Introduction
In this blog post, we will learn how to configure
Sensitive and
Context Attributes using "
Manage Sensitive Attribute" app which is available with
UI Data Protection Masking for SAP S/4HANA solution.
Prerequisite
UI Data Protection Masking for SAP S/4HANA is a solution that allows you to protect restricted and sensitive data values at field level by masking, clearing, or disabling fields for those users who are not authorized to view or edit this data.
Product “
UI data protection masking for SAP S/4HANA” is used in this scenario to protect sensitive data at field level and must be installed in the S/4HANA system.
The product is a cross-application product which can be used to mask/protect any field in SAP GUI, SAPUI5/SAP Fiori, CRM Web Client UI, and Web Dynpro ABAP.
Requirement
Here, we want to configure
masking and
blocking for Sensitive Business Partners Identification Number in
BUT0ID table in
SE16 transaction based on logged-in users
IP Address information. Also, some sensitive business partner records will be blocked for unauthorized users.
Let’s begin
Configure Logical Attributes
Login to
Fiori Launchpad and click on “
Manage Sensitive Attributes” app available under “
UI data protection masking” catalog.
Maintain Sensitive Attributes
A
Sensitive Attribute is a type of logical attribute that define a field which needs to be configured for UI data protection.
- Enter “LA_BP_SSN” in Sensitive Attribute field
- Enter “BP Social Security Number” in Description field
- Click on “Create” button
- Sensitive Attribute with specified details will be created.
Maintain Mapping to Technical Addresses
In the
Manage Sensitive Attributes application, you can link
technical addresses of fields to sensitive attributes. A
technical address describes the exact technical path or technical information which is used by the solution to process the field for UI data protection masking.
To find the technical addresses for
SAP GUI screens, navigate to the field and choose
F1, then the
Technical Information icon. The system displays the relevant information.
Under , choose the Add icon.
Use the the value help to select the table name and the field name. You can also enter the referenced transaction codes as a comment to describe the mapping.
Mass Configuration
For mass configuration, select the Mass Configuration icon. The system generates additional customizing for SAP GUI and data element entries. Once the application will be refreshed, entries will get listed under Module Pool.
- Select the record and click on “Mass Configuration” button
Maintain Context Attributes
In the
Manage Sensitive Attributes application, you can create and update
context attributes, and map them to
sensitive attributes.
A
context attribute is a type of logical attribute which is used to define the context within which a sensitive attribute is to be protected.
- To assign a context attribute to a sensitive attribute, under Context Attributes, choose the Add icon.
- To create a new context attribute, select Create New, enter the name of the context attribute beginning with LA_ and a description.
- Open a context attribute by tapping the arrow next to it and under Technical Mapping, you can map technical addresses to the context attribute in the same way we did for sensitive attribute
Conclusion
In this blog post, we have learnt how to configure
Sensitive and
Context Attributes using
Manage Sensitive Attributes app.