Security Guide SAP Real-Time Offer Management Document Version: 1.0 – 2016-06-10 PUBLIC SAP Real-Time Offer Management 7.1 SP02 Target Audience: System Administrators, Technology Consultants
Security Guide
SAP Real-Time Offer Management
Document Version: 1.0 – 2016-06-10
PUBLIC
SAP Real-Time Offer Management 7.1 SP02 Target Audience: System Administrators, Technology Consultants
2
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Typographic Conventions
Typographic Conventions
Type Style Description
Example Words or characters quoted from the screen. These include field names, screen titles,
pushbuttons labels, menu names, menu paths, and menu options.
Textual cross-references to other documents.
Example Emphasized words or expressions.
EXAMPLE Technical names of system objects. These include report names, program names,
transaction codes, table names, and key concepts of a programming language when they
are surrounded by body text, for example, SELECT and INCLUDE.
Example Output on the screen. This includes file and directory names and their paths, messages,
names of variables and parameters, source text, and names of installation, upgrade and
database tools.
Example Exact user entry. These are words or characters that you enter in the system exactly as they
appear in the documentation.
<Example> Variable user entry. Angle brackets indicate that you replace these words and characters
with appropriate entries to make entries in the system.
EXAMPLE Keys on the keyboard, for example, F2 or ENTER .
SAP Real-Time Offer Management 7.1 SP02
Document History
PUBLIC
© 2016 SAP AG. All rights reserved. 3
Document History
Caution
Before you start the implementation, make sure you have the latest version of this document. You can find the
latest version at the following location: http://service.sap.com/instguides Focused Business
Solutions SAP Real-Time Offer Management .
Version Date Change
1.0 06-10-2016 Initial revision
4
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Table of Contents
Table of Contents
1 Introduction .................................................................................................................................................... 5
2 Before You Start............................................................................................................................................. 7
3 Technical System Landscape ....................................................................................................................... 8
4 User Administration and Authentication .................................................................................................. 10
5 Authorizations ............................................................................................................................................... 11
6 Network and Communication Security ..................................................................................................... 14
7 Data Storage Security ................................................................................................................................. 16
8 Database Security ........................................................................................................................................ 17
9 Trace and Log Files ...................................................................................................................................... 18
SAP Real-Time Offer Management 7.1 SP02
Introduction
PUBLIC
© 2016 SAP AG. All rights reserved. 5
1 Introduction
The SAP Real-Time Offer Management (RTOM) security policy relies on external user management systems that
maintain users and map their credentials to RTOM capabilities. Part of the deployment process may involve
setting the correct authentication and authorization method, and setting the various permission groups to suit the
current customer.
All software layers and access points of the real-time decisioning (RTD) engine, including the definition of
application-level permissions for different user groups, are protected and secured.
This document is not included as part of the installation guide, configuration guide, or upgrade guide. Such guides
are only relevant for a certain phase of the software lifecycle, whereas the security guide provides information that
is relevant for all lifecycle phases.
Why Is Security Necessary?
With the increasing use of distributed systems and the Internet for managing business data, the demands on
security are also on the rise. When using a distributed system, you need to be sure that your data and processes
support your business needs without allowing unauthorized access to critical information. User errors,
negligence, or attempted manipulation on your system should not result in loss of information or processing time.
These demands on security also apply to RTOM. This security guide helps you to secure your RTOM application.
About this Document
The security guide provides an overview of the security-relevant information that applies to RTOM. It comprises
the following main sections:
Before You Start
This section contains information about why security is necessary, how to use this document, and references to
other security guides that provide the foundation for this security guide.
Technical System Landscape
This section provides an overview of the technical components and communication paths that are used by RTOM.
User Administration and Authentication
This section provides an overview of user administration and authentication aspects.
Authorizations
This section provides an overview of the authorization concept that applies to RTOM.
Network and Communication Security
This section provides an overview of the communication paths used by RTOM and the security mechanisms that
apply. It also includes recommendations for the network topology to restrict access at the network level.
Data Storage Security
This section provides an overview of any critical data that is used by RTOM and the security mechanisms that
apply.
6
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Introduction
Trace and Log Files
This section provides an overview of the trace and log files that contain security-relevant information, for example,
so you can reproduce activities if a security breach occurs.
