Discovering Integration Security Principles

Objective

After completing this lesson, you will be able to describe principles used in secure integration and communication

Integration Security Principles

This lesson gives an introduction to important information security and integration principles that are vital for secure and reliable communication today.

Key Aspects for Integrated Environments

Working with integrated environments brings special requirements to the network infrastructure and the system setup. Some key factors for successfully working integrations are as follows:

  • Security: Ensure that confidential business data is protected.
  • Reliable Network: In addition to the systems itself, availability of the network is crucial.
  • Performance: Leads to good end user experience, satisfaction, and can save costs.

The reliability and performance of a network are primarily determined by the underlying infrastructure. However, the security of a network is a crucial aspect that relies on the involved and connected systems and their correct setup. Let's have a closer look at the most important principles for secure communication in information technology:

Information Security Principles

  • Confidentiality: Ensuring that information is only accessible to authorized individuals. Measures like authentication, encryption, and access controls are used to ensure confidentiality.
  • Integrity: Maintaining the accuracy and completeness of information by preventing unauthorized modification or tampering. Integrity is maintained through measures like error checking and validation, including cryptographic hash functions.
  • Availability: Ensuring that information and the systems that store and process it are available and accessible to authorized users when needed. This involves maintaining and managing computer systems and networks and implementing measures to prevent and recover from system failures.

These three principles are usually seen as the basic principles of information security. While availability is a topic for system and network administrators, integrity and confidentiality can be achieved with the right network protocol, such as TLS (Transport Layer Security; the successor SSL, Secure Socket Layer).

The main goals of TLS are as follows:

  • Encrypting the data, which secures it from eavesdropping.
  • Verifying the communication counterpart, which leads to a trust relationship. This can be achieved by authentication.
The main goals of TLS: Authenticated Trust and Encrypted security.

How TLS establishes authenticated trust for secure, encrypted communication.

When sending data, we need to make sure that:

  • the expected sender sends data
  • to the expected receiver
  • without eavesdropping, manipulation, or loss of data in between.

This applies to all communication between two systems, no matter if it's two business systems working together in an integration scenario or simply a client computer with a web browser that connects to a web server.

Log in to track your progress & complete quizzes

Learning

SAP FacebookSAP YoutubeSAP LinkedIn