Alphabetic list of all actions and their frequency by any selected user, e.g. USER-040.
The alphabetic list was extracted from the excel sheet. The frequencies for the selected user were arranged in alphabetical order as the question suggested. I did choose USER-001, arranged the user frequencies in alphabetic order, and then removed the remaining columns. The user was filtered out using the pivot tables.
List of users performing unsuccessful activities.
The data that was used was extracted from the spreadsheet and the question address on the unsuccessful activities as we go through the TSTATUS that indicates whether the chosen action is successful or not. From the results, the users with TSTATUS – 1 had unsuccessful activities. It is clear that all users had unsuccessful activities as shown by the data.
3.List of transaction codes performed, with their frequency by each user.
The list of the transactions performed codes with their frequency by each user were also derived from the spreadsheet. In every category, the user only picked the required field (TCODE) and calculated the sum of the TCODE as well as the grand totals for different users as shown by spreadsheet. The idea also is supported by Peltier (2013) and Peltier (2016).
List of users engaging in security-related actions.
The extracted data shows a breakdown on the list of users that engaged in security-related actions, thereby separating the users who engaged in security-related issues such as the authorization, and when the transaction started. The results were finally listed on the table as shown on the spreadsheet.
Top 10 users in terms of frequency of activity.
The data of the top 10 users with respect to the frequency of the activity were also derived from the listed data. The TCOUNT will then help in determining the frequency of activity thus the listing consist of the users with the highest to low performance of the frequencies.
|User ID||Total Frequency|
List of users who are dormant – in the range USER-001 to USER-050.
The table also highlights a list of dormant users as per the data presented listing USER-33 appearing four times in different period. The dormant users are individuals who have not performed any action along the spreadsheet. The users are represented by “*” in the TSTATUS columns. The dormant users are separated from users’ list, tabled and shaded in yellow as presented.
|USER-033||201601||SESS||User USER-033 in Client 400 Unlocked After Being||SESS-*||SESS||*||1||Starting the R/3 menu|
|USER-033||201601||SESS||User USER-033 Locked in Client 400 After Erroneo||SESS-*||SESS||*||3||Starting the R/3 menu|
|USER-033||201602||SESS||User USER-033 in Client 400 Unlocked After Being||SESS-*||SESS||*||1||Starting the R/3 menu|
|USER-033||201602||SESS||User USER-033 Locked in Client 400 After Erroneo||SESS-*||SESS||*||1||Starting the R/3 menu|
You should also produce at least 2 reports or charts based on any of the above previous reports that summarize user activity over time using YYYYMM date format.
The question requires the user to generate either a chart, plot or report on the three questions listed from questions one to six in the first task. A random selection of the questions was carried out and settled on questions one, five and six. The charts were generated using columns and bars for this question, and a description for the question is listed below the chart.
Top 10 users in terms of frequency of activity
The chart represents top 10 users on how the frequency of the activities was noted. It, therefore, represent the highest frequencies of the users within a particular year. The table shows that USER-041 scored the highest frequency of the activity of 77 in the year.
It is evident, that dormant users who could not perform any transaction dominated the chart. The chart shows that the dormant user is USER – 33.
|Table 1 SAP System-Wide Security Settings||User-Defined Value||System Default Value||Recommended
|No auto user SAP*||0||0||0||0|
|Failed logins to end||0||3||3||0|
|Failed logins to lock||5||5||5||5|
|Auto failed unlock||0||0||1||0|
|Min password length||0||6||7||0|
|Password expiry (days)||0||0||40||0|
|Idle Screen logout (seconds)||1800||1800||-300
|No check on Tcodes||0||0||Y||0|
|Login client No||100||100||100||100|
1) No auto user SAP*
No auto user SAP* as the first parameter is also referred to as login. It is used to control the activation of the identity (ID), also called SAP* and from the RSPARAM a 0-automatic user sap* is permitted as 1-automatic user sap* being deactivated. When a user is deleted in SAP, the default value will be set to 1. It means that no deleted user can login with ID SAP* using the password PASS in the system. However, Sinha et al. (2015) affirm that the ID SAP* is not preferably recommended as it gives rights to customize the activities. The parameter should be secured just as the administration and other application maintenance. If it is left open to any user, it will be a security breach since anyone can tamper with the company’s details thus the ID SAP* should not be used as the emergency user since the user will have rights to control the SAP system.
2) Failed logins System to end
The second parameter is the “Failed logins System to end” used to control the number of false login attempts. The false login is only accepted three times which the first parameter acknowledges as system default value (Ireland 2013, p. 5; Mishra, Vimal and Michael, 2013). If three consecutive wrong logins attempts are made, the current system will then automatically lock the user. It is, therefore, to control all the unauthorized users from accessing the current system when users use false login details.
