Beginners Guide On BI Security

Beginners Guide on BI Security
Applies to:
SAP Business Intelligence 7.0
For more information, visit the Security homepage.
Summary
In this unit we will focus only the options for securing SAP BI administrator and the system security
requirements for BI.Here it will List the types of tasks required by administration users and describe how to
secure those tasks.
Author:
Ashok Dalai
Company: Intelligroup Inc

Created on: 06 October 2008
Author Bio
Ashok Dalai has more than 3 and half years of experience. He has good understanding of SAP R3 and
NetWeaver Components. He worked in r3 security, BI security and CRM security and currently working for
Intelligroup Inc as a Basis Consultant.
SAP COMMUNITY NETWORK

2008 SAP AG
SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com

1
Table of Contents
Course Overview ................................................................................................................................................3
Securing Data Warehousing Workbench Objects ..............................................................................................4
Data Warehousing Objects Secured with S_RS_ADMWB.............................................................................4
Authorization Object S_RS_ICUBE ................................................................................................................6
Authorization Object S_RS_DS2 ....................................................................................................................9
Authorization Object S_RS_DTP ..................................................................................................................10
Authorization Object S_RS_ISNEW .............................................................................................................11
Authorization Object S_RS_ISRCM..............................................................................................................13
Authorization Object S_RS_TR ....................................................................................................................14
Authorization Object S_RS_IOBJ .................................................................................................................15
Securing Process Chains..............................................................................................................................16
Authorization Object S_RS_OHDST.............................................................................................................17
Securing Master Data and Documents .........................................................................................................18
Securing BI Documents ................................................................................................................................20
System Communication Security ..................................................................................................................21
BI Security Setup .......................................................................................................................................................21
Other SAP Security Set Up ........................................................................................................................................21
RFC Destinations.......................................................................................................................................................22
Using the <RFC_DESTINATION>_DIALOG Destination ...........................................................................................23
Related Content................................................................................................................................................24
Disclaimer and Liability Notice..........................................................................................................................25

2008 SAP AG

2
Course Overview
There are two major types of authorizations in BI. One type focuses on Administrative users and another
type focuses on Reporting users. Authorizations for Administrative users in many ways Parallel to mySAP
ERP security, but securing BI reporting users is much different. In this unit we will focus only the options for
securing SAP BI administrator and the system security requirements for BI. Here it will List the types of tasks
required by administration users and describe how to secure those tasks.
1. Explain how to secure Data Warehousing Workbench objects such as InfoProviders, Data Transfer
2. Processes, DataSources, Open Hub Destinations and Process Chains.
3. Explain how to protect maintenance of Master Data and Documents.
4. Briefly describe how to secure Information Broadcasting distribution and Data Mining Objects.
5. Explain the required security set up for communication between BI and other systems.
6. Explain the RFC destinations required.

2008 SAP AG

3
Securing Data Warehousing Workbench Objects

BI Administrators must have access to DataWarehousing Workbench objects, such as InfoProviders, Data
Transfer processes, Process Chains, Reporting Agent objects, Open Hub destinations, and DataSources.
Administrators must also create and maintain many other DataWarehousing objects. Authorization object
S_RS_ADMWB protects these objects. There are only 2 fields attached to this authorization object: Data
Warehousing object, and activity. However, this authorization object secures many different Data
Warehousing objects.
Data Warehousing Objects Secured with S_RS_ADMWB
SourceSys Source system

InfoObject InfoObject
Monitor Monitor
ApplComp Application component
InfoArea InfoArea
Workbench Data Warehousing Workbench
Settings Settings
MetaData Metadata
InfoPackag InfoPackage and InfoPackage group
RA_Setting Reporting Agent setting
RA_Package Reporting Agent package
DOC_META Documents for metadata
DOC_MAST Documents for master data
DOC_HIER Documents for hierarchies
DOC_TRAN Documents for transaction data
DOC_ADMIN Administration of document storage
CONT_ADMIN Administration of BI Content systems
CONT_ACT Installation of BI Content
BR_SETTING Broadcast settings (not including your own settings, which have one of the following distribution
types: Broadcast E-Mail, Broadcast to Portal, Broadcast to Printer)

