Understanding SAP HANA Security Concepts and

Transcription

Understanding SAP HANA Security Concepts and
Mitigating Risks
Session 0511
Mark Hourani, SAP HANA Product Management
June 2014
Disclaimer
This presentation outlines our general product direction and should not be relied on in making a
purchase decision. This presentation is not subject to your license agreement or any other agreement
with SAP. SAP has no obligation to pursue any course of business outlined in this presentation or to
develop or release any functionality mentioned in this presentation. This presentation and SAP's
strategy and possible future developments are subject to change and may be changed by SAP at any
time for any reason without notice. This document is provided without a warranty of any kind, either
express or implied, including but not limited to, the implied warranties of merchantability, fitness for a
particular purpose, or non-infringement. SAP assumes no responsibility for errors or omissions in this
document, except if such damages were caused by SAP intentionally or grossly negligent.
© 2014 SAP AG or an SAP affiliate company. All rights reserved.
Public
2
Understanding SAP HANA Security Concepts and Mitigating Risks
Agenda
Overview
Security in general
Security for native application development
Security for SAP BW
Security for SAP Business Suite
Summary and Q&A
Public
3
SAP HANA Overview
SAP HANA
In-Memory Strategy
Analytics
Transactions
Custom Applications
Deployment Choices
One store
The app platform
Flexibility
 SAP HANA real-time
operational analytics
 Complete BI Suite with BI 4
runs on SAP HANA
 SAP BW powered by SAP
HANA
 SAP industry & line of
business apps & accelerators
 3rd party BI/ETL certification
program and openness
 SAP HANA persistence layer
for OLAP and OLTP
 SAP Business Suite
optimized for in-memory
data management
 SAP HANA primary
persistence layer for SAP
Business Suite
 Broad investments in inmemory platform for
applications and solutions
 Extended application
services (XS)
 Developer services and tools
 Openness
 Various deployment options
(on-premise, public cloud,
managed cloud, hosted)
 Develop, test, and deploy in
any environment or in a
hybrid model
 Fully capable and ready to
use software and
environments
 License, cost, scalability, and
support options
 Flexible real time analysis of
operations on detail level
 Primary persistence and
optimized for SAP BW
 Landscape simplification
 Improved performance
 Business process innovation
 Lower total cost of ownership
and development
 Reduced time-to-value
 Quicker RTO
 Flexible and tailored options
 Reduced cost and barrier to
entry
 Instant availability
 Quicker adoption
In-memory analytics
Capabilities
Benefits
This is the current state of planning and may be changed by SAP at any time.
Public
5
Security Architecture
SAP HANA Security Architecture
Client
Application
Application
JDBC
ODBC
SQLDBC
Application
Server
Client
Client
JDBC
ODBC
Client
HTTP(S)
Traditional Security Architecture
Application
Authentication /
SSO
Authorization
Encryption
Identity
Store
XS
Audit Logging
Authentication /
SSO
Application Server
Database
Authorization
Encryption
Identity
Store
Audit Logging
SAP HANA
Public
6
Data Mart Scenario
General
Data-mart (analytics)
Client
Client
SAP BusinessObjects
Business Intelligence
Data Marts powered by SAP HANA
 Push processing down to SAP HANA Calculation
Engine
 SAP Lumira Server powered by SAP HANA
