Content development is the process of designing and developing an application that can cater to its end users with seamless access to company’s sensitive and nonsensitive data as well as external data to perform business operations. Different users must be able to access right content at the right time at the right place with adequate security in order to increase productivity and reduce cost and inconsistency. End users can customize and personalize the content application according to their nature of business and needs. For instance, customers can create and customize the application according to business domain like e-commerce or social network where most of the content will be related to web sites and web contents. Where as if the company is brick and mortar the user can store contents related to suppliers, orders, invoices, delivery details, shipments, inventory, sales orders etc.

To cut short, the business can develop an application to streamline its complete business process life cycle in one place. Where different users can access the content simultaneously with consistent look and feel throughout the application for instance, the employees can access to the companies data according to their roles and capacity. Content system administrator is responsible for granting permissions or revoking the permission based o roles. For instance, top tier management like directors and VP’s, CEO will have complete access to all the contents of the business.  Employees may restrict to access company’s sensitive data other employee’s salary etc.

The following are the main components/tabs for developing effective SAP netweaver portal content management application.

            a) Portal content management

            b) Portal content transaction

            c) Portal display

            d) Web resource repository

            e) Knowledge content

            f) Collaboration content

            g) Workflow content

            h) Content statistics

Let me explain each of these components briefly:

Portal content management

Under this end users can create their own portal content either they can create group folders or individual folders based on their needs. Users can store various contents like collaboration forums, wiki, contents from vendors, SAP, and even migrated contents from other sources such as remote servers, platforms, able to store portal administration, application, user even remote system access can be configured easily by mentioning URL’s, server names, IP addresses. Also end users can find built in templates, themes, and transport package, visual composers to create iViews, roles, and pages, work sets and store it into the separate folders so that it will be easy to locate as and when required. End user does not require coding to create business objects, web pages and iviews instead the application wizard will help them create and personalize.

Apart from that end users can create and store business objects for each line of business separately so that it will be extremely convenient for the users to access, process and managed the business activity effectively and efficiently. In addition to that, the application has options to look into the databases. The databases are designed and stored in the back end system using ABAP language to communicate with the database and retrieve data accordingly. Some virtual internal databases in the form of iviews like portal application, WSRP content, web dynpro java application, portlet application will be available under this heading. Hence, from the above explanation we can see that portal content management is a powerful tool if architecture is strategically developed in such a way that the business can utilize both internal and external content more effectively and efficiently while conducting business activities in real time. When the business streamlines its business operation along with automation companies can achieve tremendous competitive advantage over its competitors.

Portal content translation

At high level this is another important component that provides seamless support to its end users. In the sense that this component allows users to create and store and manage connection ports, tab sets, search providers, favorite providers, suggestion providers and even device group container. Again these sub folders will be the users to organize its tasks and roles and easily navigate to various contents. Here I would like to mention that there is a tow common subcomponents such as portal content and business objects are available and shared by both i.e. portal content management as well as portal content translation. This show the both portal content and business objects are most important aspects when it comes to effective development of portal content management application.

Portal display

Under this component the end users will be allowed to design and redesign the pages, iviews, roles and worksets according to their look and feel. The application wizard will help to achieve these tasks. No coding is required for the end users to access these contents. The users can able to personalize the portal as per their needs. These sum components are powered with inbuilt themes from which they can create new and themes, they can edit the existing schemes, generate ITS themes, it has Ajax theme studio to configure the themes at the first place. Only the system administrator is allowed to perform these tasks because it required coding skills ( Java and ABAP)only systems administrator with access permission can perform these activities.

Web resource repository

This components acts as a central repository for every level of users will increase the ease of access to web contents as an when requires. It also helps to reduce cost of maintenance. When it is centrally maintained it actually eliminates duplications of same web contents. Again it depends on level of access control possessed by each user. Most of the common web contents will be available to everyone and some will not be available to access. The system administrator is responsible who can access what and how. One of the main tools to access web resource repository is a search options where in user enters the required keywords and the system will retrieve it for them. The search options is so powerful because in the back end the all the web resources stored in the databases are archived and indexed i.e when creating the system allocates unique ID to each of the web resources automatically. This provides faster retrieval time when we enter any search terms.

