English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 49983/85139 (59%)
造访人次 : 7802242      在线人数 : 107
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/74620


    题名: 使用PCI DSS評估程序檢視信用卡收單系統資料安全之研究 : 以某銀行為例
    其它题名: A research that uses PCI DSS assessment procedures to inspection credit card acquirer system's data security : take some bank as the example
    作者: 張欣洋;Chang, Shin-Yang
    贡献者: 淡江大學資訊工程學系碩士在職專班
    徐郁輝
    关键词: 支付卡行業資料安全標準;信用卡;PCI DSS;Credit card
    日期: 2011
    上传时间: 2011-12-28 19:04:47 (UTC+8)
    摘要: 新版個人資料保護法頒布後,銀行必須證明已善盡保護客戶資料的責任。否則一旦發生資料外洩事件,不但要面臨龐大的賠償金額,還要賠上銀行商譽。為確保銀行對信用卡持卡人資料已採取必要的保護措施,銀行必須符合PCI 規範。如果銀行的營業地點發生資料外洩情事,而銀行當下沒有符合PCI 規範,信用卡國際組織將對銀行處以罰款,同時銀行必須對因資料外洩所造成的詐欺交易負責。然而,如果銀行符合PCI 規範,就可以降低罰款並且有機會不須要為詐欺交易負責。
    如何才能證明符合PCI規範?最快的方式就是通過支付卡行業資料安全標準審查(Payment Card Industry Data Security Standard;以下簡稱PCI DSS),本研究針對筆者所任職的部門,使用PCI DSS 12項要求進行自我檢視,找尋出不符合安全測試程序的項目後,藉由改善網路架構或是自行開發程式來解決問題。最後得以通過PCI DSS審查。
    New Personal Data Protection Law was promulgated, the bank must demonstrate that fulfill our responsibility to protect customer information. Otherwise, in the event of data breaches, not only have a huge amount of compensation, but also lose the bank of goodwill. Bank must to ensure that credit card holders information has taken the necessary protective measures, the bank must comply with PCI specifications. If the bank''s place of business data leakage violations occur, the bank did not comply with current PCI specification,Bank will be an international credit card organization to impose fines, at the same time banks must be due to data leakage caused by the fraudulent transaction is responsible. However, if the bank in line with the PCI specification, you can reduce the penalty and the opportunity to not have to be responsible for the fraudulent transactions.
    How to demonstrate compliance with PCI specification? The fastest way to get the Payment Card Industry Data Security Standard certification (Payment Card Industry Data Security Standard; hereinafter referred to as PCI DSS), This research use of PCI DSS 12 requests for self-view, to find out the project does not meet the security test process, through improved network architecture or develop their own program to solve the problem. Finally passed PCI DSS review.
    显示于类别:[資訊工程學系暨研究所] 學位論文

    文件中的档案:

    档案 大小格式浏览次数
    index.html0KbHTML268检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