Security Assessment of Payment Systems under PCI DSS Incompatibilities

Abstract : With the ubiquitous proliferation of electronic payment systems, data and application security has become more critical for financial operations. The Payment Card Industry Data Security Standard (PCI DSS) has been developed by the payment industry to provide a widely-applicable and definitive security compliance among all components in electronic payment infrastructure. However, the security impact of PCI DSS incompatibilities and relevant security assessment approaches for such cases are yet to be investigated in a comprehensive manner. Therefore, in this paper we present a security assessment framework for payment systems under PCI DSS incompatibilities. Moreover, we analyze a case study to evaluate our proposal and to provide some guidelines to security experts for assessment of PCI DSS compliance.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.395-402, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_33〉
Liste complète des métadonnées

Littérature citée [7 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01370387
Contributeur : Hal Ifip <>
Soumis le : jeudi 22 septembre 2016 - 14:30:17
Dernière modification le : jeudi 22 septembre 2016 - 15:07:43

Fichier

978-3-642-55415-5_33_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Şerif Bahtiyar, Gürkan Gür, Levent Altay. Security Assessment of Payment Systems under PCI DSS Incompatibilities. Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.395-402, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_33〉. 〈hal-01370387〉

Partager

Métriques

Consultations de la notice

174

Téléchargements de fichiers

52