USE_DND Drag and drop to InfoAreas and application components
Note: For authorizations at naming convention level, you need to note the following:
User A can edit InfoProviders that lie in InfoAreas with prefix /AB/. User A cannot edit an InfoProvider that lies in
InfoArea /CD/. However, if the user has drag and drop authorization, the user can move the InfoProvider from /CD/
to /AB/ and edit it from there.
CNG_RUN Attribute change run

REMOD_RULE Modeling Rule "Modeling Rule" for the remodeling tool
IMG_BI BI-relevant activities in the IMG (Customizing)
OLAP_CACHE OLAP cache objects
BIA_ZA BI accelerator monitor checks and activities

2008 SAP AG

4
Activity:
Specifies whether you are permitted to display or maintain a subobject
Display Source System (Activity = 03)

Display InfoObject (Activity = 03)
Display Monitor (Activity = 03)
Display Reporting Agent Setting (Activity=03)
Display Reporting Agent Package (Activity=03)
Display Documents for Metadata (Activity=03)
Display Documents for Master Data (Activity=03)
Display Documents for Hierarchies (Activity=03)
Display Documents for Transaction Data (Activity=03)
Maintain Source System (Activity = 23)
Maintain Application Component (Activity = 23)
Maintain InfoArea (Activity = 23)
Maintain InfoObject (Activity = 23)
Maintain Settings (Activity = 23)
Maintain InfoPackage (Group) (Activity = 23)
Maintain Reporting Agent Setting (Activity=23)
Maintain Reporting Agent Package (Activity=23)
Maintain Documents for Metadata (Activity=23)
Display Documents for Metadata (Activity=03)
Maintain Documents for Master Data (Activity=23)
Display Documents for Master Data (Activity=03)
Maintain Documents for Hierarchies (Activity=23)
Display Documents for Hierarchies (Activity=03)
Maintain Documents for Transaction Data (Activity=23)
Display Documents for Transaction Data (Activity=03)
Manage Document Storage (Activity=23)
Manage Content Systems (For example, Switch to Content System) (Activity=23)
Install BI Content (Activity = 63)
Display Broadcast Settings (Activity=03)
Execute Broadcast Settings (Activity=16)
Maintain Broadcast Settings (Activity=23)
Execute Data Warehousing Workbench (Activity = 16)
Update Metadata (Activity = 66)
Drag and drop to InfoAreas and Application Components in the DW Workbench (Activity = 16)
Start Attribute Change Run (Activity = 16)
Display OLAP Cache Objects (Activity = 03)
Delete OLAP Cache Objects (Activity = 06)
Display BI Accelerator Monitor Check Results (Activity = 03)
Execute BI Accelerator Monitor Actions (Activity = 16)

2008 SAP AG

5
Authorization Object S_RS_ICUBE

Authorization object S_RS_ICUBE protects InfoCubes and the InfoCube sub-objects. Using this
authorization object, you can restrict work with the InfoCubes or their subobjects.
The object contains four fields
InfoArea:
o
InfoCube:
o
Here you enter the InfoArea key for which the user can edit InfoCubes.
A user is permitted to edit the InfoCubes that you specify here.
Notes on InfoCube:
o
You use this subobject to specify the part of the InfoCube that the user is permitted to edit. The
following subobjects exist:
Definition - Definition
UpdateRule - Update rules
Aggregate - Aggregate
Data - Data
ExportISrc - Export DataSource
Chavlrel - Characteristic relationships (planning relevant)
Dataslice - Data slices (planning relevant)
DAP - Data archiving process (modeling)

2008 SAP AG

6
Activity:
Specifies whether you are permitted to display, delete, or update a subobject.
Display InfoCube Definition (activity = 03)
Display InfoCube Update Rules (activity = 03)
Maintain InfoCube Data (Manage InfoCube) (activity = 23)
Display InfoCube Aggregate (activity = 03)
Delete InfoCube Data (activity = 06)
Maintain InfoCube Definition (activity = 23)
Maintain InfoCube Update Rules (activity = 23)
Maintain InfoCube Aggregate (activity = 23)
Maintain InfoCube Export DataSource (activity = 23)
Update InfoCube Aggregate (activity = 66)
Display InfoCube Characteristic Relationships (activity = 03)
Maintain InfoCube Characteristic Relationships (activity = 23)
Deactivate InfoCube Characteristic Relationships (activity = 63)
Display InfoCube Data Slices (activity = 03)
Maintain InfoCube Data Slices (activity = 23)
Deactivate InfoCube Data Slices (activity = 63)

2008 SAP AG

7
Some other important authorization object related to Data Warehousing Workbench objects.

2008 SAP AG

8
Authorization Object S_RS_DS2

Authorization to secure datasources is S_RS_DS2. Using this authorization object, you can restrict work with
the new DataSource or its subobjects.
The object contains three fields:
DataSource: Enter the name of the DataSource that a user is allowed to edit.
Source System: Specify the name of the source system for which a user is allowed to edit DataSources.
DataSource Subobject: When you specify a subobject, you specify the part of the DataSource that the user is
permitted to edit. There are the following subobjects:
DEFINITION: Definition
DATA: Data
INFOPACK: InfoPackage
Activities:
Display DataSource definition (activity = 03)
Maintain DataSource definition (activity = 23)
Display PSA data (activity = 03)
Maintain PSA data (activity = 23)
Delete PSA data (activity = 23)
Request data (activity = 49)
Display DataSource InfoPackage (activity = 03)
Maintain DataSource InfoPackage (activity = 23)

2008 SAP AG

9
Authorization Object S_RS_DTP

The authorizations assigned for the Data Transfer Process (DTP) object, S_RS_DTP, have a higher priority
than the authorizations for the underlying objects. Users that have a DTP authorization for a source/target
combination do not need read authorization for the source object or write authorization for the target object to
execute the DTP.
With this authorization object you can restrict work with the data transfer process (DTP).
The object contains seven fields:
Type of Source: Specify the type of source here that which a user can create a DTP
Subtype of the Source: Here, specify the subtype of the source for which a user can create a DTP.
Source: Specify the name of the source for which a user can create a DTP
Type of Target: Specify the type of target here for which a user can create a DTP
Subtype of the Target: Specify the subtype of the target for which a user can create a DTP.
Target: Specify the name of the target for which a user can create a DTP
Activities:
Display DTP definition (activity = 03)
Maintain DTP definition (activity = 23)
Execute DTP (activity = 16)
Note that the subtypes currently only exist for the type InfoObject. Possible alternatives are ATTRIBUTES, and
HIERARCHIES.
If no InfoObject was selected as type the standard setting '*' is to be selected.

2008 SAP AG

10
The authorizations assigned for the DTP object have a higher priority than the authorizations for the
underlying TLOGO objects. Users that have DTP authorization for a source/target combination, thus
require no read authorization for the source object and no write authorization for the target object for
execution of the DTP.
Authorization Object S_RS_ISNEW

Authorization to secure InfoSource is S_RS_ISNEW. (Release > BW 3.x)
The authorization object includes three fields:
Application component: Enter the key for the application component here for which a user can
edit InfoSources.
InfoSource: Specify the InfoSources here that a user can edit.
Activities:
Display InfoSource (Activity = 03)
Maintain InfoSource (Activity = 23)
You can use the authorization object S_RS_ISOUR to restrict the handling of InfoSources with
flexible updating and their subobjects.
The authorization object contains four fields:
Application component: Enter the application component key here for which a user is allowed to edit
InfoSources.
InfoSource: Enter the InfoSources with flexible updating the user is allowed to edit here.
Subobject for InfoSource: You use the subobject to specify the part of the InfoSource that the user is
allowed to edit.

2008 SAP AG

11
The following subobjects exist:
Definition Definition
CommStruc Communication structure
TrnsfrRule Transfer rules
Data Data
InfoPackag InfoPackage
MetaData Metadata
Activity: Determines whether you are allowed to display maintain, request or update a subobject:
Display InfoSource definition (Activity = 03)
Display InfoSource communication structure (Activity = 03)
Display InfoSource transfer rules (Activity = 03)
Display InfoSource data (Activity = 03)
Maintain InfoSource definition (Activity = 23)
Maintain InfoSource communication structure ,(Activity = 23)
Maintain InfoSource transfer rules (Activity = 23)
Maintain InfoSource InfoPackage (Activity = 23)
Maintain InfoSource data (Activity = 23)
Delete InfoSource data (Activity = 06)
Request InfoSource data (Activity = 49)
The display and maintenance of the InfoSource data is checked in the PSA tree and in the monitor.

2008 SAP AG

12
Authorization Object S_RS_ISRCM

Authorization object S_RS_ISRCM you can restrict handling of InfoSources with direct updating (for master
data) or with their subobjects.
The object contains four fields:
Application components: Here you enter the application component key for which a user is allowed to
edit master data InfoSources.
InfoSource: A user is allowed to edit the master data InfoSources you specify here.
Subobject for the InfoSource: You can use the subobject to specify the part of the InfoSource the
user is allowed to edit.

The following subobjects are available:
TrnsfrRule Transfer rules
Data Data
InfoPackag InfoPackage
MetaData Metadata
Activity: Determines whether you are allowed to display, maintain, request or update a subobject:
Display InfoSource transfer rules (Activity = 03)
Display InfoSource data (Activity = 03)
Maintain InfoSource transfer rules (Activity = 23)
Maintain InfoSource InfoPackage (Activity = 23)
Maintain InfoSource data (Activity = 23)

2008 SAP AG

13
Delete InfoSource data (Activity = 06)
Request InfoSource data (Activity = 49)
Display and maintenance of InfoSource data is checked in the PSA tree and in the Monitor.
Authorization Object S_RS_TR

With the authorization object S_RS_TR you can restrict working with the transformations.
The object contains seven fields:
Type of Source: Enter the type of source here for which a user can create a transformation
Subtype of Source: Specify the subtype of the source here for which a user can create transformation
rules.
Source: Enter the name of the source for which a user can create a transformation.
Type of Target: Specify the type of target for which a user can create a transformation here
Subtype of Source: Specify the subtype of the target for which a user can create a transformation.
Target: Specify the name of the target for which the user can create a transformation
Activities:
Display transformation rules (Activity = 03)
Maintain transformation rules (Activity = 23)
Note: That subtypes only exist for the TLOG type InfoObject. Possible alternatives are "ATTRIBUTES", "TEXTS" and
"HIERARCHIES".
If no InfoObject was selected as a TLOGO type the standard setting '*' should be selected

2008 SAP AG

14
Authorization Object S_RS_IOBJ

You can use the authorization object S_RS_IOBJ to restrict how users work with InfoObjects and their subobjects.
The object has four fields:
InfoObjectCatalog: This is where you specify the key of the InfoObject catalog that a user is
authorized to work with.
InfoObject: A user is authorized to work with the InfoObjects that you specify here.
Sub-object of the InfoObject: You use the sub-object to specify the parts of the InfoObject that a user
is permitted to work with.

There are the following sub-objects:
Definition
UpdateRule
Activity: Determines whether a user is allowed to display, delete, maintain, or update a sub-object.
Display InfoObject-Definition (Activity = 03)
Maintain InfoObject-Definition (Activity = 23)
Display InfoObject-Update Rules (Activity = 03)
Maintain InfoObject-Update Rules (Activity = 23)
Note: This authorization object is checked only if the user is not authorized to maintain or display InfoObjects
(authorization object: S_RS_ADMWB-InfoObject, activity: maintain/display)

2008 SAP AG

15
Securing Process Chains

For the administration processes that are included in a process chain, authorization for authorization object
S_RS_ADMWB is required.
To create and maintain process chains, authorization for authorization object S_RS_PC is required. This
authorization object determines whether process chains can be displayed, changed or executed, and
whether logs can be deleted.
The object includes four fields:
Process chain:
o
Application Components:
o
Here you enter the name of the process chain that a user can edit.
Here you enter the name of the application components the process chains of which a user can edit.
Subobject of the process chain:

o
With the subobject, you specify the part of the process chain that can be edited by the user. The
following subobjects exist:
Definition - Metadata of process chain
Protocols - Protocols of process chains
Runtime
- Execution of process chain
Activity:
Determines whether you can display, delete or maintain a subobject.

o
Display process chain definition (activity = 03)
Maintain process chain definition (activity= 23)
Delete protocols for a process chain (activity = 06)
Execute or schedule a process chain (activity = 16)

2008 SAP AG

16
Authorization Object S_RS_OHDST

With the authorization object S_RS_OHDST you can restrict working with an Open Hub Destination or its
subobjects.
The object contains four fields:
Open Hub Destination:

o
Logical Target System for Open Hub:

o
Here you enter the name of the Open Hub Destination that a user can edit.
Here you enter the name of the logical target system for which a user can edit the Open Hub
Destinations.
Subobject for Open Hub Destination:

o
With the subobject, you specify the part of the Open Hub Destination that can be edited by the user.
The following subobjects exist:
Definition - Metadata for the Open Hub Destination
Data - Data
Activity:
Determines whether you are allowed to display, delete or maintain a subobject.