SAP Real-Time Offer Management 7.1 SP02
Before You Start
PUBLIC
© 2016 SAP AG. All rights reserved. 7
2 Before You Start
Fundamental Security Guides
For a complete list of the available SAP Security Guides, see the SAP Service Marketplace at
http://service.sap.com/securityguide.
Additional Information
For more information about specific topics, use the Quick Links in the table below.
Content Quick Link on SAP Service Marketplace
Security http://service.sap.com/security
Security guides http://service.sap.com/securityguide
Related SAP notes http://service.sap.com/notes
Released platforms http://service.sap.com/platforms
SAP Solution Manager http://service.sap.com/solutionmanager
8
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Technical System Landscape
3 Technical System Landscape
The figure below shows an overview of the technical system landscape of RTOM and its integration with business
applications. It includes the RTOM engine (back end), the marketing and reports in SAP CRM (if you have
integrated RTOM with marketing in SAP CRM), the integration with the Interaction Center in SAP Customer
Relationship Management (SAP CRM) (front end and server back end), and the SAP NetWeaver Business
Warehouse (SAP NetWeaver BW) repository (database).
Technical System Landscape Integration of RTOM
Note
In some customer projects, the integration with the Interaction Center in SAP CRM (front-end and server
back-end components) may be replaced by different software (in case SAP CRM is not used by these
customers).
For more information about the technical system landscape, see the resources listed in the following table:
Content Description Location on SAP Service Marketplace
SAP Real-Time
Offer Management
Installation Guide
Information about supported
languages, database installation,
RTOM installation, and completion
of the database setup
http://service.sap.com/instguides
Installation & Upgrade Guides Focused
Business Solutions SAP Real-Time Offer
Management
SAP Real-Time Information about RTOM
SAP Real-Time Offer Management 7.1 SP02
Technical System Landscape
PUBLIC
© 2016 SAP AG. All rights reserved. 9
Content Description Location on SAP Service Marketplace
Offer Management
Configuration
Guide
configuration files and
configuration parameters,
configuration of RTOM profiles
using data sources, business
object mappings, and event
configuration
SAP Real-Time
Offer Management
Application Guide
Information about the RTOM log
viewer and configuration manager
SAP Real-Time
Offer Management
Integration Guide
Information about the RTOM
application toolkit as well as
information about integrating
RTOM with marketing and the
Interaction Center (IC) in SAP
Customer Relationship
Management (SAP CRM) using
Web services.
10
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
User Administration and Authentication
4 User Administration and Authentication
RTOM does not copy any external data related to the customer, agents, or other entities in the organization. User
information and passwords are also not stored in the system. All information is extracted in real time, resides only
in-memory, and is deleted when the user leaves the session or the session expires.
These on-demand concepts minimize the risk of someone accessing the secure data of an enterprise by hacking
into the RTOM systems.
User Management
RTOM requires SAP NetWeaver authentication types. It verifies the existence of users in a SAP NetWeaver
landscape and verifies their passwords.
The authentication configuration is set in the RTOM application server registry, under
HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Authenticator.
SAP NetWeaver Authentication Method
1. In the registry, go to HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Authenticator.
2. Set the Method registry key to SAP.
3. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Authenticator\SAPDestination.
