nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Identity and Access Management for Cloud Services Used by the Payment Card Industry

verfasst von : Ruediger Schulze

Erschienen in: Cloud Computing – CLOUD 2018

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Payment Card Industry Data Security Standard (PCI DSS) mandates that any entity of the cardholder data environment (CDE) involved in the credit card payment process has to be compliant to the requirements of the standard. Hence, cloud services which are used in the CDE have to adhere to the PCI DSS requirements too. Identity and access management (IAM) are essential functions for controlling the access to the resources of cloud services. The aim of this research is to investigate the aspects of IAM required by the PCI DSS and to describe current concepts of IAM for cloud services and how they relate to the requirements of the PCI DSS.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Implementation and Comparative Evaluation of an Outsourcing Approach to Real-Time Network Services in Commodity Hosted Environments

Nächstes Kapitel Network Anomaly Detection and Identification Based on Deep Learning Methods

The numbers in parenthesis refer to the specific PCI DSS requirements.

Third report on card fraud, European Central Bank, February 2014. https://www.ecb.europa.eu/pub/pdf/other/cardfraudreport201402en.pdf

Payment Card Industry (PCI) Data Security Standard Version 3.2, April 2016. https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2.pdf

Shaw, A.: Data breach: from notification to prevention using PCI DSS. Colum. JL Soc. Probs. 43, 517 (2009)

PCI Data Security Standard (PCI DSS) 3.0 Information Supplement: Third-Party Security Assurance, August 2014. https://www.pcisecuritystandards.org/documents/PCI_DSS_V3.0_Third_Party_Security_Assurance.pdf

Shihab, M., Misdianti, F.: Moving towards PCI DSS 3.0 compliance: a case study of credit card data security audit in an online payment company. In: 2014 International Conference on Advanced Computer Science and Information Systems (ICACSIS), pp. 151–156, October 2014

PCI Compliance Report, Verizon 2015. http://www.verizonenterprise.com/pcireport/2015/

Kumaraswamy, S., Lakshminarayanan, S., Stein, M.R.J., Wilson, Y.: Domain 12: guidance for identity & access management v2.1. Cloud Secur. Alliance (CSA), 10 (2010)

Fernandes, D.A., Soares, L.F., Gomes, J.V., Freire, M.M., Inácio, P.R.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13(2), 113–170 (2014)CrossRef

Habiba, U., Abassi, A., Masood, R., Shibli, M.: Assessment criteria for cloud identity management systems. In: 2013 IEEE 19th Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 188–195, December 2013

10.

Ma, X.: Managing identities in cloud computing environments. In: 2015 2nd International Conference on Information Science and Control Engineering (ICISCE), pp. 290–292, April 2015

11.

Understanding and Selecting Identity and Access Management for Cloud Services, Securosis, June 2013. https://securosis.com/assets/library/reports/Understanding_IAM_For_Cloud_Full.pdf

12.

Ensuring PCI DSS Compliance in the Cloud, Cognizant (2014). http://www.cognizant.com/InsightsWhitepapers/Ensuring-PCI-DSS-Compliance-in-the-Cloud-codex879.pdf

13.

Nida, Teli, B.: An efficient and secure means for identity and trust management in cloud. In: 2015 International Conference on Advances in Computer Engineering and Applications (ICACEA), pp. 677–682, March 2015

14.

Faraji, M., Kang, J.-M., Bannazadeh, H., Leon-Garcia, A.: Identity access management for multi-tier cloud infrastructures. In: 2014 IEEE Network Operations and Management Symposium (NOMS), pp. 1–9, May 2014

15.

Barreto, L., Siqueira, F., Fraga, J., Feitosa, E.: An intrusion tolerant identity management infrastructure for cloud computing services, In: 2013 IEEE 20th International Conference on Web Services (ICWS), pp. 155–162, June 2013

16.

Singh, A., Chatterjee, K.: Identity management in cloud computing through claim-based solution. In: 2015 Fifth International Conference on Advanced Computing Communication Technologies (ACCT), pp. 524–529, February 2015

17.

Choudhury, A., Kumar, P., Sain, M., Lim, H., Jae-Lee, H.: A strong user authentication framework for cloud computing. In: 2011 IEEE Asia-Pacific Services Computing Conference (APSCC), pp. 110–115, December 2011

18.

Fatemi Moghaddam, F., Khanezaei, N., Manavi, S., Eslami, M., Samar, A.: UAA: user authentication agent for managing user identities in cloud computing environments. In: 2014 IEEE 5th Control and System Graduate Research Colloquium (ICSGRC), pp. 208–212, August 2014

Titel: Identity and Access Management for Cloud Services Used by the Payment Card Industry
verfasst von: Ruediger Schulze
Verlag: Springer International Publishing
Buch: Cloud Computing – CLOUD 2018
Print ISBN: 978-3-319-94294-0

Electronic ISBN: 978-3-319-94295-7

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-94295-7_14

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner