{"id":4124,"date":"2011-09-30T03:28:00","date_gmt":"2011-09-30T01:28:00","guid":{"rendered":"http:\/\/10.0.1.197\/?p=4124"},"modified":"2024-08-13T03:41:14","modified_gmt":"2024-08-13T01:41:14","slug":"p2pe-2011","status":"publish","type":"post","link":"http:\/\/192.168.0.78\/p2pe-2011\/","title":{"rendered":"\u70b9\u5bf9\u70b9\u52a0\u5bc6\u89e3\u51b3\u65b9\u6848\u5df2\u53d1\u5e03\u521d\u59cb\u7248\u672c"},"content":{"rendered":"\n<p>\u6765\u81eaatsec\u7684\u6d88\u606f\uff0cPCI\u5b89\u5168\u6807\u51c6\u59d4\u5458\u4f1a\uff08Security Standards Council\uff09\u5df2\u4e8e2011\u5e749\u670815\u65e5\u53d1\u5e03\u4e86\u70b9\u5bf9\u70b9\u52a0\u5bc6\uff08\u4ee5\u4e0b\u7b80\u79f0\u201cP2PE\u201d\uff09\u65b9\u6848\u4e2d\u8981\u6c42\u4f53\u7cfb\u7684\u521d\u59cb\u7248\u672c\u201cPayment Card Industry (PCI) Point-to-Point Encryption &#8212; Solution Requirements: Encryption, Decryption, and Key Management within Secure Cryptographic Devices (Hardware\/Hardware) Version 1.0\u201d\u3002P2PE\u8981\u6c42\u7684\u4e3b\u8981\u76ee\u7684\u662f\u4e3a\u8bbe\u5907\u5382\u5546\u3001\u8bc4\u4f30\u673a\u6784\u548c\u5546\u6237\u63d0\u4f9b\u5b89\u5168\u89e3\u51b3\u65b9\u6848\uff0c\u901a\u8fc7P2PE\u65b9\u6848\u7684\u5efa\u7acb\u548c\u5b9e\u65bd\u4ee5\u652f\u6301PCI DSS\u7684\u5408\u89c4\u5de5\u4f5c\uff0c\u5e76\u4e14\u80fd\u591f\u6709\u6548\u5730\u7f29\u5c0f\u5546\u6237\u6267\u884c\u5408\u89c4\u5efa\u8bbe\u7684\u8303\u56f4\u3002<\/p>\n\n\n\n<p>\u4ece\u76ee\u7684\u6765\u770b\uff0cP2PE\u8981\u6c42\u4f53\u7cfb\u7684\u63a8\u51fa\u5e76\u975e\u7528\u4e8e\u4ee3\u66ffPCI-DSS\u6570\u636e\u5b89\u5168\u6807\u51c6\u7684\u8981\u6c42\uff0cPCI\u6807\u59d4\u4f1a\u4e5f\u5e76\u4e0d\u8981\u6c42\u5546\u6237\u5fc5\u987b\u5f3a\u5236\u4f7f\u7528P2PE\u6280\u672f\u3002\u4ece\u76ee\u524d\u770b\u6765\uff0cP2PE\u8981\u6c42\u4f53\u7cfb\u53ea\u662f\u53ef\u4f9b\u5546\u6237\u9009\u62e9\u7684\u89e3\u51b3\u65b9\u6848\u3002\u7136\u800c\uff0c\u4ece\u4fe1\u606f\u5b89\u5168\u5efa\u8bbe\u7684\u89d2\u5ea6\u8003\u8651\uff0catsec\u975e\u5e38\u9f13\u52b1\u5546\u6237\u5728\u81ea\u8eab\u7684\u5b89\u5168\u5efa\u8bbe\u4e2d\u91c7\u7528\u8be5\u89e3\u51b3\u65b9\u6848\u66f4\u597d\u4ee5\u66f4\u6709\u6548\u7684PCI-DSS\u7684\u5408\u89c4\u5efa\u8bbe\u5de5\u4f5c\u3002\u5728PCI-DSS\u5408\u89c4\u5efa\u