 Open platform
 Leverage SAP HANA Advanced Analysis features
– Geospatial
– Predictive Analysis Library
– Text Analysis Library
Data models
Source
Replication
SAP HANA
SAP BusinessObjects business intelligence with data
replicated from SAP ERP
Public
7
SAP HANA Security
Considerations and Capabilities
In general
SAP HANA – Overview of Security Functions
Tools
Apps
JDBC
ODBC
SQLDBC
Client
SAP HANA Studio
HDBSQL
Administration
Development
Administration
Development
Command
line
SQL
JDBC
HTTP(S)
Application Server
SAP HANA Web IDE
SQLDBC
Client
Application
XS
Other
DB
Federation via
Smart Data
Access (SDA)
Encryption
Authentication/SSO
Authorization
Identity Store
Audit Logging
Other
DB
Replication
SAP HANA
Public
9
SAP HANA – 2 Types of Application Users
1.
2.
An application server, accessing SAP HANA via a
technical user ID
HANA User
HANA User
Client
Client
JDBC
ODBC
User access to a single SAP HANA system and
content can be managed and controlled by
App User
Directly, accessing SAP HANA via named user
access
Application
Server
HANA Technical
User
XS
SAP HANA
For logon, a database user must exist in HANA identity store
Public
10
Data Mart Scenario Security
General
e.g. SAP BusinessObjects business intelligence solution
with data replicated from SAP ERP
Client
Client
 Direct access of individual users to the SAP
HANA database, e.g. to consume reports or view
dashboards or using Microsoft Excel
 Privileges for individual users/roles assigned on
database level
 Direct access of database administrators to the
SAP HANA database
SAP BusinessObjects
Database
admins
Individual
end users
Source
Replication
SAP HANA
Source
Replication
SAP HANA
Public
11
SAP HANA – 2 Types of Connectivity
Corresponding Authentication Options
App User
SAP HANA access is facilitated by two protocols
HTTP/HTTPS
–
–
–
–
–
2.
User name and password (basic authentication, form-based login)
Kerberos via SPNEGO
SAML
SAP logon and assertion tickets
X.509
JDBC/ODBC/SQLDBC
–
–
–
–
User name and password
Kerberos
SAML
SAP logon and assertion tickets
HANA User
Client
Client
JDBC
ODBC
1.
HANA User
Application
Server
HANA Technical
User
ICM
XS
SAP HANA
HTTP/HTTPS communications are managed by the Internet Connection Manager (ICM)
Public
12
SAP HANA – 2 Types of Content
The Repository stores design time content
• Code representation of:
• Repository content is organized in packages
•
•
•
•
Privileges
Roles
Database objects
Data
The Catalog stores active objects
• Users
• Privileges
• Roles
• Database objects
•
•
Transportable as delivery units
Repository
Activation
Catalog
SAP HANA
Packages are represented as namespace prefixes in corresponding catalog objects
Public
13
SAP HANA Authorization
Privilege Types
System Privileges
Package Privileges
Authorize execution of administrative actions for the
entire SAP HANA database
Authorize access to design-time content stored in
the repository (modeling environment)
SQL Privileges
Application Privileges
Authorize access to data and operations on database
objects
Authorize access to SAP HANA XS
applications/functions.
Analytic Privileges
Privileges on Users
Authorize read access on analytic views at run-time,
provide row-level access control based on dimensions
of the respective view
Allow other users to debug your sessions
Privileges are inherited via roles. Roles can be nested.
Public
14
Governance and Compliance Solution for Hana
SAP Access Control for HANA
Get Clean

