the Data to your Business Partner, you write the S/4HANA Data to the Enterprise Blockchain.
This is like pick your own strawberries, instead of sending your Partners the strawberries, you tell your Partner the strawberries are ready and which field they are in and you let your Partners pick the strawberries themselves from the Enterprise Blockchain.
S/4HANA Data Events write the Data to the Enterprise Blockchain and S/4HANA Notification Events notify the Partner that something has happened, then, instead of calling an API on your SAP S/4HANA, the Partner then calls the API of the Enterprise Blockchain and Reads the Data from there.
The Enterprise Blockchain Database software is running on your SAP BTP Kyma Runtime and in your Partner's Servers, therefore, creating natively, out of the box, the most secure and resilient common shared single source of truth. Your have a Distributed Ledger running from your SAP BTP to the Partner's Servers.
Therefore, S/4HANA Data Event Writes to the Enterprise Blockchain as the Common Shared Single Source of Truth across the Organisations, and the S/4HANA Notification Event notifies the Partner that something has happened and that they should call the Enterprise Blockchain API to get the Data of what has happened.
And as will be explained later in the blog, it's not only about the Enterprise Blockchain being a common shared source of truth across organisations, it's about digitally decoupling the S/4HANA from 3rd Party System Integrations and gradually ring fencing the S/4HANA away from being directly accessed by 3rd Party Systems as it is today with API's.
Imagine, as described in the previous blog, when we let the Use Case find the Enterprise Blockchain, we have a Business Requirement, a Business Demand, to make Data for B2B Business Process the safest it can be, the most trustable that it can be.
When we look in our Enterprise Technology Standards, and we look for the Technology Standard in our Enterprise Portfolio which is positioned to bring the strongest protection to Data, we find the Enterprise Blockchain.
Comparison Enterprise Blockchain Database and Traditional Legacy Database - atkrypto.io
In the previous blogs, we have discussed in detail about the special characteristics of Enterprise Blockchain and just why it natively out of the box protects the integrity of data to a level that legacy database products cannot do, in a nutshell....
B2B Business Processes are about Data
B2B Business Processes are about the Data that goes from your S/4HANA outside the boundaries of your Company and your Network and to Partner Company's Applications and Networks and Databases.
This means B2B Business Processes are about Data and the Data depends on a Database or a Datastore
What kind of Database do B2B Business Processes Data need ? What capabilities does the Database for the B2B Business Processes Data need to have ?
1. It must not be possible to modify the Data in the Database ]- the Database needs to be immutable
2. The Data in the Database, the integrity and originality of that Data must be protected to the highest level that is technically possible
3. The Data must be available with the highest availability, the Database must be resilient to attack
4. The Database must be running simutaneously in your DataCenter and your Business Partner's DataCenter
5. S/4HANA must not expose any API's to Business Partner Companies
When we look in our Enterprise Technology Standards we find 1 Technology Standard in the Enterprise which has those capabilities, and that is..... Enterprise Blockchain
Enterprise Blockchain ticks those boxes...
This is why, Enterprise Blockchain is the enabler of trustable outcomes from Enterprise B2B Business Processes.
atkrypto.io what is a blockchain
But there's more than that, B2B Business Processes can produce a lot of data, and the volumes of data can be big.
And this is why, in this blog we take the Enterprise Blockchain Technology story one level further and we introduce the:
Enterprise Blockchain Wallet
Off-Chain Data Storage
In the Enterprise Blockchain Platforms, the Enterprise Blockchain Wallet is used for Off-Chain storage of big data and in the following paragraphs we will explain why.
What is the Enterprise Blockchain Wallet, and what is Off-Chain Data Storage and why would we use them and why do we need them ?
As we have explained in a previous blog, the Enterprise Blockchain Database, the Distributed Ledger, can be looked at simply as a Database Table (which is replicated and synchronised across multiple Servers) and in principle it stores the Data like this:
Blockchain is a very simple form of database atkrypto.io
This is fine, and suited to what we call Structured Data, and as AWS nicely describe, Structured Data is information like words and numbers. This kind of data is perfectly suited to being stored in an Enterprise Blockchain Database and also a legacy Database. Examples of the data would Names, Addresses, Phone Numbers, Product Information etc.
But, Payroll can produce a lot of Data, and in large volumes which would be too big to be stored on the Enterprise Blockchain Database itself.
And that's ok, Enterprise Blockchain Platforms are ready for that, and have been designed to store both Structured Data and Data which is in files which are so big that they cannot be stored in the Enterprise Blockchain Database itself, for example the photographs from a Waste Truck's onboard camera proving that waste was responsibly tipped in the correct location and taken at the same time as recording GPS location coordinates proving the location of the Waste Truck.