4. Set the following keys to the appropriate SAP logon information:
Key Description
DestinationName SAP NetWeaver system name
Client Client name
Language Language to be used
Example
5. Under HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Authenticator, set:
6. Method = SAP
7. Under HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Authenticator\SAPDestination, set:
o DestinationName = Q0M
o Client = 558
o Language = EN
SAP Real-Time Offer Management 7.1 SP02
Authorizations
PUBLIC
© 2016 SAP AG. All rights reserved. 11
5 Authorizations
SAP CRM Authorizations
Authorization in the SAP Real-Time Offer Management (RTOM) environment can be controlled by authorization
levels defined through the marketing in the SAP CRM authorization tools. The following authorization group
objects exist in the marketing authorization tool in SAP CRM:
Technical Name Authorization Group
Object Description
Optional
Access
Level
Affects RTOM Applications
CRM_RTOM_E_<Optional
access level>
RTOM events and
data sources
Display,
change,
delete
RTOM Application Toolkit –
Events
RTOM Application Toolkit –
Data Sources
CRM_RTOM_M_<Optional
access level>
RTOM monitoring Display,
change,
delete
RTOM Application Toolkit –
Jobs Log
RTOM Log Viewer
RTOM Application Toolkit –
Session Viewer
CRM_RTOM_B_<Optional
access level>
RTOM business
tools
Display RTOM Application Toolkit –
Simulator
CRM_RTOM_L_<Optional
access level>
RTOM landscape Display,
change
RTOM Application Toolkit –
Landscape
RTOM Application Toolkit –
Deployment Parameters
CRM_RTOM_C_<Optional
access level>
RTOM configuration Display,
change,
delete
RTOM Application Toolkit –
Feedback
Configuration Manager
RTOM Application Toolkit –
Business Logic Studio
RTOM Application Toolkit –
Recommendation Parameters
CRM_RTOM_R_<Optional
access level>
RTOM release
configuration
Change RTOM Application Toolkit –
Business Logic Studio
To add this authorization
group object, apply SAP Note
1559106.
Users assigned to this
authorization group are
authorized to change the
12
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Authorizations
Technical Name Authorization Group
Object Description
Optional
Access
Level
Affects RTOM Applications
status of offers to Released.
The MARKETING_PRO role has all the authorization group objects assigned by default and can be used as the
administrator role for the RTOM applications. Note that to be able to use RTOM applications, users must also be
assigned to the S_RFC authorization object.
When RTOM is customized at a specific customer site, authorization profiles should be created with the
appropriate access level and assigned to users. All RTOM applications that belong to the same authorization
group are assigned the same access level, according to the access level selected in the authorization group
profile.
You can access authorization profiles in transaction PFCG under Edit Display Authorizations Change
Authorization Data . Search for *RTOM and edit the relevant profiles.
When a user attempts to log on to RTOM, RTOM sends the user name and password to the SAP system. If the
details are correct, RTOM also retrieves the user authorization profile.
RTOM enables the user to use only the applications for which he or she has authorization in the defined access
level according to his or her authorization profile.
Note
Users that are authorized to use the RTOM log viewer and RTOM configuration manager always receive
full access level, no matter what access level is configured for their authorization group.
Microsoft Windows Authorizations
RTOM can use Microsoft Windows authentication and authorization if Microsoft Windows authentication was
selected as the authentication system during the installation. The RTOM applications that a user can access
depend on which groups the user is assigned to. The following authorization group objects exist:
Technical Name Authorization Group
Object Description
Optional
Access
Level
Affects RTOM Applications
CRM_RTOM_E_<Optional
access level>
RTOM events and
data sources
READ, EDIT,
DELETE
RTOM Application Toolkit –
Events
RTOM Application Toolkit –
Data Sources
CRM_RTOM_M_<Optional
access level>
RTOM monitoring READ, EDIT,
DELETE
RTOM Application Toolkit –
Jobs Log
RTOM Log Viewer
External Cache Viewer
RTOM Application Toolkit –
Session Viewer
CRM_RTOM_B_<Optional RTOM business READ RTOM Application Toolkit –
SAP Real-Time Offer Management 7.1 SP02
Authorizations
PUBLIC
© 2016 SAP AG. All rights reserved. 13
Technical Name Authorization Group
Object Description
Optional
Access
Level
Affects RTOM Applications
access level> tools Simulator
CRM_RTOM_L_<Optional
access level>
RTOM landscape READ, EDIT RTOM Application Toolkit –
Landscape
RTOM Application Toolkit –
Deployment Parameters
CRM_RTOM_C_<Optional
access level>
RTOM configuration READ, EDIT,
DELETE
RTOM Application Toolkit –
Feedback
Configuration Manager
RTOM Application Toolkit –
Business Logic Studio
RTOM Application Toolkit –
Recommendation Parameters
CRM_RTOM_R_<Optional
access level>
RTOM release
configuration
EDIT RTOM Application Toolkit –
Business Logic Studio
Users assigned to this
authorization group are
authorized to change the
status of offers to Released.
Note
To authorize a user with the EDIT access level, the user must also be authorized with the READ access
level. To authorize a user with the DELETE access level, the user must also be authorized with the READ
and EDIT access level.