Workflow driven approval and notification processes

Integrated Risk Analysis and Remediation

User, Role, and Risk certification and reviews

Governance and compliance analytics
Stay Clean

Self service access request process stand alone or
integrated with SAP Identity Management

Integrated with HANA security model
 Authorization
 Identity model
 Logging infrastructure
• Manage Access
• Manage Roles
• Certify Access
• Analyze Risks
• Remediate SoD Violations
Stay in Control
• Manage and Monitor Emergency
Access
• Alerts
Public
15
SAP HANA security
considerations and capabilities
Native Application Development (XS Applications / SQL Script)
SAP HANA Scenarios
SAP HANA Extended Application Services (XS)
Technical infrastructure for new native
applications
HTTP(S)
Client
Rationale: Enable application development and
deployment – minimize layers
 HTTP-based UI (browser, mobile apps)
 Run directly on SAP HANA, without an additional
external application layer
 Leverage the built-in strengths of SAP HANA for the
best possible performance
Application
XS
SAP HANA
Browser-based application built directly on
SAP HANA using XS
Scope
 Light-weight, yet powerful, web-based applications
 High-speed business applications with deep
integration of differentiating SAP HANA database
features
XS Applications are built using server-side javascript (XSJS)
Public
17
SAP HANA – Security Aspects of SAP HANA XS scenarios
Security Considerations for Application Development
Integrated with HANA security model
 User and role management
 Single Sign-On
 Honors DB authorizations
 Communication and data encryption
 Audit logging
HTTP(S)
Client
Application
XS
SAP HANA
Browser-based application built directly on SAP
HANA using XS
Administrator Tasks
 Which authentication methods are required?
 Which parts of the application require an SSL protected
connection?
 How are users provisioned and security maintained?
 Which destinations must be configured for outgoing
connectivity?
 How is developer access monitored and maintained?
Developer and Application Tasks
 Which parts of an application get exposed via http?
 Which parts require authentication? Authorization?
 Which privileges are needed for application users and
application components?
Security administration should be considered upfront for XS applications
Public
18
Server-Side JavaScript Security Considerations
Special attention is required to avoid security-related problems when writing serverside JavaScript.
•
•
•
•
SSL/HTTPS
Injection flaws
Cross-site scripting (XSS)
Broken authentication and session
management
• Insecure direct object references
• Cross-site request forgery (XSRF)
•
•
•
•
•
•
Incorrect security configuration
Insecure cryptographic storage
Missing restrictions on URL Access
Insufficient transport layer protection
Invalid redirects and forwards
XML processing issues
Each item is addressed in its own section of the SAP HANA Developer Guide
Public
19
SAP HANA Stored Procedures
CREATE PROCEDURE SAMPLE_PROC()
LANGUAGE SQLSCRIPT SQL SECURITY DEFINER READS SQL DATA AS
BEGIN
…
END;
Indicates procedure
is read ONLY
“DEFINER” specifies that the procedure inherits the rights of
the creator of the procedure
“INVOKER” would specify the execution is performed with
the privileges of the invoker of the procedure.
To enable the creation of read-write procedures and of procedures in definer mode you must change
the SQL Script mode to unsecure.
Public
20
SAP HANA security
SAP BW
SAP HANA as Persistence for SAP Business Warehouse (BW)
3-tier application
SAP Business Warehouse
Client
SAP Business Warehouse powered by SAP HANA
 Improved performance
 SAP HANA offers In Memory Column Store,
Calculation Engine and Planning Engine
 BW pushes down complex calculation logic and
aggregation processing to the database server
SQLDBC
Application Server
SAP HANA
 Swapping existing DB out with SAP HANA is
simple, fast and doesn’t require any changes to the
BW layer
 IT can show tangible benefits to business users
quickly
 BW Models and HANA Models can be shared and
built upon
Public
22
Data Mart Scenario
Client
Client
Application
Server
SAP BusinessObjects
Client
SAP Business Warehouse powered by SAP HANA
 Use BW for complete Enterprise Data Warehouse
(EDW) solution
 Securely expose InfoProviders as views to enable
direct access from BI tools to BW Data Models in
HANA
 Leverage HANA Data Models in BW
Data models
SAP HANA
SAP BusinessObjects business intelligence and BW
Public
23
SAP HANA as Persistence for Business Suite & BW
3-tier application
SAP Business Suite
Client
SQLDBC
Application Server
Access from Business Suite or Business
Warehouse to SAP HANA
 Same security model for user access as with
other databases
 Security functions of SAP NetWeaver ABAP/JAVA
still apply
– Application server connects with technical
database user to SAP HANA database
– Authorization management as before with
existing methods
– User management in the application server
 SAP HANA security functions are used to manage
administrative access to the database
SAP HANA
Public
24
Data mart scenario – SAP Business Warehouse
e.g. SAP BusinessObjects business intelligence solution
Client
Client
Application
Server
SAP BusinessObjects
Client
SAP Business Warehouse info providers
can be exposed as analytical views in SAP
HANA
 Automatic generation of analytical views on
specified info providers
 Analytic privileges are automatically generated
 Views can be accessed by native SAP HANA
clients and applications
 Requires named users to exist as SAP HANA
database users
 Likewise, HANA Models can be consumed in BW
Data models
SAP HANA
Public
25
BW on HANA
Mixed Scenario - Two Types of Models
BW content is stored in HANA in the BW Managed Schema
BW content can be exposed to HANA users using two mechanisms:
1. automatically by generating content (Push from BW)
