Part 1: An Introduction to Security Implementations in the SAP BusinessObjects BI Platform

  • by Taha M. Mahmoud, Senior BI Consultant
  • December 27, 2016
Gain an overview of the enterprise security model in the SAP BusinessObjects BI platform. Learn the main differences between the three different types of security-access levels (e.g., object-level, application-level, and data-level) and discover the right case or business scenario in which to use each security-access level. Finally, learn how to create and use a security matrix before implementing security in your organization.
Learning Objectives

By reading this article you will learn:

  • How to differentiate among the different types of security levels in the SAP BusinessObjects BI platform 4.x
  • Why it’s important to have a security matrix in place, and how to create one
Key Concept
The security model in the SAP BusinessObjects BI platform is robust and dynamic. With it, you can create customized security profiles and rules that cover ideal and complex situations. The Central Management Console (CMC) is the main SAP BusinessObjects BI administration interface and, in addition to all the other administration tasks it can perform, it can be used to configure security-access levels.

Security is one of the hottest topics in the IT domain. Any organization has it is own information and services that should be governed through implementing enterprise-security models. This ensures that only allowed users have access to the right information, and maintains data confidentiality.

The SAP BusinessObjects BI platform 4.x has a complete, robust security model to facilitate security assignments on different levels. I start by explaining the different security levels available in the SAP BusinessObjects BI platform 4.x (object level, application level, and Universe level). (This article is the first of a three-part series; I explain the Universe-level security details in the second and third installments.)

Configuring security on the object level allows you to control access to different objects stored in the SAP BusinessObjects BI repository, such as reports, dashboards, Universes, and so on. Configuring application-level security allows you to control which application features can be accessed by end users, such as edit, refresh, and drill-down. Configuring security profiles in the Universe enforces the implemented security rules on all BI artifacts and documents based on this Universe, such as Web Intelligence reports, Crystal Reports, dashboards, SAP BusinessObjects Lumia visualizations, SAP BusinessObjects Design Studio dashboards, and mobile BI documents (reports and dashboards).

This article is the first part of a three-part series. This series, along with some other BI Expert content that I’ll point you to, provides you with a comprehensive, handy master guide for security implementation in the SAP BusinessObjects BI platform.

You will learn:

  • About the enterprise security model in the SAP BusinessObjects BI platform
  • About the different security levels in SAP BusinessObjects BI platform 4.x
  • The difference between authentication and authorization
  • How to access the Central Management Console (CMC) to administrate and configure enterprise security
  • The ideal cases for each security level
  • The different types of object-level security
  • Why you need to create—and how to maintain—a security matrix

An Overview of Security Levels in the SAP BusinessObjects BI Platform 4.x

There are many security levels and layers in the SAP BusinessObjects BI platform 4.x to protect information confidentiality and to make sure that information is being accessed only by authorized users. Security starts from the log-in screen, which authenticates and authorizes end users. From there, you can make the security settings for the object-level, application-level, and data-level layers.

Authentication checks the user’s credentials (user name and password) using one of the SAP BusinessObjects BI platform-supported authentication methods (e.g., Lightweight Directory Access Protocol [LDAP], Windows Active Directory (AD), and Enterprise [the user credentials are stored in the SAP BusinessObjects repository in the Enterprise method]), to make sure that the user is eligible to access the system. After this step is completed, the user is able to access the system and then the authorization process starts. In the authorization step, the system checks to make sure the user has sufficient privileges to perform specific actions or to access specific information in the system.

For more information about authentication in the SAP BusinessObjects BI platform, refer to the following BI Expert article by Adam Getz, “4 Ways to Manage Authentication for SAP BusinessObjects Enterprise.”

Taha M. Mahmoud

Taha M. Mahmoud is a PMP, TOGAF, ITIL, and CSM, and a senior BI consultant, BI project manager, and solution architect. He has more than seven years of experience consulting and deploying successful BusinessObjects projects in the banking and telecom industries. Taha is the author of the book, Creating Universes with SAP BusinessObjects.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.