Example
To authorize a user with the READ access level for the RTOM Application Toolkit – Events and RTOM
Application Toolkit – Data Sources applications, do the following:
1. Define the CRM_RTOM_E_READ group in the domain controller.
2. Add the user to this group.
To authorize a user with the EDIT access level for the RTOM Application Toolkit – Landscape and RTOM
Application Toolkit – Deployment Parameters applications, do the following:
1. Define the CRM_RTOM_L_READ and CRM_RTOM_L_EDIT groups in the domain controller.
2. Add the user to both groups.
14
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Network and Communication Security
6 Network and Communication Security
The real-time decisioning (RTD) engine that is the basis of SAP Real-Time Offer Management (RTOM) consists of
Distributed Component Object Model (DCOM) executables managed by the Microsoft Windows operating system.
All modules run under the credentials supplied during the installation of the system. For more information, see the
SAP Real-Time Offer Management Installation Guide.
The communication between modules uses DCOM.
The communication between workflow modules also uses TCP/IP port 700.
The RTD engine has the following entry points for consuming its services:
Knowledge definition
If you have integrated RTOM and marketing in SAP CRM, you can use the marketing UI in SAP CRM to define
new knowledge for RTOM (offers and condition groups). The protocol used for this communication channel
between the marketing UI and the RTOM server is Simple Object Access Protocol (SOAP). A Web service
published by RTOM can be accessed and used only with specific Microsoft Windows user credentials that
were supplied during the RTOM installation. (The user supplied them on the Web Service Permitted Account
installation screen.)
The user name and password for the consumer of the Web service published by RTOM are supplied under
SOA Management Service Administration Single Service Administration RTOMPublishServiceSOAP
(Consumer Proxy) Edit Consumer Security .
For more information, see the SAP Real-Time Offer Management Installation Guide and the SAP Real-Time
Offer Management Configuration Guide.
Administration activities
The RTOM application toolkit is an administrative application portal. It is a Web-based application that hosts
several sub-applications. It communicates with the server using HTTP/HTTPS.
All application user inputs go through server-side validation tests.
Online integration activities
The online integration activities use Web services. These services are mainly used to send and receive
customer transaction events. The protocol used for this communication channel is SOAP. The RTOM site Web
services can be accessed and used only with specific Microsoft Windows user credentials that were supplied
during the RTOM installation. (The user supplied them on the Web Service Permitted Account installation
screen.)
When RTOM is integrated with a generic interaction center, RTOM user name and password for the consumer
of the Web services on the RTOM site are supplied under sm59 RFC Connections INGENEO_REG Edit
.
In any other integration, the user name and password for the RTOM Web services are supplied under SOA
Management Service Administration Single Service Administration RTOMSiteAdaptorServiceSOAP
(Consumer Proxy) Edit Consumer Security .
For more information, see the SAP Real-Time Offer Management Installation Guide and the SAP Real-Time
Offer Management Configuration Guide.
SAP Real-Time Offer Management 7.1 SP02
Network and Communication Security
PUBLIC
© 2016 SAP AG. All rights reserved. 15
Note
To change the authorized user for the RTOM Web services that was initially defined during the RTOM
installation, open the Microsoft Internet Information Server (IIS) and make the following settings:
1. Select the required RTOM Web service.
o RTOMPublish – for knowledge definition integration
o IngeneoSAPICSiteAdaptorWS – for online integration activities with the Interaction Center in SAP
CRM
o RTOMSiteAdaptorWS – for online integration activities for other SAP CRM industry solutions
2. Choose Properties ASP.NET Edit Configuration Authorization .
Change the local authorization rules. You can enable and disable access to the RTOM Web service for the
desired Microsoft Windows users.
Communication Channel Security
This section describes the communication paths and protocols used by SAP Real-Time Offer Management
(RTOM).
Encryption is used to transfer information and make it unreadable to anyone except those who possess a special
knowledge encryption key. Encryption in RTOM is accomplished by doing the following:
Setting Secure Sockets Layer (SSL) encryption on the RTOM communication channel with IC for delivering a
list of offers using the CRM_IC_RE_WS Web service
Setting SSL encryption on the RTOM application toolkit communication channel with the server
Setting the internal encryption library for all logon communication
SSL Encryption
HTTPS is a secure communications channel that is used to exchange information between a client computer and
a server. It uses SSL.
