Security Assessment of Payment Systems under PCI DSS Incompatibilities

机译：PCI DSS不兼容性下的支付系统安全评估

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

With the ubiquitous proliferation of electronic payment systems, data and application security has become more critical for financial operations. The Payment Card Industry Data Security Standard (PCI DSS) has been developed by the payment industry to provide a widely-applicable and definitive security compliance among all components in electronic payment infrastructure. However, the security impact of PCI DSS incompatibilities and relevant security assessment approaches for such cases are yet to be investigated in a comprehensive manner. Therefore, in this paper we present a security assessment framework for payment systems under PCI DSS incompatibilities. Moreover, we analyze a case study to evaluate our proposal and to provide some guidelines to security experts for assessment of PCI DSS compliance.

机译：随着电子支付系统的无处不在的扩散，数据和应用安全对金融业务变得更加重要。支付卡行业数据安全标准（PCI DSS）已由支付行业开发，以在电子支付基础设施中的所有组件中提供广泛适用和最终的安全合规性。但是，尚未以全面的方式调查PCI DSS不相容性和相关安全评估方法的安全影响。因此，在本文中，我们为PCI DSS不兼容性下的付款系统提供了安全评估框架。此外，我们分析了案例研究，以评估我们的提案，并为安全专家提供一些指导方针，以评估PCI DSS遵从性。

著录项

来源
《IFIP TC 11 International conference on information security and privacy》|2014年|395-402|共8页
会议地点
作者
Serif Bahtiyar; Guerkan Guer; Levent Altay;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Payment system security; Security assessment; PCI DSS; Risk analysis; Data and applications security;

机译：支付系统的安全性;安全评估; PCI DSS;风险分析;数据和应用安全;

相似文献

外文文献
中文文献
专利

1. Pci Dss: Payment Card Industry Data Security Standards In Context [J] . Edward A. Morse, Vasant Raval Computer law & security report . 2008,第6期

机译：Pci Dss：上下文中的支付卡行业数据安全标准
2. A tale of two standards: strengthening HIPAA security regulations using the PCI-DSS [J] . Mark Gaynor, Catherine Bass, Bryan Duepner Health system . 2015,第2期

机译：两个标准的故事：使用PCI-DSS加强HIPAA安全性法规
3. Matchmaking between PCI-DSS and Security [J] . Andre Marien Information Security Technical Report . 2010,第4期

机译：PCI-DSS与安全性之间的匹配
4. Moving towards PCI DSS 3.0 compliance: A case study of credit card data security audit in an online payment company [C] . Shihab Muhammad R., Misdianti Febriana International Conference on Advanced Computer Science and Information Systems . 2014

机译：迈向PCI DSS 3.0合规性：在线支付公司中信用卡数据安全审核的案例研究
5. A decision support system (DSS) assessment model for turf playing condition infrastructure (TPCI) as an early indicator of compliance with performance quality standards. [D] . Emanuel, William Gilbert. 2015

机译：用于草皮比赛条件基础设施（TPCI）的决策支持系统（DSS）评估模型，可作为符合性能质量标准的早期指标。
6. Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets [O] . Kuei-Hu Chang -1

机译：使用攻击树和Vague集的Internet安全系统的安全威胁评估
7. Analysis of Payment Card Industry Data Security Standard PCI DSS Compliance by Confluence of COBIT 5 Framework [O] . Ashish Ukidve, Ds S SMantha, Milind Tadvalka 2017

机译：支付卡行业数据安全标准PCI DSS遵守COBIT 5框架的合规性分析
8. Helping Airports Understand the Payment Card Industry Data Security Standard (PCI DSS). Research Results Digest 11 [R] . 2010

机译：帮助机场了解支付卡行业数据安全标准（pCI Dss）。研究结果摘要11

Security Assessment of Payment Systems under PCI DSS Incompatibilities

摘要

著录项

相似文献

相关主题

期刊订阅