2. by importing the content via HANA Modeler (Pull from BW)
HANA and BW Models can be
shared and built upon
BW
Models
Virtualization
Replication
HANA Models
SAP HANA
Queries executed on the SAP HANA views are executed directly on SAP HANA, without the BW system
being addressed.
Public
26
Creating Views in SAP HANA for BW InfoProviders
Comparison of the Two Methods
Generating from the BW System
Importing from SAP HANA Modeler
Use Case
Mainly use BW and execute queries directly If mainly using SAP HANA Modeler and your own
on the data models, without OLAP functions ETL tools
Updates
Changes made to the InfoProvider are
reflected in HANA Views. Process chain is
recommended
The SAP HANA views are only updated by a reimport from the HANA Modeler
Transport
Is transported with BW transport
Is transported with HANA transport
Supported
InfoProviders
InfoCubes, DataStore objects, InfoObjects, InfoCubes, standard DataStore objects,
queries as InfoProviders,
InfoObjects, queries as InfoPoviders
CompositeProviders (exceptions exist)
Authorizations Based on BW analysis authorizations. Uses Based on BW analysis authorizations. XML
SQL Analytic Privileges. Automatically
Analytic Privileges are generated, but NOT
assigned to users
assigned to users
Public
27
What gets generated by BW in HANA
BW
HANA
Analytic
View
User
Assigned
Roles
Role
SQL
Analytic
Privilege
Stored
Procedure
By default the name of the content package in HANA will be system-local.bw.bw2hana
Public
28
Demo/Screen Shots
SAP BW Powered by SAP HANA
Constraints
Not all InfoProvider properties can be added to the generated SAP HANA view.
Limitations exist for the following:
•
Hierarchies
• Conversion exits (e.g. ALPHA and date conversion)
• Compound characteristics added as InfoObjects
• Display attributes
• Key figures with certain aggregation types
• Non-cumulative key figures
• Data from near-line storage
Principle: Not all authorizations will be exposed. But you can be confident that too much data
will never be exposed.
Public
30
Best Practices
•
Create process chain to ensure authorizations are current in HANA
•
Don’t add security authorization logic in ABAP
•
Don’t change generated content in HANA. You should instead, build roles, views
and privileges on top
•
The package storing the generated SAP HANA views should be write-protected.
Only read authorization should be granted for the views.
Public
31
SAP HANA security
SAP Business Suite on HANA
SAP HANA as Persistence for SAP Business Suite
3-tier application
SAP Business Suite
Client
Client
Application
Server
SAP BusinessObjects
SAP HANA Live
Client
SAP Business Suite powered by SAP HANA
 Landscape simplification: transaction processing
(OLTP) and online analytical processing (OLAP)
on one platform
 Speed of SAP HANA translated into efficient work
and process improvements
 No separate hardware needed for SAP HANA
applications when deployed on the SAP ERP
application running on SAP HANA
 Leverage full feature set of SAP HANA
 SAP HANA Live for SAP Business Suite delivers
business view on a transactional data in real time
 Reporting without latency or replication
XS
SAP HANA
Public
33
SAP HANA as persistence for Business Suite & BW
3-tier application
SAP Business Suite
Client
SQLDBC
Application Server
Access from Business Suite or Business
Warehouse to SAP HANA
 Same security model for user access as with
other databases
 Security functions of SAP NetWeaver ABAP/JAVA
still apply
– Application server connects with technical
database user to SAP HANA database
– Authorization management as before with
existing methods
– User management in the application server
 SAP HANA security functions are used to manage
administrative access to the database
SAP HANA
Public
34
Data mart scenario – SAP HANA Live for SAP Business Suite
3-tier application
e.g. SAP Business Suite
Client
Client
Application
Server
SAP BusinessObjects
SAP HANA Live for SAP Business Suite supports
direct access to ERP data in SAP HANA
Client
 Each SAP HANA Live user gets a database user
 Authorization check within SAP HANA using
privileges
 The Analytics Authorization Assistant is a tool
that generates SAP HANA authorizations from
ABAP PFCG roles
SAP HANA Live
XS
SAP HANA
Public
35
Analytics Authorization Assistant
Generates and Updates Privileges
Generate Privileges
Update Privileges
 Generates XML-based Analytic Privileges based on
 Updates generated Analytic Privileges and roles
ABAP PFCG Authorization data
based on changes in ABAP PFCG Authorization data
 Generates Analytic Privileges for multiple views and  Identifies users for whom Analytic Privileges and roles
users at once
were created in the HANA System
 Creates APs for users and their authorization values  Can show whether any changes occurred between
in ABAP system tables USRB2 and UST12. Assigns
generated AP and the ABAP PFCG authorization data
them to a user specific role
replicated from the source system
 After the process finishes, created roles must be
assigned to the respective HANA users (once only)
 Creates new APs and updates the user’s role
 APs which are no longer necessary are removed
We recommend that you do not manually change either the generated role or the AP as this
might affect behavior of the application
© 2013 SAP AG. All rights reserved.
Internal
36
Demo/Screen Shots
SAP Business Suite Powered by SAP HANA / Authorization Assistant
Summary and Q&A
Summary
You should now know…
Key SAP HANA security concepts and configurations
SAP HANA scenario specific security considerations
SAP HANA has tools to easily share content and
security models between HANA and key SAP
applications running on HANA
SAP BW has new capabilities to automatically
generate SAP HANA users, views, privileges and
roles and their associations
Public
39
SAP HANA Security – More Information
SAP HANA documentation on the SAP Help Portal