The RTOM application toolkit, a Web-based application, uses HTTPS to communicate with the server. To enable
HTTPS for the RTOM application toolkit, do the following:
1. Install a certificate authority (CA) on the IIS server’s default Web site.
2. Set up an HTTPS service in IIS for the RTOMAppsToolkitWS virtual directory.
To enable HTTPS for delivering a list of offers to IC, do the following:
1. Install the root certificate of SAPNetCA on the RTOM instance server.
2. Configure SSL for the IC Web service CRM_IC_RE_WS under SOA Management Service Administration
Single Service Administration CRM_IC_RE_WS (Service) Edit Communication Security Configuration .
For more information, see http://support.microsoft.com.
Internal Encryption for Login
The encryption for internal logon communication can be switched off and on using the configuration parameter
located in the file initialization.xml in the folder configuration\CONTENT_TYPE. For more information
about how to apply configuration changes to the system, see the section Security Configuration Mechanism for
Applying Changes. In the XML file, this type of encryption is dictated by the value of the Security.Encryption
node (possible values are TRUE and FALSE and the default installation is with the value set to TRUE).
16
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Data Storage Security
7 Data Storage Security
The RTOM architecture defines four types of data storage:
Knowledge storage
Experience storage
Configuration storage
Logging storage
Most of the data in each type of storage is maintained in databases (primarily the knowledge, experience, and
configuration storage types).
Each storage type uses the security tools inherited from the technology with which it is implemented. The
databases used by the storage are protected by defining users and credentials for different activities. File-based
storage is write-protected.
SAP Real-Time Offer Management 7.1 SP02
Database Security
PUBLIC
© 2016 SAP AG. All rights reserved. 17
8 Database Security
RTOM supports the following database providers: SQL Server, MaxDB, and Oracle. RTOM connects to the
databases with a connection string. The connection string is defined in the registry in the
HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Database/DSN key.
The SQL Server uses Microsoft Windows authentication for its activities, so there is no need to supply a user
name and password. The connection string to MaxDB and Oracle includes a user name and password. To secure
the password, we encrypt it and save it in the
HKEY_LOCAL_MACHINE\SOFTWARE\Ingeneo\Database/Password key. RTOM decrypts the password and
concatenates it with the data source name (DSN), resulting in a complete connection string.
18
PUBLIC
© 2016 SAP AG. All rights reserved.
SAP Real-Time Offer Management 7.1 SP02
Trace and Log Files
9 Trace and Log Files
Tracing and logging are integral features of RTOM. The purpose of the tracing mechanism is to monitor the
access and actions made to the knowledge and business definitions. The tracing feature applies to knowledge
changes made in the system. These changes are made in the Business Logic Studio (BLS) and Configuration
Manager applications.
There are different types of tracing or auditing activities that are logged in the system. These activities consist of
the following:
Creation of and modifications made to business/knowledge objects (such as offers and condition groups)
If RTOM is integrated with marketing in SAP CRM, the audit information is logged in marketing in SAP CRM. If
RTOM is not integrated with marketing in SAP CRM and offers and condition groups are defined in the
Business Logic Studio in the RTOM application toolkit, the audit information is logged in RTOM.
Configuration data (creation and modification)
You can, for example, create or update data sources and events in the RTOM application toolkit or edit
initialization parameters in the Configuration Manager.
Configuration publication on the RTOM server
Logon activity
When a change occurs, the information is logged. The following data is stored in the RTOM engine:
Time and date of the action
User name of the person making the change
Resource identifications that are affected (such as data source name if a data source was updated)
Short description of the change made
Configuring the Security Logging Mode
The logging configuration is stored on the database. For more information about how to apply configuration
changes to the system, see the SAP Real-Time Offer Management Configuration Guide.
Viewing the Logging and Tracing Information
To view the logging information of the system, you must use the RTOM Log Viewer application. This application is
a Microsoft Windows-based application with a similar look and feel to the default Microsoft Windows Event
Viewer. The application is used to display and navigate between the system’s different log messages.