8bbe\u7684\u8303\u56f4\u5185\uff0c\u5982\u679c\u5546\u6237\u6309P2PE\u7684\u8981\u6c42\u8fdb\u884c\u5b9e\u65bd\uff0c\u5c06\u6781\u5927\u5730\u7f29\u5c0f\u5546\u6237\u6301\u5361\u4eba\u6570\u636e\u73af\u5883\u7684\u8303\u56f4\uff0c\u4ece\u800c\u51cf\u5c11\u6f5c\u5728\u7684\u5b89\u5168\u5a01\u80c1\uff0c\u5e76\u663e\u8457\u964d\u4f4e\u5728\u5408\u89c4\u65b9\u9762\u7684\u6295\u5165\u3002<\/p>\n\n\n\n<p>\u4ece\u5185\u5bb9\u6765\u770b\uff0cP2PE\u8981\u6c42\u4f53\u7cfb\u56f4\u7ed5\u7740\u63d0\u5347\u7cfb\u7edf\u548c\u8bbe\u5907\u7684\u5b89\u5168\u6027\uff0c\u5b9e\u65bd\u76d1\u63a7\u548c\u54cd\u5e94\u6d41\u7a0b\uff0c\u5f00\u53d1\u5e76\u7ef4\u62a4\u5b89\u5168\u7684\u5e94\u7528\uff0c\u4fdd\u62a4\u673a\u5bc6\u6570\u636e\u4ee5\u53ca\u4f7f\u7528\u5b89\u5168\u7684\u5bc6\u94a5\u7ba1\u7406\u65b9\u6cd5\u8bba\u7b49\u4f17\u591a\u9886\u57df\u5c55\u5f00\u3002\u5176\u5177\u4f53\u7684\u5185\u5bb9\u5305\u62ec\u5982\u4e0b\u65b9\u9762\uff1a<\/p>\n\n\n\n<ol>\n<li>\u542f\u7528\u3001\u5b9e\u65bd\u4ee5\u53ca\u8bc4\u4f30\u57fa\u4e8e\u786c\u4ef6\u7684P2PE\u89e3\u51b3\u65b9\u6848\u4e2d\u6240\u6d89\u53ca\u7684\u89d2\u8272\u53ca\u804c\u8d23\uff1b<\/li>\n\n\n\n<li>\u57fa\u4e8e\u786c\u4ef6\u7684P2PE\u89e3\u51b3\u65b9\u6848\u6240\u8986\u76d6\u76846\u4e2a\u5173\u952e\u9886\u57df\u5305\u62ec\uff1a\u52a0\u5bc6\u8bbe\u5907\u3001\u5b89\u5168\u73af\u5883\u3001\u5e94\u7528\u5b89\u5168\u3001\u4f20\u8f93\u3001\u52a0\u5bc6\u4ee5\u53ca\u5bc6\u94a5\u7ba1\u7406\uff1b<\/li>\n\n\n\n<li>\u5efa\u7acb\u5e76\u542f\u7528P2PE\u89e3\u51b3\u65b9\u6848\u7684\u6b65\u9aa4\uff1b<\/li>\n\n\n\n<li>\u5178\u578b\u7684\u5b9e\u65bd\u5b9e\u4f8b\uff1b<\/li>\n\n\n\n<li>P2PE\u9a8c\u8bc1\u8981\u6c42\u4e0e\u5176\u5b83\u6807\u51c6\u95f4\u7684\u5173\u7cfb\uff0c\u5305\u62ec\u4e0ePTS Point of Interaction (POI), PCI PIN, PA-DSS \u548c PCI DSS\u4e4b\u95f4\u7684\u5173\u7cfb\uff1b<\/li>\n<\/ol>\n\n\n\n<p>\u5728\u8be5\u7ec4\u9a8c\u8bc1\u8981\u6c42\u4f53\u7cfb\u53d1\u5e03\u540e\uff0cPCI\u5b89\u5168\u6807\u51c6\u59d4\u5458\u4f1a\u5c06\u4f1a\u7ee7\u7eed\u63a8\u8fdbP2PE\u65b9\u6848\u7684\u5b8c\u5584\u5de5\u4f5c\u3002\u636e\u4f30\u8ba1\uff0c\u76f8\u5173\u7684\u6d4b\u8bd5\u6d41\u7a0b\u5c06\u4e8e2011\u5e74\u5e95\u524d\u53d1\u5e03\uff0c\u5bf9\u8be5\u8981\u6c42\u4f53\u7cfb\u7684\u9a8c\u8bc1\u65b9\u6cd5\u4ee5\u53ca\u8bc4\u4f30\u4eba\u5458\u7684\u57f9\u8bad\u8ba1\u5212\u5c06\u4e8e2012\u5e74\u521d\u8fdb\u884c\u516c\u5e03\u3002<\/p>\n\n\n\n<p>\u8be6\u7ec6\u7684\u4fe1\u606f\u8bf7\u53c2\u89c1\uff1a<a