So, if we can't store the large photographs files in large quantities to the Enterprise Blockchain Database, then how, in an Enterprise Blockchain Platform do we store large files of Data ?
Voila.... bring in the Enterprise Blockchain Platform Wallet. The best Enterprise Blockchain Platform products include what is called the Enterprise Blockchain Platform Wallet, or to make it shorter, the Enterprise Blockchain Wallet.
The Enterprise Blockchain Wallet enables us to store large Data, like large Files safely and securely off the chain, or 'Off-Chain'.
But if we store the large Data files Off-Chain in the Enterprise Blockchain Wallet, then how do we also have them some how on the Enterprise Blockchain Database ?
The way this works is elegant, in any decent Enterprise Blockchain Platform, the Enterprise Blockchain Wallet location is completely configurable, and could be anywhere from SAP HANA Cloud (Data Lake), or for example multiple hyperscaler object stores, such as Amazon S3, OSS (Alicloud Object Storage
Service), SAP HANA Cloud, Data Lake, and Azure Blob Storage.
The configurable Enterprise Blockchain Wallet of the Enterprise Blockchain Platform looks like this:
Enterprise Blockchain Platform - Enterprise Blockchain Wallets - Configurable Enterprise Wallets - atkrypto.io
Ok, so we've got the large volumes of Data stored in the (configurable) Enterprise Blockchain Wallet, but what about securing the Data ? Obviously the Enterprise Blockchain Wallet storage location has built in security, for example the SAP HANA Cloud, the AWS S3 Buckets, but we need more than the out of the box security of these products, the reason we are using the Enterprise Blockchain Database is because of the amazing security strengths that it natively out of the box has, and so, what about the Enterprise Blockchain Wallet, doesn't the Enterprise Blockchain Platform have some cool super hard way of protecting the data in the Enterprise Blockchain Wallet ?
Well yes it does, this is the magic of Enterprise Blockchain Database 'Off-Chain' storage in the Enterprise Blockchain Wallet. This is so unique to Blockchain Technologies.
What happens is this, when store data in the Enterprise Blockchain Wallet, the Enterprise Blockchain Platform software runs a hash algorithm over the data that we have stored and the data, and the large file gets hashed:
The data or the file in the Enterprise Blockchain Wallet gets hashed, and then, that hash is stored in the Enterprise Blockchain Database.
This means we now have a unique hash of that data or file, and if anybody or anything makes even the tiniest teeniest change to that data or file, next time we run a hash over that data or file the result will be different that the original hash which is safely stored in the Enterprise Blockchain Database and this is how we will know that the data has been changed and we cannot trust the Data and therefore we cannot use it for our Enterprise Business Processes.
On the other hand, if just before we load the data in to the SAP Enterprise Applications, eg SAP Asset Performance Management and SAP S/4HANA, from the Enterprise Blockchain Wallet, if we run a hash over the data and the hash result is the same as we have in the Enterprise Blockchain Database, then we will know we can trust the Data and we can use it in our SAP Applications and we will have trustable Data.
Enterprise Blockchain Wallet Data Hashes Stored in the Enterprise Blockchain Database - atkrypto.io
And this is why, for all of these reasons,
Trustable Enterprise B2B Business Processes depends on Data being stored in the Enterprise Blockchain
But that's not the end of the b2B Business Processes need Enterprise Blockchain.
As we showed at the beginning of the blog in this picture:
As the picture shows, we have an Enterprise Blockchain Database Tenant installed on a Server Host at the in your DataCenter, in your Network on your SAP BTP Kyma Service AND we have an Enterprise Blockchain Database Tenant installed on your B2B Business Partner's Network, if they are a SAP Customer then like you they can put it on the SAP BTP Kyma Service, if not they can run it on Kubernetes.
The consequence of this is that we have a distributed Enterprise Blockchain Database table which stretches from your DataCenter and Network where your S/4HANA is writing Data to it and stretches all the way across the Network to your Business Partner's DataCenter.
This means we have Enterprise Blockchain Data Protection from the source from your S/4HANA to the target your B2B Business Partner's It infrastructure enabling the trusted resilient reliable Business Processes to be completed.
At the same time, we are not exposing S/4HANA or the API's on the S/4HANA to any 3rd Party Applications.
We have digitally decoupled the S/4HANA from the Business Process.
And this is why we say, Enterprise Blockchain is a Secure Communication Channel, because instead of integrating Applications sending and replicating Data across Networks, we are sharing the Data across the Enterprise Blockchain and the Enterprise Blockchain is the Secure Communication Channel.
