SAP NetWeaver supports a variety of standards and protocols to ensure secure interoperability between systems. These include:
Transport Layer Security (TLS) / Secure Socket Layer (SSL) protocols: TLS and its predecessor SSL are cryptographic protocols that provide secure communications on the Internet.
Generic Security Services Application Programming Interface (GSSAPI): GSSAPI is an application programming interface for programs to access security. SAP supports the GSS-APIv2 standard with its Secure Network Communication (SNC).
Security Assertions Markup Language (SAML): SAML is an industry standard ratified by OASIS (Organization for Advancement Structured Information Sciences). This XML-based framework provides a standard way to define user authentication, entitlements, and attribute information in XML documents. SAP NetWeaver Application Server supports SAML for authentication.
Java Authentication and Authorization Service (JAAS): JAAS is a Java API that allows defining services for authenticating users and granting authorizations. SAP NetWeaver Application Server supports JAAS for authentication.
Kerberos: Kerberos is a computer network authentication protocol, which allows individuals communicating over a non-secure network to provide their identity to one another in a secure manner. SAP NetWeaver Application Server supports Keberos for authentication.
X.509 Digital Certificates: X.509 is an international standard for digital certificates to authenticate digital signatures. SAP NetWeaver supports x.509 digital certificates for authentications of users and systems.
Secure Multipart Internet Message Extensions (S/MIME): S/MIME is a proposed protocol for embedding cryptographically protected messages in Internet e-mail. SAP supports the use of this protocol for digital signature functionality and encryption.
Public Key Cryptography Standard #7 (PKCS#7) - PKCS#7 is a cryptographic message syntax standard for data that has cryptography applied to it, such as a digital signature. SAP implements Public Key Cryptography Standard #7 compliant technology in the Secure Store and Forward (SSF) interface. SSF allows SAP systems to protect data and documents, even outside of the SAP system, using digital signatures and encryption. This protection is provided by an external, SAP certified security product via the SSF interface.
XML Signature: The XML
Signature initiative, currently progressing through the
standardization process, is a joint working group formed by the
World Wide Web Consortium (W3C) and the Internet Engineering Task
Force (IETF). The standard defines a schema for capturing the
result of a digital signature operation applied to arbitrary (but
often XML) data. A fundamental feature of XML Signature is the
ability to sign only specific portions of the XML tree rather than
the complete document. SAP NetWeaver Application Server supports
the XML signature.
Lightweight Directory Access Protocol (LDAP): LDAP is the protocol used to access directory services. SAP NetWeaver Application Server supports LDAP for user management area.
Service Provisioning Markup Language (SPML): SPML is an OASIS framework developed to exchange user data. SAP NetWeaver Application Server supports SPML.