For transferring information in the form of objects from one Enterprise Service Repository to other, you can select from the three means of transport −
The illustration shows two software components — Version A and Version B that have been transferred from ESRep_1 and ESRep_2 to other ESRep’s.
Transport Level Security includes the security of design objects while transferring over the network. While transferring objects you perform authentication and encryption at the transport level and authorization at end point. For internal communication you use Secure Socket Layer (SSL) for encryption and decryption of data across a secure connection. For external communication between SAP and non-SAP system, the type of encryption depends on the type of adapter used for communication.
SAP PI Adapters and Security Mechanism −
|HTTP based Adapter||HTTP||HTTPS|
|RFC based Adapter||RFC||Secure Network Communication|
|Mail Adapter||SMTP, IMAP4, POP3||HTTPS|
|File Adapters||FTP||FTP over SSL|
To achieve transport level authorization, you can use HTTP with client authentication. HTTP transport level authentication can use user name and password, X.509 certificates or SAP logon tickets.
Message level security can be achieved using encryption techniques and digital signatures. Message to be sent over network is first encrypted by an encryption algorithm that includes a session key and a public key for encryption. Same session key and public key is used at the receiver’s side for decryption of message to see the content.
You can use the following mechanisms for HTTP Transport Level −