o
Open Hub Destination- Display definition (Activity = 03)
Open Hub Destination-Maintain definition (Activity= 23)
Display data for an Open Hub Destination (Activity = 03)
Maintain data for an Open Hub Destination (Activity= 23)

2008 SAP AG

17
Securing Master Data and Documents

In order to be able to change or display master data, authorization checks are made. Authorization
assignments and checks are defined by characteristic, or by characteristic value.
To grant authorizations for characteristics, activate authorization assignment by setting Authorization Check
indicator in the Master Data/Texts tab page.
The next step is to create a role with the authorizations.

2008 SAP AG

18
Two authorization objects exist for this:
S_RS_IOMAD a blanket authorization check takes place for a characteristic.
S_TABU_LIN an authorization check takes place by characteristic value.
With authorization checks by characteristic value, the system generates an organization criterion for the
characteristic. The organization criterion generates a connection between table key fields and the
authorization fields for the authorization object S_TABU_LIN.
Using authorization object S_TABU_LIN you are able to enter characteristic values in each key field of the
master data table for which the user is to have authorization. Do this in the profile generator in role
maintenance. In this way you are able to use authorizations to protect the maintenance and display of master
data/ texts for this characteristic at single record level.
Characteristic values for which the user has no authorization are then not displayed in the input helps either.
To grant authorizations for characteristics, proceed as follows:
Activate authorization assignment by characteristic value by setting the Master Data Maintenance with
Authorization Check indicator in the Master Data/Texts tab page. Activate the characteristic.
In Role Maintenance (Transaction PFCG): For blanket authorizations for characteristics, add authorization
object S_RS_IOMAD to the role. For authorizations for single characteristic values, add authorization object
S_TABU_LIN to the role.

2008 SAP AG

19
Securing BI Documents
In order to edit documents in the Documents functional area of the Data Warehousing Workbench, the user
needs authorization for the authorization object S_RS_ADMWB,
Data Warehousing Workbench Object, with the following:
Metadata: DOC_META
Authorization to display or to edit a metadata object also authorizes the user to display or edit the documents
for these metadata objects. Valid activities are: 03 (display), 23 (maintain)
Master data: DOC_MAST
Authorization to display or to edit in specific master data also authorized the user to display or edit the
documents for these characteristic values. Valid activities are: 03 (display), 23 (maintain)
InfoProvider data: DOC_TRAN
Authorization objects for transaction data, InfoProviders, are not delivered. They are created as required
using Analysis Authorizations (RSECADMIN).
Each analysis process is only valid for the application for which it was created. The authorizations are also
assigned specific to an application and are protected with authorizations object RSANPR.
The only authorization necessary for the online execution of broadcasting settings is the authorization for the
execution of the underlying reporting objects (for example, the Web template). Any user that has
authorization to create background jobs also has authorization for direct scheduling in the background. The
authorization object S_BTCH_NAM is required for regular scheduling in background jobs.

2008 SAP AG

20
System Communication Security

This lesson will discuss security regarding communication between BI and other systems.
As data is being extracted from source systems and transferred into BI, you want to ensure that the data is
adequately protected. You need to understand the RFC destinations and how they are affected by security.
To set up system security, you must set up security for all SAP source systems sending data to BI, in
addition to setting up security on BI.
BI Security Setup
In BI, you should create a system (not a dialog) user called BWREMOTE.
BWREMOTE should have the authorization profile S_BI-WHM_RFC.
Note: S_BI-WHM_RFC is a profile, not a role.
This profile will give user BWREMOTE the access needed to extract from an OLTP system. The profile also
provides the access required for staging steps to get the data into InfoCubes.
Other SAP Security Set Up
You must set up a user on each SAP system sending data to BI. This includes mySAP ERP, Customer
Relationship Management (CRM), Supplier Relationship Management (SRM), Advanced Planning Optimizer
(APO), R/3 or any other component SAP system that is sending data to BI. On each of these systems, you
should create a system user called BWALEREMOTE.
This user should have the authorization profile S_BI-WX_RFC.
Note: S_BI-WX_RFC is a profile, not a role.
This profile will give user BWALEREMOTE the access needed to connect and send data to the BI system.
It is permissible to use a different name for the users BWREMOTE and BWALEREMOTE. What matters is
that the user in BI has the profile S_BI-WHM_RFC and the user in the other SAP system has the profile
S_BI-WX_RFC.