Knowledge management content

This is another most important component for developing effective content management application. KM content provides complete access to all the data in reside in the portal and also in the data bases. It is called root aka master data aka Meta data aka data about the data. Here the user can view any folder and select the any heading for downloading the folders for conveniently because documents are segregated according to personal and public. Personal documents will be having additional security to access with and public documents will have standard security to access by users within the company. Even users have the options to look for deleted items in case they accidently deleted the important documents or report. The KM content has toolbox to permit to make folder settings, reports can be created, folders can be achieved to manage and organize the folders effective communication among different functional teams. The users can export templates from one destination to another without much difficulty. The user can also has the option to import templates from one place to another, it provides users to upload package, view pending imports, imports which is currently running and which is archived. Overall KM content provides complete and easy access to entire data of the company and also other external data in single portal through collaboration and integration. With this level of access to content the company can perform seamlessly to achieve productivity and earn profit for the organization.

Collaboration content

Many companies face immense challenge when it comes to collaborating and integrating once business applications to streamline its business process to achieve optimum productivity with limited resources. Companies face information silos when their business applications are not properly collaborated and integrated. Due to which there will be bottle necks, delay in work flow from one phase to another which in turn lead to loss to the company. This component provides content related to integration and collaboration required to perform various business activities and communicates effectively to process the workflow faster from one stage to another. This tam administers rooms aka sessions, achieve rooms. These are nothing but a meeting point to share and exchange the resources work as a team achieve desired goals put forth in the beginning of the project. Templates are available to create group as well as individual rooms as per their requirement and schedule. Users can create room to collaborate between employees, between business owner and the suppliers, between system administrator and the employees, between the customer and the employees. It also provides links to configure extension collaboration in case we want include additional resource to achieve specific tasks or goal. Configure room content stores, room mails to communicate with each other so that ever one involved in the tasks are in the same page, user can configure room categories, relationships. Here most of the tasks are performed by the portal content system administrator.

Workflow content has in built workflow templates, workflow instances, work items, work flow tasks, upon creating new workflow the system allocates unique template ID automatically and stores into the system. Is also maintains version control of start and end event and precedence constraints for smooth flow of work from one stage to another in a orderly fashion. It can accommodate work flows like quick tasks, feedbacks, nomination, generic application task etc. the users can load template from stored file or remove template including old one .This component helps the user to manage the workflow with hurdles and delay in business process, for instance when a customer places an order to purchase a product and this will be the first process in the business process life cycle. When the order is place the next process is to accept the order and acknowledge the order to the customer with email notification and generate a invoice and send it to customer to receive payment. Meanwhile a copy of invoice in send to the inventory management system where the system confirms the order and blocks the items for shipment and delivery and after the payment is received from the customer the shipment department delivers the consignment to the customer according to the sale contract. This process happens at a real time through integration of various business applications by automating the workflow. Here the workflow template helps to achieve the intended tasks.

Content statistics

Under content statistics the users can find portal activity report like pages and iviews that has been created. It will be displayed in the form of dash board which includes day, date/time, type, object name, hits, viewers ID’s, ID (system ID) which is automatically generated while creating this business objects. The statistics of the report will display the current state of collection and aggregation of portal activity data. The fields will be available in readable only format.

To conclude, the purpose of the portal content development is to integrate and collaborate business process application systems like order management, inventory management, finance, CRM, with the business partner or with the customers to conduct seamless business and reduce cost, inconsistency, ability to design and provide scalability to the application for future expansion is an important feature which will reduce huge cost. In order to achieve effective utilization of portal content the business should ensure accurate and relevant data is available in the database which is indexed and archived to facilitate faster retrieval as and when required. Because time is very precious in world of business especially when is involves systems and cutting edge technology. In order to access data securely the systems should be highly protected with advanced security features like single sign on, SSL, DMZ firewall security, audit trails, PCI compliance, Sarbanes Oxley regulations, two point authentication level systems. For instance, in order to approve any financial transaction this is of huge amount. The transaction has get approved from two authorized persons only then the transaction will get approved and process.

The content should be able to protect and Share Company’s sensitive data like financial agreements, patents, copyrights, customer information, supplier’s agreements, tenders, software codes etc. the content should  be developed in such a way that users can use and reuse the content over and over effectively and efficiently. By providing powerful search (delta search) methods and help options the user can locate right information at the right time to achieve business objectives. SAP netweaver portal content management application provides users to customize and personalized the portal application contents according to their type of business. the user can able to create their own style of pages, iviews, tasks, work sets, roles and store it in separate folders which is available at the left side portal in the form of navigation icons. Users can edit and modify as and when required how it should look and feel? What to include and what not to? 

