OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ekmi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [Fwd: Analysis of PCI-DSS Encryption & Key Management Requirements]

FYI.

-------- Original Message --------
Subject: Analysis of PCI-DSS Encryption & Key Management Requirements
Date: Sat, 18 Oct 2008 18:34:26 -0700
From: Arshad Noor <arshad.noor@strongauth.com>
Organization: StrongAuth, Inc.
To: dataloss@datalossdb.org

Encryption and Key Management raise many questions with respect to
PCI-DSS compliance. This is not surprising since this is the most
complex part of the DSS.

We've spent some time analysing each of the encryption and key-
management requirements and have written a paper discussing them.
I will disclose that the paper also explains, briefly, how the
free and open-source StrongKey Symmetric Key Management System
(SKMS) addresses each of the requirements.

The analysis is available for download at:

http://www.strongauth.com/pdf/Analysis-of-PCI-DSS-1.2-Key-Management-Requirements-v1.0.pdf.

We hope the paper is deemed helpful.

If you have any feedback or questions, please let me know directly.
Suggestions for improvement of the paper are always welcome.

Thank you.

Arshad Noor
StrongAuth, Inc.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]