Security assessment of payment systems under PCI DSS incompatibilities

Şerif Bahtiyar, Gürkan Gür, Levent Altay

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Citations (Scopus)

Abstract

With the ubiquitous proliferation of electronic payment systems, data and application security has become more critical for financial operations. The Payment Card Industry Data Security Standard (PCI DSS) has been developed by the payment industry to provide a widelyapplicable and definitive security compliance among all components in electronic payment infrastructure. However, the security impact of PCI DSS incompatibilities and relevant security assessment approaches for such cases are yet to be investigated in a comprehensive manner. Therefore, in this paper we present a security assessment framework for payment systems under PCI DSS incompatibilities. Moreover, we analyze a case study to evaluate our proposal and to provide some guidelines to security experts for assessment of PCI DSS compliance.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection - 29th IFIP TC 11 International Conference, SEC 2014, Proceedings
EditorsNora Cuppens-Boulahia, Frédéric Cuppens, Sushil Jajodia, Anas Abou El Kalam, Thierry Sans
PublisherSpringer Science and Business Media, LLC
Pages395-402
Number of pages8
ISBN (Electronic)9783642554148
DOIs
Publication statusPublished - 2014
Externally publishedYes
Event29th IFIP TC 11 International Conference, SEC 2014 - Marrakesh, Morocco
Duration: 2 Jun 20144 Jun 2014

Publication series

NameIFIP Advances in Information and Communication Technology
Volume428
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference29th IFIP TC 11 International Conference, SEC 2014
Country/TerritoryMorocco
CityMarrakesh
Period2/06/144/06/14

Bibliographical note

Publisher Copyright:
© IFIP International Federation for Information Processing 2014.

Keywords

  • Data and applications security
  • Payment system security
  • PCI DSS
  • Risk analysis
  • Security assessment

Fingerprint

Dive into the research topics of 'Security assessment of payment systems under PCI DSS incompatibilities'. Together they form a unique fingerprint.

Cite this