This standard, partially adapted from ISO 11770-3 (see [13]), specifies schemes for the agreement of symmetric keys using Diffie-Hellman and MQV algorithms. It covers methods of domain parameter generation, domain parameter validation, key pair generation, public key validation, shared secret value calculation, key derivation, and test message authentication code computation for discrete logarithm problem based key agreement schemes. These methods may be used by different parties to establish a piece of common shared secret information such as cryptographic keys. The shared secret information may be used with symmetrically-keyed algorithms to provide confidentiality, authentication, and data integrity services for financial information, or used as a key-encrypting key with other ASC X9 key management protocols. The key agreement schemes given herein do not provide certain desired assurances of security, such as key confirmation and entity authentication. However, these schemes may be used in conjunction with key confirmation and entity authentication mechanisms in key establishment protocols that are specified in other ASC X9 standards. These key agreement schemes may be used as subroutines to build key establishment protocols (see [8]). The key establishment methods specified in ANS X9.63 provide examples of mechanisms for obtaining these additional security properties. Further references for key agreement can be found in [33].

定价： 910元 / 折扣价： 774 元 加购物车

This Standard specifies key establishment schemes using public-key cryptography based on the integer factorization problem. Both key agreement and key transport schemes are specified. The schemes may be used by two parties to transport or agree on shared keying material. The keying material may be used to provide other cryptographic services that are outside the scope of this Standard, e.g. data confidentiality, data integrity, and symmetric-key-based key establishment.

定价： 546元 / 折扣价： 465 元 加购物车

This standard provides all parties involved in Electronic Benefits Transfer (EBT) processing for the Supplemental Nutrition Assistance Program (SNAP) and Cash benefit programs with technical specifications for exchanging financial transaction messages between an Acquirer and an EBT card issuer processor. It specifies message structure, format and content, data elements and values for data elements used in the SNAP and Cash benefit programs. Cash benefits provided on pre-paid cards or on co-branded cards are outside the scope of this standard. The method by which settlement takes place is also not within the scope of this standard. Data representation used in individual systems is subject to the commercial relationships between the parties contracting to each system. The message formats specified in this standard are designed to ensure that compatibility between systems conforming to this standard is always feasible. This standard shall only be used with EBT transactions that comply with the Quest?Operating Rules, dated December 2014, Version 2.2 including any subsequent updates to said rules or similar rules that are approved by FNS and compliant with FNS policy.

定价： 546元 / 折扣价： 465 元 加购物车

This standard addresses the following: A) Payment Model Description This standard describes a model of account based electronic payments. It identifies the roles played by different components of the payment process and the flow of information between those roles. The roles are the consumer, who wishes to make a payment, a merchant which provides value, and their respective Financial Institutions, the consumer financial institution and the merchant financial institution. B) Secure Object Specifications This standard specifies a collection of electronic payment objects and references digital signature techniques to secure their content. The objects are all defined in terms of how they need to be constructed, signed and verified in computing machinery that is acting on behalf of a consumer and a merchant. A concrete syntax is specified in order that the signature can be constructed or verified at any location that has access to the consumer苨 public key and associated data. A business recommendation is made that the payment routing code (or PAN) used in conjunction with secure payment objects defined by this standard is not accepted as valid in non-authenticated transactions. Several usage scenarios are given to show examples of real applications where the standard objects may be applicable. Confidentiality for the payment information may be desired and is neither required, nor precluded, by this standard. Prudent implementers may choose to conduct a risk assessment to determine the need for confidentiality. Also policy issues, including terms and conditions of the agreements between the parties, are not covered in this standard. . While some of the information described in the standard must survive interchange between cooperating financial institutions, the syntax of how it appears in any particular payment protocol is not specified.

定价： 936元 / 折扣价： 796 元 加购物车

This standard addresses the following: A) Payment Model Description This standard describes a model of account based electronic payments. It identifies the roles played by different components of the payment process and the flow of information between those roles. The roles are the consumer, who wishes to make a payment, a merchant which provides value, and their respective Financial Institutions, the consumer financial institution and the merchant financial institution. B) Secure Object Specifications. This standard specifies a collection of electronic payment objects and references digital signature techniques to secure their content. The objects are all defined in terms of how they need to be constructed, signed and verified in computing machinery that is acting on behalf of a consumer and a merchant. A concrete syntax is specified in order that the signature can be constructed or verified at any location that has access to the consumer苨 public key and associated data. A business recommendation is made that the payment routing code (or PAN) used in conjunction with secure payment objects defined by this standard is not accepted as valid in non-authenticated transactions. Several usage scenarios are given to show examples of real applications where the standard objects may be applicable. Confidentiality for the payment information may be desired and is neither required, nor precluded, by this standard. Prudent implementers may choose to conduct a risk assessment to determine the need for confidentiality. Also policy issues, including terms and conditions of the agreements between the parties, are not covered in this standard. While some of the information described in the standard must survive interchange between cooperating financial institutions, the syntax of how it appears in any particular payment protocol is not specified.