To conclude this section, the Why to, B2B Business Processes and Enterprise Blockchain, B2B Business Process Data needs to safely replicated and trustable.
Enterprise Blockchain, due to its native super strong security strength when used as a store of Data enables B2B Business Processes to be both Secure, and Trustable.
And as we will see in the next section, it's not only about the Enterprise Blockchain being a common shared source of truth across Organisations, it's about digitally decoupling the S/4HANA from 3rd Party System Integrations and gradually ring fencing the S/4HANA away from being directly accessed by 3rd Party Systems as it is today with API's.
Section 3.0: The How is it, of B2B Business Processes and SAP, and Enterprise Blockchain
The goal of this blog was to show how instead of using the legacy fire and forget approach of replicating data to 3rd Party Business Partners, the Enterprise Blockchain can be deployed as a common shared single source of truth running, with an Enterprise Blockchain Tenant running close to your S/4HANA and another Enterprise Blockchain Tenant running close to your Business Partner's Application.
In this section of the blog we will show all of the possible potential Technical Solution Architectures which will enable you to implement this next generation approach to sharing Data with the highest level of Cyber Security already today.
As described above one of the many beauties of this approach is your S/4HANA writes to the Enterprise Blockchain and your Business Partner's Application reads from the same Enterprise Blockchain. This achieves a number of things including:
. Total Control - you have total control over the Data you are sharing with the Business Partner, and you know that as long as your Business Partner's Application reads the Data from the common shared source, the Enterprise Blockchain
. Ultimate Cyber Security - then you know the maximum has been done to minimise the chance for Cyber Security risks and the maximum has been done to protect originality, integrity, and confidentiality of the Data
. S/4HANA Digitally DeCoupled from the Business Process - and on top of this, the S/4HANA has been digitally disconnected from the Business Process, because no longer do any 3rd Party Applications directly call API's on the S/4HANA
In the Technical Solution Archecture there would be two main ways for getting the data from the S/4HANA and writing it to the Enterprise Blockchain, these would be:
. API's
. Events
In these Technical Solution Architecture examples we will prioritise using S/4HANA Events to write the Data to the Enterprise Blockchain, we will be sending the Event Notification and the Event Payload, we could of course draw the same Technical Solution Architecture with API's, but we prefer the Events for the simplicity and reduced call backs to the S/4HANA and therefore making the S/4HANA more Digitally DeCoupled and therefore, enabling the S/4HANA to be protected to the higher security level and exposed to less Cyber Security risk.
S/4HANA Data Events write the Data to the Enterprise Blockchain and S/4HANA Notification Events notify the Partner that something has happened, then, instead of calling an API on your SAP S/4HANA, the Partner then calls the API of the Enterprise Blockchain and Reads the Data from there.
The Enterprise Blockchain Database software is running on your SAP BTP Kyma Runtime and in your Partner's Servers, therefore, creating natively, out of the box, the most secure and resilient common shared single source of truth. Your have a Distributed Ledger running from your SAP BTP to the Partner's Servers.
Ok, let's go with the Technical Solution Architectures, in these examples we will focus on the OutSourced Payroll as the integration and B2B Business Process Example.
What do we have and what do we need:
Your Company will need:
. S/4HANA
. SAP EM and preferably SAP AEM since it has richer Security and Event Payload size capabilities and can Publish Events from Non-SAP Enterprise Applications and connect to your Enterprise Event Mesh
. SAP BTP
. SAP BTP Kyma Runtime Service - this is where the Enterprise Blockchain Container will run
. Enterprise Blockchain Platform Software which can run on Kubernetes
. If there will be larger Data objects then you will need Large Storage for Large Data and the Enterprise Blockchain Wallet in the form of SAP HANA Cloud (Data Lake)
Your Business Partner will need:
. Obviously their Payroll Application
. Either SAP BTP with Kyma Runtime, or Servers which can run Kubernetes Containers
. n.b. there is an Optional Technical Solution Architecture where you simply allow your Business Partner to read data from your Enterprise Blockchain where the Enterprise Blockchain Platform is running exclusively on your BTP, we will show that Option as well
Technical Reference Solution Architecture for SAP S/4HANA and SAP SuccessFactors and OutSourced 3rd Party Payroll Provider using Enterprise Blockchain as a Common Shared Single Source of Truth for Data and the Ultimate Cyber Data Security for B2B Business Processes...
