http/security_session_timeout is a SAP Parameter attribute which is used to control (Inactivity) Timeout for Http Security Sessions [in seconds] information. This is available within R/3 SAP systems depending on the version and release level.
Below is the standard documentation available and a few details of the attributes values .
This parameter defines how much time can elapse between the receipt
of two HTTP requests (with valid security session IDs). After this
time limit expires, all application contexts (if you are using
stateful Web applications) on this application server that are
connected with a security session are closed (and the associated
resources are released, more information: rdisp/plugin_auto_logout).
If the security session is no longer in active use on another
application server, the security session is also closed. All
subsequent HTTP requests (for Web-based applications / services that
require authentication) result in an authentiation request.
See SAP Parameter Documentation for full SAP documentation for this profile parameter.