Each tab has its own set of sub components under which user can create new folders to manage and organize contents according to the preferences. Whether the company is a ecommerce or brick and mortar the user can customize the application accordingly. For instance, let us assume that home depot has purchase the SAP enterprise portal for its business operations. The company will customize the applications in such a way that it creates separate folders to list out suppliers, customers, items catalog, reports like sales forecasting, sales turnover, and inventory control system, shipment and delivery, purchase orders, sales orders, accounting and finance etc. by maintain various activities separately provides users to navigate and access data quickly. Ultimately when these activities are collaborated and integrated with various business applications gives a competitive advantage over other rivalries in terms of higher performance, after sale service, faster deliver, eliminating information silos and achieves overall productivity of the company.

Last but not the least the benefits that the company will receive from effective utilization and well architectural design of portal content will provide,

• Integration and collaboration of various business process when streamlined through automating the workflow and tasks will ensure competitive advantage over its competitors.
• By providing adequate security to the company’s data will lead to increased trustworthy from customers and promote goodwill which eventually reduce substantial loss to the company. Because losing one customer is equal to retaining 3 customers.
• By building scalable, durable and consistent portal content application a company can expand its business venture to new heights when the applications is scalable i.e. scalability ability to expand the existing applications to accommodate large amount of data and business transactions rather than building a new one from scratch. This reduces huge cost and time which can be utilized in any other productive business activities.

Masquerading

Masquerading means stealing vital data by convincing other user has a legitimate user, that is when two user is communicating with each other when the attacker burrows into the communication channel by identifying has the legit user and tricks the user by asking the user to provide sensitive information. This can happen in many ways one of the ways is by using another user's IP address and gaining access to the network. Another way is to stealing the user ID and password by attacking with cookies and fictitious certificates and authorization prompts. By sending spam emails attackers spoof login password from the users by giving fake email address. Masquerading can occur in many ways some of them are as follows.

IP spoof

IP spoofing is one of the ways to trick the user to reveal the secured information to the attacker. IP spoofing occurs when the attacker sends a pop up message consists of IP address from trusted source to user computer in order to defeat security measures and authentications.  The attacker modifies the packet headers to resemble the original one to only pose to challenge to believe. The host is temporarily disabled and left vulnerable to connect to the host computer with just a address based authentication. When the attacker access gains access to the targeted computer the then executed some commands to take away all the information like web site domains resided in the computer without the knowledge of the user. The user will not know when it happened and how it happened and thinks the requested authentication is from trusted host. And the attacker uses the stolen web site domain names to gain access into the web networks and highjack the web sites.

Identity Spoof

Another way or gaining access to secured systems is identity spoofing. In this scenario the attacker uses previously stolen authenticated certificate to pass the verification process. Identity spoofing can take place via two means. Passive and active attack where in passive attack both the end user will not know the attacker has gained access to the network and in the latter case the host will know the that there is a middle man allegedly gain accessed to the network using stolen certificate. The attacker persistently continues to gain access to information until the user reveals the identity of the user. This kind of attack can range from less danger to critical danger i.e. the attacker can gain access to user bank account details and make away with money and personal information.

Web Spoofing

Another way of attacking the user to reveal the information is by web spoofing. In web spoofing the attacker designs exact replica of the web page and identifies himself as a original website for instance when doing online shopping when a person places order and the page diverts the person the payment gate way during that buffer time the attacker sends the exact replica of payment gate way page for example (paypal). If the user neglects to identify the fake web page he/she ends up in entering the credit card information and the attacker executes some commands to retrieve those information to attacker computer. This attack can be very serious for both customers as well as for the vendors. The attacker can misuse the credit card information where customer losses money and vendors losses trust from the customer. The attacker instead of fake web page he creates false links and embeds malicious software into it. When the user clicks the link the malicious software triggers and sweeps the information without the knowledge of the user.

Email Spoofing

Email spoofing is also another type of attack on getting access to user information. The attacker sends fake emails identifying has legit owner seeking user id and password by creating a believable story. If the user believes that the email is from trusted source and replies to that email. Your information is lost to the attacker. This attack is most common attack through which they take away bank account numbers, user id password of net banking and misuse it later. Website owners in order to prevent this kind of attack they constantly warned by sending frequent emails no to reply to the emails seeking sensitive information via emails.

Prevention

When browsing look for http, https and lock signs before making financial transactions. Use encrypted and decrypted security to exchange sensitive information. Look for any pop ups which has malicious application which can be accidently downloaded into the host computer and the malicious software take away the sensitive information from the computer.