{"id":1752,"date":"2017-02-23T06:00:43","date_gmt":"2017-02-23T05:00:43","guid":{"rendered":"https:\/\/www.xiting.us\/?p=1752"},"modified":"2025-10-01T10:41:10","modified_gmt":"2025-10-01T08:41:10","slug":"important-use-date-sap-security-libraries","status":"publish","type":"post","link":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/","title":{"rendered":"Why is it so\u00a0important to use up-to-date SAP security libraries?"},"content":{"rendered":"<p>The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications. In the past, the ABAP kernel shipped with the SAP Cryptographic Library (SAPCRYPTOLIB) as the default security product for SAP systems. It supports the use of digital signatures according to the Secure Store and Forward (SSF) interface and provides encryption functions such as Secure Network Communications (SNC) or Transport Layer Security (TLS) for the different SAP Application Servers. Besides SNC, SSF and TLS the SAP ABAP Application Server also supports the web-based implementation of the Kerberos authentication, the so-called Simple and Protected GSSAPI Negotiation Mechanism, or SPNEGO.<strong>&nbsp;<\/strong><\/p>\n<h2><strong>One library for all scenarios<\/strong><\/h2>\n<p>Since the end of 2013 SAP provides the CommonCryptoLib as the technical successor and replacement for the SAP Cryptographic Library. The CommonCryptoLib is part of the kernel of SAP NetWeaver Application Servers. Beginning with Kernel 7.20 PL88, no particular kernel patch is required to use CommonCryptoLib. The library is fully compatible with SAPCRYPTOLIB and SAPSECULIB. This single security library combines and merges all predecessors. It not only supports all scenarios from previous security libraries but offers additional features, well described in <a href=\"https:\/\/launchpad.support.sap.com\/#\/notes\/1848999\/E\">SAP Note 1848999<\/a>. &nbsp;SAP updates this Note frequently to provide an excellent feature overview, troubleshooting tips as well as a version history &#8211; so check it out! Having to maintain only a single security library, makes life easier for SAP administrators. Furthermore, SAP HANA uses the CommonCryptoLib for cryptographic operations, such as data volume encryption and communication encryption. Additionally, the SAP NetWeaver Application Server Java uses it for cryptographic functions like secure communication via TLS or SNC for RFC server-to-server connections.<\/p>\n<h2><strong>Perfect Forward Secrecy for SNC<\/strong><\/h2>\n<p>Thanks to the end-to-end encryption capabilities of SNC, DIAG and RFC connections can be used over unsecured networks. To establish an SNC session, a calculated Pre-Master Secret is encrypted with the corresponding public key of the other party. So, both sides send their &#8220;Hello&#8221; exchange public keys and agree on a shared session key (Master Secret) as part of the connection handshake, protected using public-key cryptography. Sounds good so far, right?<\/p>\n<p>The problem is that if someone recorded the encrypted traffic and later eventually got possession of the private key, they would be able to extract the session key from it. Because the Pre-Master Secret&nbsp;is encrypted with the server&#8217;s public key, exposure of the private key would allow decryption of the data at any point in the future.&nbsp;The ability to decrypt historic data is considered a serious security issue. Just think about the global intelligence community that records Internet traffic on a large scale or the disgruntled network operator who has access to the all network traffic.<\/p>\n<p>That is where Perfect Forward Secrecy (PFS) is helpful, as it mitigates this type of attack vector. &nbsp;PFS was already implemented in CommonCryptoLib for HTTPS connections&nbsp;since it supports version 1.2 of the Transport Layer Security (TLS) protocol. Using TLS, the Diffie-Hellman key exchange is done using Elliptic Curves Cryptography (ECDH) which results in Perfect Forward Secrecy for SAP-SNC connections, providing a cryptographic solution to solve the problem of secure key exchange.<\/p>\n<h2>What&#8217;s the idea behind the solution?<\/h2>\n<p>It is based on the notion that two communication partners agree on a common key in the form of a number, which a potential attacker cannot use to calculate the symmetric session key. You can learn more about the mathematics behind PFC in <a href=\"https:\/\/scotthelme.co.uk\/perfect-forward-secrecy\/\">this article<\/a>. The key takeaway is that there is no exchange of encrypted session keys anymore. The session key is uniquely calculated for each new communication and destroyed immediately upon termination. Thus, even if someone had access to the private keys of the participants and recorded the session, the session key was not included in the initial communication between both sides.<\/p>\n<p>Starting with CommonCryptoLib 8.5.2 and higher and due to an extension of the X.509-based GSS protocol, the SNC connection should be much safer now, thanks to PFS.