标准号:ISO 13491-2-2005
实施状态:作废
中文名称:银行业务.安全加密设备(零售).第2部分:财务交易用装置的安全一致性核对表
英文名称:Banking - Secure cryptographic devices (retail) - Part 2: Security compliance checklists for devices used in financial transactions
发布日期:2005-06
被替代标准:ISO 13491-2-2016
代替标准:ISO 13491-2-2000;ISO/FDIS 13491-2-2005
采用标准:ANSI X 9.97-2-2009,IDT;BS ISO 13491-2-2005,IDT;GB/T 20547.2-2006,MOD
起草单位:ISO/TC 68
标准简介:This part of ISO 13491 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes, as specified in parts 1 and 2 of ISO 9564, ISO 16609 and parts 1 to 6 of ISO 11568, in the financial services environment. IC payment cards are subject to the requirements identified in this part of ISO 13491 up until the time of issue, after which they are to be regarded as a "personal" device and outside of the scope of this document.
This part of ISO 13491 does not address issues arising from the denial of service of an SCD.
In the checklists given in annexes A to H, the term "not feasible" is intended to convey the notion that although a particular attack might be technically possible it would not be economically viable, since carrying out the attack would cost more than any benefits obtained from a successful attack. In addition to attacks for purely economic gain, malicious attacks directed toward loss of reputation need to be considered.
文件格式:PDF
文件大小:287.60KB
文件页数:38
(以上信息更新时间为:2019-11-22)
ISO 13491-2-2005 银行业务.安全加密设备(零售).第2部分_财务交易用装置的安全一致性核对表.pdf
(287.6 KB)
|
|