href=\"https:\/\/www.pcisecuritystandards.org\/documents\/nb59Y8Qqv\/P2PE_Hardware_Solution_%20Requirements_Initial_Release.pdf\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">https:\/\/www.pcisecuritystandards.org\/documents\/nb59Y8Qqv\/P2PE_Hardware_Solution_%20Requirements_Initial_Release.pdf<\/a>\uff09<\/p>\n\n\n\n<p><strong>\u5173\u4e8e\u827e\u7279\u8d5b\u514b<\/strong><strong>(atsec)<\/strong><strong>\u4fe1\u606f\u5b89\u5168<\/strong><strong><\/strong><\/p>\n\n\n\n<p>\u827e\u7279\u8d5b\u514b\u4fe1\u606f\u5b89\u5168\uff08atsec information security\uff09\u662f\u4e00\u5bb6\u72ec\u7acb\u4e14\u57fa\u4e8e\u6807\u51c6\u7684\u4fe1\u606f\u6280\u672f\uff08IT\uff1aInformation Technology\uff09\u5b89\u5168\u670d\u52a1\u516c\u53f8(www.atsec.com)\uff0c\u5b83\u5f88\u597d\u5730\u5c06\u5546\u4e1a\u5bfc\u5411\u7684\u4fe1\u606f\u5b89\u5168\u65b9\u6cd5\u548c\u6df1\u5165\u7684\u6280\u672f\u77e5\u8bc6\u4ee5\u53ca\u5168\u7403\u7684\u7ecf\u9a8c\u76f8\u7ed3\u5408\u3002atsec\u5728\u5fb7\u56fd\u6155\u5c3c\u9ed1\u6210\u7acb\u4e8e2000\u5e74\uff0c\u5e76\u4e14\u901a\u8fc7\u7f8e\u56fd\u3001\u5fb7\u56fd\u3001\u745e\u5178\u548c\u4e2d\u56fd\u7684\u529e\u516c\u5ba4\u5f00\u5c55\u4e86\u5e7f\u6cdb\u7684\u56fd\u9645\u4e1a\u52a1\u3002atsec\u63d0\u4f9b\u7684\u670d\u52a1\u5305\u62ec\u6b63\u5f0f\u7684\u5b9e\u9a8c\u5ba4\u6d4b\u8bd5\u548c\u8bc4\u4f30\u3001\u72ec\u7acb\u7684\u6d4b\u8bd5\u548c\u8bc4\u4f30\u4ee5\u53ca\u4fe1\u606f\u5b89\u5168\u54a8\u8be2\u3002<\/p>\n\n\n\n<p>atsec\u63d0\u4f9bPCI SSC\u4f53\u7cfb\u4e0b\u7684\u670d\u52a1\uff0c\u5e76\u4e14atsec\u662f\u4e00\u5bb6\u80fd\u591f\u63d0\u4f9bPCI DSS\u548cPA-DSS\u6807\u51c6\u7684\u8bc4\u4f30\u670d\u52a1\u7684QSA\u516c\u53f8\u3002atsec\u7684\u6e17\u900f\u6d4b\u8bd5\u3001\u5e94\u7528\u5b89\u5168\u3001ASV\uff08Approved Scanning Vendor\uff09\u670d\u52a1\u548c\u4fe1\u606f\u5b89\u5168\u54a8\u8be2\u670d\u52a1\uff0c\u4f5c\u4e3a\u8bc4\u4f30\u670d\u52a1\u5de5\u4f5c\u7684\u6709\u529b\u652f\u6491\u3002atsec\u662f\u4e00\u5bb6\u72ec\u7acb\u7684\u516c\u53f8\uff0c\u5e76\u4e14\u4e0e\u5176\u5b83\u4ea7\u54c1\u4f9b\u5e94\u5546\u6ca1\u6709\u4efb\u4f55\u5546\u4e1a\u5173\u7cfb\u3002<\/p>\n\n\n\n<p>atsec\u63d0\u4f9b\u7f8e\u56fd\u56fd\u5bb6\u6807\u51c6\u4e0e\u6280\u672f\u7814\u7a76\u59d4\u5458\u4f1a\uff08NIST\uff1aNational