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"size-full wp-image-1755 aligncenter\" src=\"https:\/\/www.xiting.us\/wp-content\/uploads\/2017\/02\/sso01.png\" alt=\"\" width=\"341\" height=\"413\"><\/p>\n<p>Besides PFS there are other improvements to the CommonCryptoLib which I would like to mention briefly, such as the new X.509 based Encryption Only Mode (check out our previous <a href=\"https:\/\/www.xiting.us\/blog\/sap-single-sign-on-3-0-to-reduce-effort-and-risk\/\">blog<\/a> for more information) or a revised TLS engine with support for TLS_FALLBACK_SCSV. Also, low-security cipher suites have been removed, and several new configuration parameters were added to configure the library. In addition to that, a new FIPS 140-2 certified cryptographic kernel can be used.<\/p>\n<p>In October 2014 SAP released the security note <a href=\"https:\/\/launchpad.support.sap.com\/#\/notes\/2067859\/E\">2067859<\/a> concerning the SAPCRYPTOLIB which addressed an issue in the DSA implementation. The vulnerability allowed an attacker to compromise the private key of the SAP system. As you see, it is important to keep your SAP Security Libraries up to date and to check for security improvements as well as updates regularly. By the way, have a look at the version of your libraries. SAP just released CommonCryptoLib 8.5.9, and there was a lot of corrections and bug fixes since 8.5.1 \u2013 so happy updating!<\/p>\n<div class=\"grammarly-disable-indicator\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications. In the past, the ABAP kernel shipped with the SAP Cryptographic Library (SAPCRYPTOLIB) as the default security product for SAP systems. It supports the use of digital signatures according to the Secure Store and Forward (SSF) [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":9462,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[1835],"tags":[],"class_list":["post-1752","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.8 (Yoast SEO v27.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Why is it so\u00a0important to use up-to-date SAP security libraries? | Xiting<\/title>\n<meta name=\"robots\" content=\"noindex, nofollow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why is it so\u00a0important to use up-to-date SAP security libraries?\" \/>\n<meta property=\"og:description\" content=\"The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiting\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/XitingAG\" \/>\n<meta property=\"article:published_time\" content=\"2017-02-23T05:00:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-01T08:41:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"964\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Carsten Olt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@jsterr@xiting.de\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Carsten Olt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/\"},\"author\":{\"name\":\"Carsten Olt\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/person\\\/3c32c7de1132d012e263720a9f3300a2\"},\"headline\":\"Why is it so\u00a0important to use up-to-date SAP security libraries?\",\"datePublished\":\"2017-02-23T05:00:43+00:00\",\"dateModified\":\"2025-10-01T08:41:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/\"},\"wordCount\":835,\"publisher\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2017\\\/10\\\/sap-security-blog-sso.jpg\",\"articleSection\":[\"SAP Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/\",\"name\":\"Why is it so\u00a0important to use up-to-date SAP security libraries? | Xiting\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2017\\\/10\\\/sap-security-blog-sso.jpg\",\"datePublished\":\"2017-02-23T05:00:43+00:00\",\"dateModified\":\"2025-10-01T08:41:10+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#primaryimage\",\"url\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2017\\\/10\\\/sap-security-blog-sso.jpg\",\"contentUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2017\\\/10\\\/sap-security-blog-sso.jpg\",\"width\":964,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/important-use-date-sap-security-libraries\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/xiting.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why is it so\u00a0important to use up-to-date SAP security libraries?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/\",\"name\":\"Xiting\",\"description\":\"Your Expert for SAP Security\",\"publisher\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/xiting.