Chapter-5

Layer	Description	Example Practices
Perimeter Security	Network firewalls, SAP Gateway controls	Secure network configuration
Authentication	User login, Single Sign-On (SSO)	SAP Logon Tickets, SAML
Authorization	Role-based permissions and authorization checks	`AUTHORITY-CHECK` statements
Input Validation	Sanitizing user inputs	Parameter checks, regex validation
Data Protection	Encryption, masking sensitive data	SAP Cryptographic Library usage
Error Handling	Avoiding detailed error messages to users	Generic error messages
Monitoring	Logging and audit trails	Secure log management, alerts

¶ Secure Coding Principles: Defense in Depth