Institute of Standards and Technology\uff09\u548c\u52a0\u62ff\u5927\u901a\u8baf\u5b89\u5168\u534f\u4f1a\uff08CSEC\uff1aCommunications Security Establishment Canada\uff09\u5236\u5b9a\u7684\u5bc6\u7801\u6a21\u5757\u9a8c\u8bc1\u4f53\u7cfb\u4e0b\u7684\u5bc6\u7801\u6a21\u5757\u548c\u7b97\u6cd5\u6d4b\u8bd5\u670d\u52a1\u3002atsec\u540c\u65f6\u63d0\u4f9bNIST\u4e2a\u4eba\u8eab\u4efd\u9a8c\u8bc1\u4f53\u7cfb\uff08NPIVP\uff09\u3001\u5bc6\u7801\u7b97\u6cd5\u6d4b\u8bd5\uff08CAVP\uff1aCryptographic Algorithm Validation Program\uff09\u548c\u5b89\u5168\u5185\u5bb9\u81ea\u52a8\u5316\u534f\u8bae\uff08SCAP\uff1aSecurity Content Automation Protocol Program\uff09\u4e0b\u7684\u6b63\u5f0f\u7684\u6d4b\u8bd5\uff0c\u4ee5\u53caGSA FIPS 201 EP\u4e0b\u7684\u4ea7\u54c1\u8ba4\u53ef\u6d4b\u8bd5\u3002<\/p>\n\n\n\n<p>atsec\u7684\u5ba2\u6237\u5305\u62ec\u5168\u7403\u9996\u5c48\u4e00\u6307\u7684\u516c\u53f8\u5982\u82f9\u679c\u3001IBM\u3001Hewlett and Packard\u3001Honeywell\u3001Quantum Corporation\u3001Red Hat\u3001Watchdata\u3001\u534e\u4e3a\u548c\u4e2d\u5174\u901a\u8baf\u7b49\uff0c\u5e76\u4e00\u76f4\u7ef4\u6301\u5bc6\u5207\u5408\u4f5c\u5173\u7cfb\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6765\u81eaatsec\u7684\u6d88\u606f\uff0cPCI\u5b89\u5168\u6807\u51c6\u59d4\u5458\u4f1a\uff08Security Standards Council\uff09\u5df2\u4e8e2011 [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[11],"tags":[],"_links":{"self":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/4124"}],"collection":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/comments?post=4124"}],"version-history":[{"count":1,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/4124\/revisions"}],"predecessor-version":[{"id":4127,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/4124\/revisions\/4127"}],"wp:attachment":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/media?parent=4124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/categories?post=4124"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/tags?post=4124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}