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\",\"name\":\"Xiting\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/xiting-logo.png\",\"contentUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/xiting-logo.png\",\"width\":960,\"height\":504,\"caption\":\"Xiting\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/XitingAG\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/1345129\\\/\",\"https:\\\/\\\/www.instagram.com\\\/xiting.global\\\/\",\"https:\\\/\\\/www.crunchbase.com\\\/organization\\\/xiting\",\"https:\\\/\\\/www.youtube.com\\\/@Xiting\"],\"description\":\"Xiting wurde 2008 von erfahrenen SAP-Beratern in der Schweiz gegr\u00fcndet. Heute besch\u00e4ftigt das Unternehmen 140 Mitarbeitende an mehreren Standorten weltweit. Die SAP Security Consultants von Xiting bringen tiefes Fachwissen aus der Projektpraxis mit und betreuen \u00fcber 700 nationale und internationale Kunden \u2013 remote und vor Ort.\",\"email\":\"info@xiting.ch\",\"telephone\":\"+41 43422 8803\",\"legalName\":\"Xiting AG\",\"foundingDate\":\"2008-06-01\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"51\",\"maxValue\":\"200\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/person\\\/3c32c7de1132d012e263720a9f3300a2\",\"name\":\"Carsten Olt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g\",\"caption\":\"Carsten Olt\"},\"description\":\"Carsten Olt has been working as a Managing SAP Security Consultant since 2016, responsible for Secure Authentication &amp; SSO and SAP Cloud Security Services at Xiting in Germany. As a member of the IAM team, he is also a team leader who conveys the company's goals and strategies to employees and has organizational responsibility. With a security-minded approach, Carsten has international project and IT security experience in many industries. He has been working in IT-Security since 2001, specializing in SAP security since 2010. He is a subject matter expert for SAP Single Sign-On 3.0 and a trainer for the WDESSO course. His current focus is on supporting customers in solving authentication and security challenges within hybrid SAP landscapes, as well as designing and implementing holistic authentication concepts. Carsten is an ISACA CISA and a former MCP and RHCE with an ISP background, and he looks at security from different angles. He also translates between SAP and IT security vocabulary. Carsten has in-depth experience in multi-vendor architectures and MSFT\\\/Azure components, dealing with all the requirements concerning SAML 2.0, OAuth, OpenID Connect, SCIM, X.509 CBA &amp; PKI, MFA, SAP SSO, and Secure Network Communications, Kerberos\\\/SPNEGO, data security and encryption, as well as digital signatures. Carsten is experienced in SAP on-premises components such as S\\\/4HANA, ABAP, and Java, as well as security solutions like SSO 3.0. Since 2019, he has focused on SAP-Cloudified environments, specifically the SAP Cloud Identity Services and SAP BTP, as well as SaaS integrations concerning IAM. He deals with hybrid SAP security in conjunction with Azure Active Directory, ADDS, ADFS, ADCS, Reverse Proxies\\\/WAF, SAP Web Dispatcher, SAP Cloud Connector, third-party products, and infrastructure components.\",\"sameAs\":[\"https:\\\/\\\/x.com\\\/jsterr@xiting.de\"],\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/author\\\/carsten-olt\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Why is it so\u00a0important to use up-to-date SAP security libraries? | Xiting","robots":{"index":"noindex","follow":"nofollow"},"og_locale":"en_US","og_type":"article","og_title":"Why is it so\u00a0important to use up-to-date SAP security libraries?","og_description":"The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications.","og_url":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/","og_site_name":"Xiting","article_publisher":"https:\/\/www.facebook.com\/XitingAG","article_published_time":"2017-02-23T05:00:43+00:00","article_modified_time":"2025-10-01T08:41:10+00:00","og_image":[{"width":964,"height":600,"url":"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg","type":"image\/jpeg"}],"author":"Carsten Olt","twitter_card":"summary_large_image","twitter_creator":"@jsterr@xiting.de","twitter_misc":{"Written by":"Carsten Olt","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#article","isPartOf":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/"},"author":{"name":"Carsten Olt","@id":"https:\/\/xiting.com\/en\/#\/schema\/person\/3c32c7de1132d012e263720a9f3300a2"},"headline":"Why is it so\u00a0important to use up-to-date SAP security libraries?","datePublished":"2017-02-23T05:00:43+00:00","dateModified":"2025-10-01T08:41:10+00:00","mainEntityOfPage":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/"},"wordCount":835,"publisher":{"@id":"https:\/\/xiting.com\/en\/#organization"},"image":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#primaryimage"},"thumbnailUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg","articleSection":["SAP Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/","url":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/","name":"Why is it so\u00a0important to use up-to-date SAP security libraries? | Xiting","isPartOf":{"@id":"https:\/\/xiting.