3) Failed logins to lock
The “Failed logins to lock” as the third parameter is used to control the false login until the user is locked (Platt et al. 2013; Vidal 2012, p. 372). The system default value only can accept false logins up to 3 times, after which the user gets locked.
4) Auto failed to unlock
The fourth parameter “Auto failed unlock” is used to control users when the user ID stays locked after false login attempts. When the value is set 0, it means that the ID will be stay locked until manually unlocked and when 1 is used, the ID will automatically be unlocked at midnight (Qiu et al. 2016). The current system default value is set as 1, meaning that the user ID will be unlocked at the midnight. Nevertheless, a 0 value is highly recommended. After the false logins, the password should be entered manually.
5) Min password length
“Min password length” takes the fifth parameter and is used to controls the minimum length of the user’s password. The minimum default value in the current SAP system is set at 7, thus all users must have a minimum password length of 7 characters both numeric and symbols. The recommended value ranges from 7 to 10 and is limited up to 40 (Tsai et al. 2006, p. 108; Das et al. 2014).
6) Password expiry (days)
The Password expiry (days) is used to control the number of days the password is required to change. It, therefore, helps to prevent the password breach from the system in the current system. According to Schneider and Red Hat (2015); Dar (2015, p. 159)., the system default value is 40 up to 90 days to change the password. The users are highly recommended to change the password frequently to prevent access from unauthorized users.
7) Idle logout (seconds)
The seventh parameter is the “Idle logout (seconds)” that the active user uses to login to the system in seconds. The default login is set at 1800 seconds after which the user will be logged out on the current system. The recommended value lapses between 900 and 1200 t protect unauthorized users from logging into the current system (Sklar, 2004).
8) No, check on T codes
The “No check on T codes” is used to enables or disables the faculty of checking T codes. When T codes are used in the system, a No check on T codes will checks whether the T code is valid or invalid, or locked/unlocked. It, therefore, consists of “Y” and “N” values as Y represents the system default. It means that the system will not check the Tcode in the current system and will be disabled (Bombin et al. 2012). However, value N is highly recommended as the Tcode is checked by the current system and will be enabled. The SAP system does the comparison with the stored value as it checks the stored Tcode or ones, not in the TSTC table.
9) Default login client
The Default Login Client, also known as “Default System Client” is the last parameter where the client is set as the default client (represented by 000) in the sap systems. The number can be any as long as it is within the three digits (Buckler, 2013 p. 370). The default client number (000) is usually used by users when working on the same SAP system.
Bombin, H., Andrist, R.S., Ohzeki, M., Katzgraber, H.G. and Martin-Delgado, M.A., 2012. Strong resilience of topological codes to depolarization. Physical Review X, 2(2), p.021004.
Buckler, D., Symantec Corporation, 2013. Systems and methods for detecting the insertion of poisoned DNS server addresses into DHCP servers. U.S. Patent 8,370,933.
Dar, W.M., 2015. Cyber Security Challenges in Higher Education System of J & K with Special Reference to Islamic University of Science & Technology Awantipora, Pulwama, J&K, India. Advances in Computational Research, 7(1), p.159.
Das, A., Bonneau, J., Caesar, M., Borisov, N. and Wang, X., 2014, February. The Tangled Web of Password Reuse. In NDSS (Vol. 14, pp. 23-26).
Ireland, E., 2013, December. Intrusion detection with genetic algorithms and fuzzy logic. In UMM CSci senior seminar conference (pp. 1-6).
Mishra, K.K., Vimal, C. and Michael, G., 2013. Prevention of Online Password Hacking Process with Secured Multi Authentication Scheme.
Peltier, T.R., 2013. Information security fundamentals. CRC Press.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.
Platt, D.C., Royer, C., Berg, K., Wallingford III, J.H. and Olden, E., Symplified, Inc., 2013. System, method, and apparatus for managing access to resources across a network. U.S. Patent 8,418,238.
Qiu, L., Muslukhov, I. and Beznosov, K., 2016, June. Advancing the Understanding of Android Unlocking and Usage. In Twelfth Symposium on Usable Privacy and Security (SOUPS 2016). USENIX Association.
Schneider, J.P., Red Hat, Inc., 2015. Managing password expiry. U.S. Patent 8,959,618.
Sinha, A., Sheel, V. and Ramu, G.T., Sap Se, 2015. Zero-step auto-customization of mobile applications. U.S. Patent 9,197,501.
Sklar, D., 2004. Working with Authentication, Users, and Passwords. InEssential PHP Tools: Modules, Extensions, and Accelerators (pp. 241-261). Apress.
Tsai, C.S., Lee, C.C. and Hwang, M.S., 2006. Password Authentication Schemes: Current Status and Key Issues. IJ Network Security, 3(2), pp.101-115.