定价： 910元 / 折扣价： 774 元 加购物车

This standard specifies a cryptographic syntax scheme that can be used to protect financial transactions, files and other messages from unauthorized disclosure and modification. The cryptographic syntax scheme is based on an abstract Cryptographic Message Syntax (CMS) schema whose concrete values can be represented using either a compact, efficient, binary encoding, or as a flexible, human-readable, XML markup format.

定价： 546元 / 折扣价： 465 元 加购物车

This standard provides basic principles and techniques, which outline the minimum-security measures required for effective international PIN management. PIN protection techniques applicable to financial transaction card originated transactions in an online environment and a standard means of interchanging PIN data.

定价： 910元 / 折扣价： 774 元 加购物车

This Standard defines techniques for the generation of random numbers that shall be used whenever ASC X9 Standards require the use of a random number or bitstring for cryptographic purposes.

定价： 546元 / 折扣价： 465 元 加购物车

ANSI X9.82 is concerned with the generation of random bits, primarily for use in cryptographic applications. While there has been extensive research on the subject of generating (pseudo)random bits using a Random Bit Generator (RBG) and an unknown seed value, creating such an unknown value has not been as well documented. As Part 1 of this Standard establishes, the only way for this seed value to provide real security is for it to be obtained from a source that provides sufficient entropy. Directly or indirectly, the seeding of an RBG will rely upon a non-deterministic process ?i.e., an entropy source. This part of ANS X9.82 describes the properties that an entropy source must have to make it suitable for use by cryptographic random bit generators.

定价： 546元 / 折扣价： 465 元 加购物车

The Standard consists of four parts: Part 1: Overview and Basic Principles; Part 2: Entropy Sources; Part 3: Deterministic Random Bit Generator Mechanisms; Part 4: Random Bit Generator Construction.Part 3 includes: A model for a deterministic random bit generator (DRBG), Requirements for DRBG mechanisms, Specifications for DRBG mechanisms that are based on hash functions or block ciphers, or are based on number theoretic problems, Implementation issues, and Assurance considerations.

定价： 546元 / 折扣价： 465 元 加购物车

This standard describes the security framework for using biometrics for authentication of individuals in financial services. It introduces the types of biometric technologies and addresses issues concerning their application. This standard also describes the architectures for implementation, specifies the minimum security requirements for effective management, and provides control objectives and recommendations suitable for use by a professional practitioner

定价： 910元 / 折扣价： 774 元 加购物车

This Standard defines methods for digital signature generation and verification for the protection of messages and data giving partial message recovery.This document is Part 1 of this Standard, and it defines the Elliptic Curve Pintsov-Vanstone Signature (ECPVS) digital signature algorithm. Part 2 of this Standard defines the Finite Field Pintsov-Vanstone Signature (FFPVS) digital signature algorithm. ECPVS is a signature scheme with low message expansion (overhead) and variable length recoverable and visible message parts. ECPVS is ideally suited for short messages, yet is flexible enough to handle messages of any length.The ECPVS shall be used in conjunction with an Approved hash function and an Approved symmetric encryption scheme. In addition, this ECPVS Standard provides the criteria for checking the message redundancy.

定价： 546元 / 折扣价： 465 元 加购物车

This standard provides all parties involved in Electronic Benefits Transfer (EBT) transactions with technical specifications for exchanging financial transaction files for the Women, Infants, and Children (WIC) program and the framework for adding other EBT files and detail records in the future. The document standardizes file formats and thereby maximizes EBT productivity for all stakeholders in the industry. This standard describes the format of files and records between the Acquirer and Card issuer (or their agents). It specifies file structure, format and content, data elements and values for data elements used in EBT. The method by which the settlement of funds takes place is not within the scope of this standard.

定价： 546元 / 折扣价： 465 元 加购物车

A privacy impact assessment (PIA) is an important financial services and banking management tool to be used within an organization, or by "contracted" third parties, to identify and mitigate privacy issues and risks associated with processing consumer data using automated, networked information systems. This standard describes the privacy impact assessment activity in general; defines the common and required components of a privacy impact assessment, regardless of business systems affecting financial institutions; and provides informative guidance to educate the reader on privacy impact assessments. A privacy compliance audit differs from a privacy impact assessment in that the compliance audit determines an institution's current level of compliance with the law and identifies steps to avoid future non-compliance with the law. While there are similarities between privacy impact assessments and privacy compliance audits in that they use some of the same skills and that they are tools used to avoid breaches of privacy, the primary concern of a compliance audit is simply to meet the requirements of the law, whereas a privacy impact assessment is intended to investigate further in order to identify ways to safeguard privacy optimally

定价： 546元 / 折扣价： 465 元 加购物车

ISO/IEC TR 11581-1:2011 introduces the ISO/IEC 11581 series and provides developers and other icon standards users with an overview of currently available and future anticipated icon standards.

ISO/IEC TR 11581-1:2011:

• describes the structure of parts that will be used to encompass all present and future icon standards;
• introduces currently existing icon standards, whether they are parts of ISO/IEC 11581 or they have their own separate numbers

定价： 475元 / 折扣价： 404 元 加购物车