cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Data Masking for specific values in Infoobject Attributes

Go to solution
Former Member

on ‎02-22-2012 3:28 PM

0 Kudos

A unique requirement. I have a Master Data Infoprovider (Infoobject) which has 3 attributes.

The first two attributes Attr1 and 2 values X1,X2,Y1 and Y2 sensitive data that is only relevant for one set of users and not the other.So if data in records 1 and 2 for Attr1 and Attr2 are only relavant for User Group 1. User Group 2 should be able to see Master Data for 1,2 and 3 and Attr1,2,3 but X1,X2,Y1 and Y2 records should be masked or data should be hidden from display but he should still see Fig 2

Fig 1

MD Attr1 Attr2 Attr3

1 X1 X2 X3

2 Y1 Y2 Y3

3 Z1 Z2 Z3

Fig 2

MD Attr1 Attr2 Attr3

1 _ _ X3

2 _ _ Y3

3 Z1 Z2 Z3

"-" represents Space

MD represents Master Data

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎02-23-2012 6:10 AM
0 Kudos

Hi,

I don't think there is anysuch provision in BI to show the infoobject in the report but display blank value if there is no authorization to see the value.

The max you can do is create particular infoobject with authorization and then assign that authorization to specific user role. Once that is done other people will not be able to use that characteristic in the report, if they have authorization then they will be able to see only relevant data.

Regards,

Durgesh.

Show replies
Show replies
Former Member
‎02-24-2012 4:04 PM
0 Kudos

Does Virtual Characteristic work while the Data is read in the query the Virtual Characteristic will read the authorization and mask the display of the data in the fields the user is not suppose to view.

Answers (2)

Answers (2)

Former Member
‎02-22-2012 6:04 PM
0 Kudos

Hello guys,

You may create compound characteristic User Group on your Master Data provider. During data load empty/fill attribute for every user group. Then you can control authorization solely on user group.

If the characteristic is already used in other infoproviders you may create a copy of it.

I don't think it's possible to blank value of characteristic/attribute according to authorization.

BR

Ondrej

Edited by: Ondrej Vach on Feb 22, 2012 7:10 PM

Show replies
Show replies
Former Member
‎02-22-2012 7:21 PM
0 Kudos

The solution need not be Authorization Relevant from the Security Perspective. Any new suggestions are welcome

Former Member
‎02-22-2012 5:03 PM
0 Kudos

Try creating Transaction variant .

Regards,

Kiran KL

Show replies
Show replies
Former Member
‎02-22-2012 6:07 PM
0 Kudos

What's a Transaction Variant? Were do we use it for this context. Is this what you are referring too.

[BEx Variant|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/00e1a04d-7adc-2e10-28a3-ee9333afa718?QuickLink=index&overridelayout=true]

Ask a Question