SAP HANA Security Guide
SAP HANA Master Guide (incl. network setup)
SAP HANA Developer Guide
Merging Data from BW and SAP HANA (Mixed Scenarios)
Importing BW Objects: http://help.sap.com/hana_appliance -> Development Information ->
SAP HANA Developer Guide -> Importing BW Objects
SAP HANA on the web
 General information on SAP HANA: http://www.saphana.com
 Security whitepaper: http://www.saphana.com/docs/DOC-3751
 Best practices: https://scn.sap.com/docs/DOC-53974
Important SAP Notes





1598623: SAP HANA appliance: Security (Central Security Note)
1514967: SAP HANA appliance (Central Appliance Note)
1730929: Using external tools in an SAP HANA appliance
1730930: Using antivirus software in an SAP HANA appliance
1730999: Configuration changes in HANA appliance
Public
40
?
Questions
Follow Us
Public
42
THANK YOU
THANK YOU FOR PARTICIPATING
Please provide feedback on this session by completing
a short survey via the event mobile application.
SESSION CODE: 0511
For ongoing education on this area of focus,
visit www.ASUG.com
Public
43
Session 0511
Thank you
Contact information:
Mark Hourani
Senior Director, SAP HANA Product Management
Palo Alto, CA
Demo/Screen Shots
Analytic Privilege Creation
Analytic Privileges
Creation
Define Name and Description
Choose the package
Public
46
Analytic Privileges
Select Information Models
Select applicable Information
Models
•
Views have two functions in
Analytic Privileges
•
•
Views to which you want to
grant access
View from which you want to
select fields for restrictions
You can add further views to
the privilege later
Public
47
Analytic Privileges
Select Views
Restrictions apply to all views
in list of “Reference Models”
•
Choose “Add” in “Reference
Models” section
•
Pick any appropriate view
from any package
Do not use the “Applicable to
All Content Models” option
•
Reason:
•
Can have surprising side
effects
•
You give away control over
model access
Public
48
Analytic Privileges
Define Concrete Restrictions
You may implement value
restrictions for all selected fields
•
If no value restriction
implemented -> no restrictions
(wildcard)
•
Otherwise: user will only be
allowed to see listed values
Public
49
Analytic Privileges
Dynamic Analytic Privileges
Dynamic analytic privileges provide a more flexible approach. The actual filter conditions are
obtained at runtime from a stored procedure, which can contain complex logic.
This enables you to:
•
Reuse the same analytic privilege for several users
•
Change the filter condition in the underlying tables and views without having to change the analytic
privilege itself
Example:
The stored procedure in the analytic
privilege queries the user‘s business
department from an org table, and checks in
another table whether the user has
manager status.
Public
50
Analytic privileges
In a Role
The last step is to assign the
different privileges to an
authorization role
Public
51
Demo/Screen Shots
SAP BW Powered by SAP HANA
User Creation
SU01: Create new user
Users are
automatically created
in SAP HANA
DBMS tab allows
setting of initial
password and viewing
of roles
Public
53
InfoObject
RSD1: Create InfoObjects
InfoObjects should
have the Authorization
Relevant flag checked
Public
54
InfoCube
RSDCUBE: Create InfoCube
InfoCubes to be
exposed as HANA
views require the
setting External
SAP HANA view
to be checked
Public
55
Authorizations
RSU01: Assign Authorizations
Assigned BW
authorizations will be
generated and
assigned to users in
HANA
Public
56
User Creation
HANA roles are visible
after user has been
created
Public
57
Corresponding HANA Objects and Screens
User
User is created with
assigned Roles
Public
58
Role – Object Privs
Roles for each InfoCube are
created and assigned Object
Privileges…
Public
59
Role – Analytic Priv
and the role is assigned Analytic
Privileges
Public
60
Analytic View
A view is
created for
each
InfoCube
marked as an
External SAP
HANA View
in BW
Public
61
Proc
The Analytic Privilege uses a
procedure that filters access
based on the table
RS2HANA_AUTH_STR
Public
62
BW Process chain
RSPC: Create process chain / or (RSA1)
Create a process
chain to enforce
periodic updates of
authorizations in
BW
Public
63
Demo/Screen Shots
SAP Business Suite Powered by SAP HANA / Authorization Assistant
How to Create Analytics Privileges for Views using the Analytics
Authorization Assistant?
1/3
1
Launch Analytics Authorization Assistant from the