2008 SAP AG

21
RFC Destinations
RFC (Remote Function Call) destinations tell BI where the source systems are physically located. RFC
destinations on the SAP source system tell the source system where the BI system is physically located.
RFC destinations define where the other systems reside and how to log on to the other systems.
Setting up RFC destinations is normally not the responsibility of the security administrator. However, the
security administrator normally creates the user that is used in the RFC destinations.
The following graphic shows transaction code SM59 on a BI system. This RFC destination is pointing to an
SAP system by providing the location of the system and details on how to log on to that system. Whenever
this RFC destination is used, you see BWALEREMOTE, who is logged on to the SAP system. The extraction
program that uses the RFC destination has access to all objects to which the user BWALEREMOTE has
access.

2008 SAP AG

22
Using the <RFC_DESTINATION>_DIALOG Destination

The RFC destination we discussed is used for data extraction. The user IDs involved should be set up as
system users. A system user ID cannot log on to a system via a normal GUI screen. The user ID is only for
background communication. These user IDs are used exclusively for data extraction processes. Data
extraction, however, is only one of the processes that may require communication between BI and another
system. For other system-to-system communication processes in BI, there is another RFC destination
defined: the <RFC_DESTINATION>_DIALOG destination.
One of the features of BI reporting that relies on system-to-system communication is Query Drill-Through
(also referred to as jump targets). With Query Drill-Through, the reporting user can select a line on a BI query
result and jump to other queries in BI, or even to other reports or transactions in mySAP ERP. For example,
the user may run a BI query showing key figures by material. If configured properly, the user could select a
particular material on the report and then ask to jump to mySAP ERP and display the material master record.
In this case, BI has to be able to communicate with mySAP ERP in order to log on and execute the
transaction code to display the material master record. Another case where the
<RFC_DESTINATION>_DIALOG destination is required involves the monitoring of the data extracted from
the source systems. The BI administrator can do this from the BI system.
Status indicators from the extraction process are stored in IDOC format. In the BI Monitoring screen, there is
an OLTP button. This will connect the BI administrator to mySAP ERP so that the administrator can monitor
the IDOCS on that system. Whenever the SAP BW administrator selects OLTP, the RFC destination
<RFC_DESTINATION>_DIALOG is invoked. The following figure depicts the screen from the monitor
function where this RFC destination is being used.
When setting up the RFC destination <RFC_DESTINATION>_DIALOG, you have some choices regarding
the user ID specified: Force the user to always log on to mySAP ERP after selecting OLTP by leaving the
User field blank in <RFC_DESTINATION>_DIALOG.
Create a generic user in mySAP ERP with access to monitor IDOCS; use this user in the
FC_DESTINATION>_DIALOG destination.
In the RFC destination, select Current User. This will use the current BI user's user ID to log them on to
mySAP ERP.
You must decide how you want the BI user to log on to mySAP ERP from BI to perform the requested task,
whether that is jumping from report to report or monitoring the IDOCS generated with data extraction. If you
use Current User, the system tries to use the same user ID in BI and mySAP ERP. If this is successful, the
BI user can work in mySAP ERP with the usual access rights. If the user ID does not exist in mySAP ERP,
then the user will be prompted for a user ID and password.

2008 SAP AG

23
Related Content
http://service.sap.com/security
http://service.sap.com/securityguide
https://www.sdn.sap.com/irj/sdn/nw-bi
For more information, visit the Security homepage.

2008 SAP AG

24
Disclaimer and Liability Notice

This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not
supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade.
SAP will not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document,
and anyone using these methods does so at his/her own risk.
SAP offers no guarantees and assumes no responsibility or liability of any type with respect to the content of this technical article or
code sample, including any liability resulting from incompatibility between the content within this document and the materials and
services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable with respect to the content of this
document.

2008 SAP AG

25

Beginners Guide On BI Security

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Beginners Guide On BI Security

Uploaded by

Copyright:

Available Formats

Beginners Guide on BI Security

Company: Intelligroup Inc

SAP COMMUNITY NETWORK

SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com