Introduction to BW
SAP Business Information Warehouse or SAP BW or SAP BI is the Business Intelligence and Data Warehousing Product in SAP Netweaver Suite. Being an OLAP system, it has it own security requirements which are often different from a standard OLTP system like SAP ECC and hence this separate discussion. However, before getting into the nitty-gritties of BW security, let us first take some time off to discuss data warehousing in general and how SAP implements it the SAP BW solution.
A data warehouse (DW) is a database used for reporting. Its usually separate from a database used to store transactional data as the goals of reporting is significantly different from OLTP systems. While OLTP systems are optimized for preservation of data integrity and speed of recording of business transactions through use of database normalization and an entity-relationship model, OLAP systems are optimized for speed of data analysis. Frequently data in data warehouses are denormalised via a dimension-based model. Also, to speed data retrieval, data warehouse data are often stored multiple times—in their most granular form and in summarized forms called aggregates. Data warehouse data are gathered from the operational systems and held in the data warehouse even after the data has been purged from the operational systems.
Having a separate data warehouse system is beneficial in many respects
- A data warehouse provides a common data model for reporting irrespective of the source of data. Its common that data from multiple operational systems are loaded into a central data warehouse.
- A data warehousing solutions helps in the implementation of an efficient decision support systems where key users get access to key data about the enterprise to understand past histories and make future forecasts.
- Its typical that reporting on historical data is time intensive. A separate data warehouse allows execution of complex queries without unduly affecting performance of operational systems.
The structure of the SAP BW solution can be divided into the four general layers given below. Each of these layers come with their own tools and will be discussed in the next article.
- Extraction, Transformation and Load (ETL) layer is used for extracting data from one or more sources, applying transformation rules on extracted data and loading it into the Data Warehouse Area.
- Data Warehousing layer consists of various SAP BW specific data structures (e.g. Data Store Objects, InfoObjects, InfoCubes, etc) to store information.
- Presentation layer which comes with tools to analyze data stored in the data warehouse and allows creation and presentation of reports for end users.
- Planning and analysis capabilities – In addition to reporting, the latest version of SAP BW provides capabilities for the user to create planning scenarios and perform tasks such as budget calculations.
A related development in the history of SAP BW was SAP’s acquisition of Business Objects (BO). BO has introduced a number of new presentation tools into the SAP Business Intelligence landscape like Crystal Reports, Xcelcius, InfoView. Other than Crystal Reports which introduces some new security concepts, most of the other tools allows the use of the current security model used for BW in general.
Hi Aninda
Can you please provide the SAP BW Security related table’s name.
Thanks in advance.
Regards
Sachin
Hi Sachin,
Most of the security related tables like the AGR and USR tables are used in BW. Other than that you have RSECVAL table for storing analysis authorization values.
There are tables which give the auth relevant characteristics of individual characteristics, navigational attributes and also for infoprovider-characteristic mappings but at this moment I don’t recall the exact table names and don’t have access to a live BW system to search for them.
I can suggest going into SE12 and looking into the RS* tables. You will get the actual names there.
Regards,
Aninda
Hi Aninda,
Great Job, Thanks alot for sharing your knowledge.
Hi Aninda….
YOu have done a great job…
Very few people share their knowledge…. Youre one among them…
Your notes on SAP are very simple and easy to understand…
THanks is a very small word I guess…
Regards
nanda
Hi Aninda,
You are going a wonderful job. All your posts are awesome and very useful in day-to-day activities.
Can you please post some material on GRC Process Control ..
Very limited material is available on the same .
Regards,
pranab
Hi Pranab,
Unfortunately for me, I have not used Process Control yet 🙁
Regards,
Aninda
Thanks alot for sharing your knowledge.
Hi Aninda,
You’re doing a great job! Thanks for sharing your knowledge.
If possible, Can you share some material on GRC Access Control 5.3.
Thanks.I don’t have anything on GRC at this point.
Hi Aninda,
Your knowledge on SAP security is very clear and the way you explain is commendable I am a great fan of yours and SAP security pages , Request you to keep us guiding this way its very helpful.
I have a question as well, If a user is logging into firefighter and executing a t-code and is not able to access it and gets an authorization error what could be the reason behind it, Assuming that firefighter has SAP ALL access.
Regards
S Sridhar
I would start with running SU53 when you run into the error while logged in as a firefighter. Lets of SAP functionality are controlled by settings other than standard authorizations. If SU53 looks clean, it might be one of such situations
Describe BI architecture and how it relates to your security policies
Is this an interview question?