Attribute Based Access Control (ABAC) – Data Blocking Configuration to protect Sensitive Business Partners from Unauthorized Users

UI data protection masking for SAP S/4HANA, Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction In this blog post, we will learn how to configure Data Blocking through Manage Sensitive Attributes app provided by UI Data Protection Masking for SAP S/4HANA 2011 solution based on Attribute Based Authorization Control(ABAC) concept. Manage Sensitive Attributes app The Manage Sensitive Attributes application allows you to maintain configuration for UI data protection in […]

Continue reading


Attribute Based Access Control (ABAC) – Data Block scenario in ALV Tree program of SAP GUI

Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction In this blog post, we will learn how to configure Data Blocking through Manage Sensitive Attributes app provided by UI Data Protection Masking for SAP S/4HANA 2011 solution based on Attribute Based Authorization Control(ABAC) concept. Manage Sensitive Attributes app The Manage Sensitive Attributes application allows you to maintain configuration for UI data protection in […]

Continue reading


UI Data Protection – How to protect sensitive data displayed in PDF Forms

SAP GRC, SAP S/4HANA

Introduction In this blog, we will learn how to configure masking in PDF Forms to protect the sensitive information displayed in it. Adobe Forms are used frequently in SAP to generate Portable Document Format (PDF) files of various business documents like Invoices, Order Confirmations, Account Statements, Purchase orders etc. In this blog, we will see […]

Continue reading


Attribute Based Access Control (ABAC) – Field Masking Scenario in Change Log (CDPOS table) in SE16 transaction

S/4HANA, SAP GRC

Introduction In this blog post, we will learn how to mask “New Value” and “Old Value” fields based on “Object Class” and “Field Name” field information of table CDPOS in SE16. “New Value” and “Old Value” fields of table CDPOS in SE16 transaction need to be masked where “Object Class” is “MATERIAL” and “Field Name” […]

Continue reading


Attribute Based Access Control (ABAC) – Mask Identification Number of Sensitive Business Partners based on Users IP Address

Governance, Risk, Compliance (GRC), and Cybersecurity

Introduction As part of this blog, we will compare logged-in user’s IP Address attribute with attributes of data that logged-in user is trying to access. As example, we have considered a scenario where sensitive Business Partners Identification Number data will be masked for logged-in user if logged-in user’s IP Address is in the blacklist. These […]

Continue reading