銀行及財務金融機構之資訊安全防護指導方針 -ISO 13569 普華資安股份有限公司資訊安全諮詢顧問蔡興樺.

Slides:

Advertisements

Similar presentations

Chapter 8 Payment Systems: Getting the Money

Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

CONFIDENTIAL 1 Preparing for & Maintaining PCI Compliance.

Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.

Information Technology – Guidelines for the Management of IT Security

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

9 - 1 Computer-Based Information Systems Control.

Made by Anila Bhatti DA Public School (O&A Levels) - Seaview.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Security Controls – What Works

Chapter 17 Controls and Security Measures

Building a Successful Security Infrastructure

Risks, Controls and Security Measures

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

1 透過 IT 電子商務和知識管理應用之探討指導老師：李富民教授報告者：許志傑學號：職 1A 報告日期 :97/01/14.

Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment ELC 200 Day 24.

人力資源管理報告者：萬通人力資源顧問股份有限公司侯佑霖日期： 96 年 11 月 22 日.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Online and Mobile Banking. Online banking Online Banking  Online banking is a fairly established practice in our internet-saturated world.  Many people.

ECM and Compliance Marcelle Blasl ECMm² (AIIM)

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

Overview of Systems Audit

Evolving IT Framework Standards (Compliance and IT)

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Account Authority Digital Signature AADS Lynn Wheeler First Data Corporation

Chapter 15 E-Payments: Getting the Money. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES Brief History of Money Features of Real-World.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Chapter 4 Getting Paid. Objectives Understand electronic payment systems Know why you need a merchant account Know how to get a merchant account Explain.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

1 Boundary Control Chapter Materi: Boundary controls:  Cryptographic controls  Access controls  Personal identification numbers  Digital signatures.

Payment Systems. Payment Revolution 1970: Electronic Funds Transfer between banking industries 1980: Electronic Data Interchange (EDI) for e- commerce.

Chapter 3, Section 3 ELECTRONIC BANKING.

Chapter 18: Doing Business on the Internet Business Data Communications, 4e.

Chapter 18: Doing Business on the Internet Business Data Communications, 4e.

PKI Forum Business Panel March 6, 2000 Dr. Ray Wagner Sr. Director, Technology Research.

Security Issues in OpenStack Rostyslav Slipetskyy’s Maste’s thesis Submission date: June 2011 Presenter: 陳傑威.

IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.

Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,

Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.

Chapter 21 Checks, Banking System and E-Money. 2  On what type of check does a bank serve as both the drawer and the drawee?  When may a bank property.

Free Cookies and Other Security and Privacy Issues.

Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,

Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.

Chapter 24 Checks, The Banking System and E-Money.

Part V Electronic Commerce Security Online Security Issues Overview Managing Risk Computer Security Classifications. Security.

Copyright © Cengage Learning. All rights reserved Recent Changes in the Banking Industry Financial Services Modernization Banking Act (1999 ) –Allows banks.

Health Insurance Portability and Accountability Act By Bradley Gleich.

Chapter 17: Information Management in Treasury Outline: Basics of E-Commerce EDI Infrastructure Treasury Management Systems (TMSes) Other Issues in Treasury.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

TODAY’S AGENDA 1.Budgeting Project review- they are due electronically tomorrow 2.Budgeting Quiz (DVD) and test questions afterwards 3.Ch. 10 Baking 4.Ch.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

How to Write Checks and Balance Accounts. Checking Account An account at a bank against which checks can be drawn by the account depositor Check – A document.

LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.

INFORMATION SYSTEMS SECURITY AND CONTROL.

Chapter 17 Risks, Security and Disaster Recovery

Secure Electronic Transaction

Computer-Based Processing: Developing an Audit Assessment Approach

Systems Design Chapter 6.

Health Care: Privacy in a Digital Age

Presentation transcript:

銀行及財務金融機構之資訊安全防護指導方針 -ISO 普華資安股份有限公司資訊安全諮詢顧問蔡興樺

ISO Information Security Program Components Control Objectives and Suggested Solutions Implementing Cryptographic Controls

Information Security Program Components General duties Risk acceptance Insurance Audit Regulatory

Information Security Program Components Disaster recovery planning Information security awareness External Service Providers Cryptographic operations Privacy

Control objectives and suggested solutions Information classification Logical access control Audit trails Change control Computers

Control objectives and suggested solutions Networks Software Human factors Voice, telephone, and related equipment Facsimile and image

Control objectives and suggested solutions Electronic mail Paper documents Microform and other media storage Financial transaction cards Automated Teller Machines

Control objectives and suggested solutions Electronic Fund Transfers Checks Electronic commerce Electronic money Miscellaneous

Implementing Cryptographic Controls Applying encryption Implementing message authentication code Implementing digital signatures Key management Trusted third parties Disaster cryptographic and cryptographic disasters

敬請指教普華資安：蔡興樺