The tracing information is located under the Audit Log categories of the Log Viewer application. Under the Audit
Log, there are audit messages that relate to the application information, such as for the RTOM Web applications,
and audit messages that relate to the configuration changes and updates.
An audit message is marked with a key icon and is registered on a separate audit event type. You can click the
message entry to display its content.
SAP Real-Time Offer Management 7.1 SP02
Trace and Log Files
PUBLIC
© 2016 SAP AG. All rights reserved. 19
Example
<Put your example here>
A logon to the RTOM Web applications with an invalid user name or password generates a tracing
message such as the following:
Date: 6/1/2009 10:04:06 AM
Event: Application Toolkit
Logon User: RTOMSPL
Result: Failed: Login failure
In addition, RTOM logs can be viewed inside the Computing Center Management System (CCMS) at SAP. To set
up and use this viewing capability, see the SAP Real-Time Offer Management Application Operations Guide.
Security Configuration Mechanism for Applying Changes
The RTD engine configuration data is securely stored in a database with the last updated version of each
configuration file. That is, configuration files are not saved as files in the system. You can use the Configuration
Manager tool to export the entire configuration into configuration files that can be saved and edited on the
computer. The edited configuration files must be imported back into the database (using the Configuration
Manager tool) before the changed configuration takes effect.
The configuration files are written to <Installation directory>\SAP CRM\RTOM\ForEdit.
Note
The export is always made to a predefined location that is created by the application. You should not
change the structure of the folders or the location of the files under the predefined location.
To change the configuration, you use the Configuration Manager tool to import the relevant files back into the
database. The export and import of changes enables you to track the changes made in the configuration files. This
information can be viewed in an audit log where you can see information about the files that were changed, who
changed them, and the changes that were made.
For more information about the Configuration Manager tool, see the SAP Real-Time Offer Management
Application Guide.
Note
Documentation in the SAP Service Marketplace
You can find this document at the following address: http://service.sap.com/instguides
www.sap.com/contactsap
Material Number
© 2016 SAP AG. All rights reserved.
No part of this publication may be reproduced or transmitted in any
form or for any purpose without the express permission of SAP AG.
The information contained herein may be changed without prior
notice.
Some software products marketed by SAP AG and its distributors
contain proprietary software components of other software
vendors.
Microsoft, Windows, Excel, Outlook, and PowerPoint are registered
trademarks of Microsoft Corporation.
IBM, DB2, DB2 Universal Database, System ads, System i5, System
p, System p5, System x, System z, System z10, System z9, z10, z9,
iSeries, pSeries, xSeries, zSeries, eServer, z/VM, z/OS, i5/OS,
S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise
Server, PowerVM, Power Architecture, POWER6+, POWER6,
POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes,
BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2
Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX,
Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are
trademarks or registered trademarks of IBM Corporation.
Linux is the registered trademark of Linus Torvalds in the U.S. and
other countries.
Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either
trademarks or registered trademarks of Adobe Systems
Incorporated in the United States and/or other countries.
Oracle is a registered trademark of Oracle Corporation.
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the
Open Group.
Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame,
VideoFrame, and MultiWin are trademarks or registered
trademarks of Citrix Systems, Inc.
HTML, XML, XHTML and W3C are trademarks or registered
trademarks of W3C®, World Wide Web Consortium, Massachusetts
Institute of Technology.
Java is a registered trademark of Sun Microsystems, Inc.
JavaScript is a registered trademark of Sun Microsystems, Inc.,
used under license for technology invented and implemented by
Netscape.
SAP, R/3, xApps, xApp, SAP NetWeaver, Duet, PartnerEdge,
ByDesign, SAP Business ByDesign, and other SAP products and
services mentioned herein as well as their respective logos are
trademarks or registered trademarks of SAP AG in Germany and in
several other countries all over the world. All other product and
service names mentioned are the trademarks of their respective
companies. Data contained in this document serves informational
purposes only. National product specifications may vary.
These materials are subject to change without notice. These
materials are provided by SAP AG and its affiliated companies
("SAP Group") for informational purposes only, without
representation or warranty of any kind, and SAP Group shall not be
liable for errors or omissions with respect to the materials. The only
warranties for SAP Group products and services are those that are
set forth in the express warranty statements accompanying such
products and services, if any. Nothing herein should be construed
as constituting an additional warranty.