Posts Subscribe to Revolution ChurchComments

Sunday, July 3, 2011

PCI-DSS (Index A)

1:57 AM Posted by TechnALLogy
Labels: , , , ,

Payment Card Industry (PCI) Data Security Standard (DSS)


Acronyms Glossary, Abbreviations and Acronyms


  • AAA - Authentication, authorization, and accounting protocol 
  • Accounting - Tracking of users’ network resources
  • Access control - Mechanisms that limit availability of information or information processing resources only to authorized persons or applications
  • Account harvesting - Process of identifying existing user accounts based on trial and error. [Note:Providing excessive information in error messages can disclose enough to make it easier for an attacker to penetrate and ‘harvest’ or compromise the system.]
  • Account number - Payment card number (credit or debit) that identifies the issuer and the particular cardholder account. Also called Primary Account Number (PAN)
  • Acquirer - Bankcard association member that initiates and maintains relationships with merchants that accept payment cards
  • AES -  Advanced encryption standard. Block cipher adopted by NIST in November 2001. Algorithm is specified in FIPS PUB 197
  • ANSI - American National Standards Institute. Private, non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system
  • Anti-Virus Program - Programs capable of detecting, removing, and protecting against various forms of malicious code or malware, including viruses, worms, Trojan horses, spyware, and adware.
  • Application - Includes all purchased and custom software programs or groups of programs designed for end users, including both internal and external (web) applications
  • Approved Standards - Approved standards are standardized algorithms (like in ISO and ANSI) and well-known commercially available standards (like Blowfish) that meet the intent of strong cryptography. Examples of approved standards are AES (128 bits and higher), TDES (two or three independent keys), RSA (1024 bits) and ElGamal (1024 bits) 
  • Asset - Information or information processing resources of an organization
  • Audit Log - Chronological record of system activities. Provides a trail sufficient to permit reconstruction, review, and examination of sequence of environments and activities surrounding or leading to operation, procedure, or event in a transaction from inception to final results. Sometimes specifically referred to as security audit trail
  • Authentication - Process of verifying identity of a subject or process
  • Authorization - Granting of access or other rights to a user, program, or process


0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Hit Counter


Statistics

Followers

 

Programmer's Guide. Copyright 2008 All Rights Reserved