Secure Document Encryption – Digital Rights Management for SAP Documents

by Dr. Uwe Wächter

Seamless protection of all documents – from storage to recipient – was why GEA Westfalia Separator Group GmbH, a systems provider for the food processing industry, decided on the use of an Enterprise Digital Rights Management system (eDRM). Seal Systems AG was commissioned with providing all necessary software modules, as well as the system and process integration. Today’s blog entry discusses how this was done.

The GEA Group is a globally positioned concern with many international locations and partners. Their operative workflows with customers and installation companies require the exchange of ueberwachung2documents managed with SAP DVS. SAP Rights Management can no longer guarantee information security and intellectual property protection, especially when sharing documents with external recipients. To achieve this consistent protection, the GEA Group started a project on the subject of digital rights management. The goal: all SAP DVS documents should be consistently protected, from storage location to recipient – even if they are shared outside the company. Any loopholes which allow documents to circulate unprotected outside of SAP DVS should be closed. All SAP system interfaces used for exporting documents must also be monitored.

Enterprise Digital Rights Management Protects Your Company Data

schluesselAn Adobe Enterprise Digital Rights Management (EDRM) system was chosen as the optimal solution. Enterprise Digital Rights Management is defined as systems which protect company data. This can be important business data, but it also includes the many documents containing company expertise: technical drawings, calculations, specifications, formulas, quotes, etc. With EDRM, companies can prevent confidential data from landing in the wrong hands. Dynamic guidelines protect important information both inside and outside the firewall and on mobile devices. EDRM architecture guarantees the consistent protection of documents, regardless of whether the user is online or off.

Our experts were commissioned with providing the software modules and system and process integration necessary to make DRM functionality seamless for all documents and business processes. We have to deep expertise for linking external systems to SAP DVS and can offer perfected methods for process integration and workflow programming. We linked Adobe LiveCycle Rights Management with the SAP system via our Digital Process Factory (DPF). Here is where our standard integrations really came into play, and kept implementation costs for this step to a minimum.

Monitoring of all SAP Interfaces

The Digital Process Factory acts as an intelligent interface between SAP and the DRM server. With DPF, GEA now monitors all SAP interfaces which can be used from the SAP side for exporting documents (e.g. printing, e-mail, viewing). Documents are automatically checked at their user exits in a DPF workflow to determine if they belong to a type that requires DRM encryption. Document type is one way that SAP DVS can classify documents according to characteristics, as well as the by resulting organizational processes.).

The project group for GEA Westfalia Separator defined the rules and parameters for the use of digital rights management parallel to installation through Seal Systems. These sicherheit2include for example the authorized user groups and their respective access, as well as the definitions by which a document must be DRM-protected and stamped with SAP information. Over an SAP chart it was determined which kinds of documents should be subject to DRM encryption and which need no DRM protection. The information left in SAP is identified and passed on to DPF for control of the DRM encryption. The DRM code was then implemented on the EDRM server. The list of access-authorized persons is maintained in the central LDAP. No further administration is needed, as this list is compiled for every project in LDAP.

The Result

DPF monitors all possible distribution paths for SAP-managed documents. If a user would like to issue documents, these are automatically checked for “DRM relevance”. If the document needs to be encrypted, DPF automatically sends it to the DRM server, where it is encrypted according to DRM directives (such as “read only”). The DRM-protected document is then issued or distributed in the usual way.

gluehbirneSummary:

The company’s technical project documents are now provided with intellectual property protection. All documents sent out to international construction sites in digital form are now encrypted with DRM. This takes place automatically and error-free over our integration. The project could be carried out according to schedule and in cooperative partnership.

WYou can learn more about SEAL Systems Digital Rights Management here.

 


Excursus: Digital Process Factory from SEAL Systems

Digital Process Factory is a development and runtime environment for drafting and sequence control for the processing of information, data, files and documents. DPF is highly efficient for designing customer-specific processes and procedures, because programming is replaced by configuration of standard procedures. The approach: elementary, standardized processing components, or working units, are combined into variable processes, with interactive tools for assembly and sequence control.

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

* = Required field

  • Blog Categories

  • Next Events

    1. SAP for Utilities

      10. September 2017 - 14. September 2017
    2. PLM World Intermountain Regional Users Group

      21. September 2017
    3. TechEd

      25. September 2017 - 29. September 2017
    4. DSAG Congress

      26. September 2017 - 28. September 2017
    5. PLM World Cincinnatti Regional User Group

      26. September 2017