In the next example, we have the same basic Technical Solution Architecture as the previous example, except, this Reference Use Case is ready for the Enterprise Blockchain needed to be able to handle large volumes of data and brings the Enterprise Wallet in to the picture. In the Enterprise Blockchain Platform the Enterprise Wallet storage is configurable and therefore could be SAP HANA Cloud (DataLake) or AWS S3 Buckets or other HyperScaler Data stores.
All of the other Cyber Security characteristics remain the same, S/4 is digitally decoupled from the Business Partner, Enterprise Blockchain is used as a common shared single source of truth for Master and Transactional Data, and the Enterprise Blockchain Tenants are running in both your DataCenter (AnyPremise) and the Business Partner's DataCenter (AnyPremise):
The next example Reference Technical Solution Architecture is a little bit different, let's assume, for their own reasons, your Business Partner is not going to run an Enterprise Blockchain Tenant in their (AnyPremise) DataCenter.
This is still fine, you will set up the Enterprise Blockchain Platform in your DataCenter(s) (AnyPremise) and your B2B Business Partner, in this case the outsourced 3rd Party Payroll Vendor will simply use API's to read and write to and from your Enterprise Blockchain.
All of the other benefits of the design remain the same, all of the other next generation Data sharing Cyber Security characteristics are still there, S/4 is digitally decoupled from the Business Partner, Enterprise Blockchain is used as a common shared single source of truth for Master and Transactional Data.
Here it is:
Finally, we have the same Reference Technical Architecture as above, but to be able to cater for large volumes of Data we include the Enterprise Wallet in the design:
Ok let's wrap this up, the conclusions:
Ultimate Cyber Security for B2B Business Processes is Enterprise Blockchain, where the Enterprise Blockchain acts a common shared single source of truth for Data across Organisations
Enterprise Blockchain is:
. A Secure Store of Data
. A Secure Communication Channel for Data
. A Common Shared Single Source of Truth in your Organisation and across Organisations
. The next generation Data Integration is about having a Common Shared Single Source of Truth
The next generation Integrations don't replicate Data, that's legacy, the next generation Integrations use Enterprise Blockchain as a common shared single source of truth.
The configurable Enterprise Blockchain Wallet enables you to store Big Data 'Off-Chain' and the hashes of the Data are stored safely and securely on the Enterprise Blockchain Database.
The good news is, as we discussed in the previous blog, this is no longer hype, we can do all of this today, and now, within the SAP Partner Edge Open EcoSystem there are enabling technology Blockchain Products designed and built by SAP Experts specifically for the needs of SAP Customers to make doing Blockchain and SAP easy, and so you can do SAP and Blockchain, today it's real and there's nothing stopping you.
So what are we waiting for ? Oh yeah, deep dive in to more use cases, ok, that will be the next blog.
What do you think, are the words Blockchain, Web3, Distributed Ledger Technology, starting to appear in your Company's visions and technology visions ? What use cases are you looking at ? Let's chat about it in the comments.
For now, over and out.
Andy Silvey.
Independent SAP Technical Architect and CEO of atkrypto.io
Author Bio:
Andy Silvey is a 25 years SAP Technology veteran [15 years SAP Basis and 10 years SAP Tech Arch including Tech, Integration, Security, Data from 3.1H to S/4HANA PCE on RISE and the BTP and everything in between, and former SCN Moderator and Mentor alumni].
Andy is also co-Founder of atkrypto inc, an startup whose ambition is to make Blockchain easy for Enterprise.
atkrypto.io's flagship product is the atkrypto Enterprise Blockchain Platform for SAP, and atkrypto.io is a SAP Partner Edge Open EcoSystem Partner.
The atkrypto Enterprise Blockchain Platform for SAP has been designed by SAP Independent Experts for the needs of SAP Customers and to be deployed on the SAP BTP Kyma Runtime Service and leverage native integration to SAP Products.
atkrypto Enterprise Blockchain Platform for SAP has a number of unique qualities, including being the only Blockchain software in the world which has a DataCenter version and a light mobile version which can run on Edge/IoT/Mobile devices and enables data to be written to the Blockchain at the Edge where that same Blockchain is running on a Server in the DataCenter, protecting the integrity and originality of data from the Edge to Insights. Taking Blockchain to the Data at the Edge instead of taking the Data to the Blockchain.
All of this makes atkrypto,io the DePIN Decentralised Physical Infrastructure Network solution for Enterprise.
atkrypto is one of the Next20 startups being featured at TM Forum's DTW Ignite in Copenhagen in June
If you will be at DTW24 come and talk to us about Cyber Security of SAP Data with Enterprise Blockchain.
- SAP Managed Tags:
