Home Editor's Blog News Special Reports Directory Events Advertise Submit Your News About Us Guides
News by Zone I News by Date I News by Category
 
Home Payment cards and e-commerce security PCI Compliance for Large Computing Systems
Free Newsletter
Register for our Free Newsletters
Zones
Access Control
Alarms
Biometrics
Detection
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
Surveillance
View All
Other Carouselweb publications
 
 
 
 
 
 
 
 
News

PCI Compliance for Large Computing Systems

Atsec Information Security : 09 March, 2010  (Technical Article)
atsec has published a white paper aimed at operators of large system environments who need to become compliant to payment card industry standards
atsec information security announces the publication the 'Payment Card Industry Compliance For Large Computing Systems" white paper. The paper was created by mainframe and PCI experts from atsec and IBM and is now available as a PDF document on atsec's website. atsec is accredited as a Qualified Security Assessor (QSA) by the Payment Card Industry (PCI) Security Standards Council and has a deep understanding of Large Computing Systems (LCS) through many years of evaluating and testing z Series systems against standards such as Common Criteria and FIPS 140-2. This type of evaluation and test requires a thorough, in-depth analysis of the involved security functionality. In addition, atsec performs penetration testing of LCS for customers in the financial industry. Abstract: "Payment Card Industry Compliance for Large Computing Systems," written by atsec in association with IBM and other leading Large Computing Systems (LCS) experts, is aimed at addressing the need for guidance and information by QSAs, merchants, and service providers whose cardholder data environment is largely based on LCS technology. It may also be of interest to acquirers and card brands that are demanding compliance with specific standards. Achieving and assessing PCI compliance in a LCS environment can be challenging because the standards are focused towards a distributed systems paradigm. A full understanding of the security features and advantages of this complex environment can provide assurance of compliance to the standard, but it is a very broad and detailed topic. Drawing from their extensive knowledge of mainframe and LCS security, as well as their experience working for an accredited QSA, atsec's consultants have a thorough understanding of the security functionality of these systems at every level, including operating systems, virtualization technology, applications, networking and communication, and mainframe environments. This understanding has been gained through experience performing Common Criteria evaluation for the US and Europe governments, cryptographic testing and analysis, and mainframe penetration testing for large financial customers on the following systems and applications: Ã「âぎÂ「 z/OS Ã「âぎÂ「 z/VM Ã「âぎÂ「 PR/SM Ã「âぎÂ「 System SSL Ã「âぎÂ「 DB2 Ã「âぎÂ「 Multiple Tivoli and third party vendor applications In "Payment Card Industry Compliance for Large Computing Systems," atsec presents an analysis of the PCI standards in the context of a LCS environment and provides focused guidance to QSAs and their customers on the PCI assessment of such environments and the resources available to support an assessment. The authors have an extensive knowledge of mainframe and LCS security, coupled with experience as an accredited QSA, and in this whitepaper, provide the necessary insight into LCS security for QSAs and other PCI professionals.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   ツゥ 2012 ProSecurityZone.com