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#primaryimage"},"image":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#primaryimage"},"thumbnailUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg","datePublished":"2017-02-23T05:00:43+00:00","dateModified":"2025-10-01T08:41:10+00:00","breadcrumb":{"@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#primaryimage","url":"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg","contentUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2017\/10\/sap-security-blog-sso.jpg","width":964,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/xiting.com\/en\/important-use-date-sap-security-libraries\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiting.com\/en\/"},{"@type":"ListItem","position":2,"name":"Why is it so\u00a0important to use up-to-date SAP security libraries?"}]},{"@type":"WebSite","@id":"https:\/\/xiting.com\/en\/#website","url":"https:\/\/xiting.com\/en\/","name":"Xiting","description":"Your Expert for SAP Security","publisher":{"@id":"https:\/\/xiting.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiting.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiting.com\/en\/#organization","name":"Xiting","url":"https:\/\/xiting.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiting.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/xiting.com\/wp-content\/uploads\/2025\/08\/xiting-logo.png","contentUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2025\/08\/xiting-logo.png","width":960,"height":504,"caption":"Xiting"},"image":{"@id":"https:\/\/xiting.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/XitingAG","https:\/\/www.linkedin.com\/company\/1345129\/","https:\/\/www.instagram.com\/xiting.global\/","https:\/\/www.crunchbase.com\/organization\/xiting","https:\/\/www.youtube.com\/@Xiting"],"description":"Xiting wurde 2008 von erfahrenen SAP-Beratern in der Schweiz gegr\u00fcndet. Heute besch\u00e4ftigt das Unternehmen 140 Mitarbeitende an mehreren Standorten weltweit. Die SAP Security Consultants von Xiting bringen tiefes Fachwissen aus der Projektpraxis mit und betreuen \u00fcber 700 nationale und internationale Kunden \u2013 remote und vor Ort.","email":"info@xiting.ch","telephone":"+41 43422 8803","legalName":"Xiting AG","foundingDate":"2008-06-01","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"51","maxValue":"200"}},{"@type":"Person","@id":"https:\/\/xiting.com\/en\/#\/schema\/person\/3c32c7de1132d012e263720a9f3300a2","name":"Carsten Olt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2c35c3b7ce5d81579234be25ef570938712ba95e2cb8e87f2a79b81be928499a?s=96&d=mm&r=g","caption":"Carsten Olt"},"description":"Carsten Olt has been working as a Managing SAP Security Consultant since 2016, responsible for Secure Authentication &amp; SSO and SAP Cloud Security Services at Xiting in Germany. As a member of the IAM team, he is also a team leader who conveys the company's goals and strategies to employees and has organizational responsibility. With a security-minded approach, Carsten has international project and IT security experience in many industries. He has been working in IT-Security since 2001, specializing in SAP security since 2010. He is a subject matter expert for SAP Single Sign-On 3.0 and a trainer for the WDESSO course. His current focus is on supporting customers in solving authentication and security challenges within hybrid SAP landscapes, as well as designing and implementing holistic authentication concepts. Carsten is an ISACA CISA and a former MCP and RHCE with an ISP background, and he looks at security from different angles. He also translates between SAP and IT security vocabulary. Carsten has in-depth experience in multi-vendor architectures and MSFT\/Azure components, dealing with all the requirements concerning SAML 2.0, OAuth, OpenID Connect, SCIM, X.509 CBA &amp; PKI, MFA, SAP SSO, and Secure Network Communications, Kerberos\/SPNEGO, data security and encryption, as well as digital signatures. Carsten is experienced in SAP on-premises components such as S\/4HANA, ABAP, and Java, as well as security solutions like SSO 3.0. Since 2019, he has focused on SAP-Cloudified environments, specifically the SAP Cloud Identity Services and SAP BTP, as well as SaaS integrations concerning IAM. He deals with hybrid SAP security in conjunction with Azure Active Directory, ADDS, ADFS, ADCS, Reverse Proxies\/WAF, SAP Web Dispatcher, SAP Cloud Connector, third-party products, and infrastructure components.","sameAs":["https:\/\/x.com\/jsterr@xiting.de"],"url":"https:\/\/xiting.com\/en\/author\/carsten-olt\/"}]}},"_links":{"self":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts\/1752","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/comments?post=1752"}],"version-history":[{"count":0,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts\/1752\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/media\/9462"}],"wp:attachment":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/media?parent=1752"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/categories?post=1752"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/tags?post=1752"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}