menu and select Generate Analytic Privileges
2
Select a SAP HANA system using the Select
System button. Ensure that you use an user who
has access to the schema to which the views
belong
The APs are created in the package
“sap/hba/tools/auth/ap” and cannot be changed
3
Select the views that you want to generate AP
for. You can either select one or more views and
add or add a fill package. You can even browse
views based on Application Component.
Please note that the flag “Show only Query
Views” is checked by default. This will only show
Query views. For generating AP for views
developed by you please uncheck this flag
Click on Next
Public
65
2/3
4
On the next screen enter the ABAP client from which you want to read the Authorization information and users.
If the selected views select the data from different schemas the client has to specified for each schema
separately.
5
Select one or more ABAP users for whom you want to generate AP. Click on Next
Public
66
3/3
6
The system checks the authorization values for the selected users and views and shows a plan for which
objects will be generated.
Click Finish to start the generation. You may run the generation in the background and check the results when
it is completed.
Also note that it is not mandatory to click Next in Step 5. You may directly start the generation by clicking Finish
on Step 5
Public
67
How to Update Analytics Privileges for using the Analytics
1/3
1
Launch Analytics Authorization Assistant from the menu and select Update Analytic Privileges
2
Select a SAP HANA system using the Select System button. Ensure that you use an user who has access to the
schema to which the views belong.
Select the schema you want to check changes for and enter the client for the schema.
All users for whom AP and roles were created in the past for the selected schema and client are displayed.
Public
68
How to Update Analytics Privileges for using the Analytics
2/3
3
Select the users for whom you want to check for
changes in PFCG authorizations and click Next
4 The system displays all changes detected for the
selected users in step 3. if you wish to change the APs
created click on Finish
Public
69
How to Create Analytics Privileges for Non-Query Views using the
Analytics Authorization Assistant?
3/3
5
The system creates any new APs required. It also removes APs not required any more. If removed AP is not
used by any other user then such AP is also deleted
Please note that APs are not modified. Changes are done by creating new ones and removing old ones.
Public
70
Authorizations for BW and SAP HANA (Mixed Scenarios)
In scenarios where data modeled in the BW system is merged with data modeled in SAP HANA with SAP HANA tools, the relevant
authorizations need to be created in SAP HANA.
In the SAP HANA database, analytic privileges are used to define which users are allowed to view which data records for analysis
purposes. Analytic privileges are handled as filters for database queries. Users only see the data for which they have an analytic
privilege. In BW, however, authorizations do not work as filters. Here, users can only execute a query if their analysis authorizations
completely cover the relevant selection. If this is not the case, an error message is displayed. Analytic privileges are persisted on the BW
system and in the SAP HANA database.
If you want to create SAP HANA views from InfoProviders, you have two options - each option requires different authorizations:
•
XML-based analytic privileges are generated/defined when SAP HANA views are created from InfoProviders from SAP HANA. More
information: http://help.sap.com/hana_appliance Development Information SAP HANA Developer Guide Importing BW Objects
•
SQL-based analytic privileges are generated when SAP HANA views are created from InfoProviders from the BW system. More
information: Authorizations for Generating SAP HANA Views
Therefore you cannot use the existing analytic privileges of one method for the other method.
Public
71

Understanding SAP HANA Security Concepts and

Transcription

Similar documents

Record of Achievement

Variant configuration

Formerly, Zygen Technology

unit 5: financials - [email protected]

Record of Achievement

Efficient project management – Although employees are

Halfords` SAP Upgrade and Migration to the Cloud

Supply Chain Through Mobility

High Voltage Maintenance

The Schwan Food Company Develops a Roadmap to