Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1
3 Guiding Principles
2
12 PCI Requirements
3
Action plan
Access Control
Provides merchants with a single source
for valid user identification.
External
Internal
SOA Apps Customers Partners IT Staff Employees SOA Apps
Access Identity
Auditing Management Administration Monitoring
and and
Reporting Directory Identity Management
Services Provisioning
Protect data
at all levels:
Network,
Decryption Encryption
application
database and
storage.
Encrypted
Data on
Backup Media
Compliance Control
Automation and enforcement of access
policies, software maintenance and
business process’s
Recipient Policy
Recipient Policy
Recipient Policy
12 PCI Requirements
Discuss
Oracle Solution
Requirements
Footprint
Detail
= address these
requirements
Requirement 1
Provides checks
= Password management
Requirement 3
In session
= At rest on disk
On tape backups
Requirement 4
Application
Encrypt transmission of cardholderServer
data
TDE
across open public networks
Wireless security
= Data in motion protection
Requirement 5
Automate patching
= Evaluate DB changes
Monitor applications
Requirement 7
Consistent access
= Harden credentials
Continuous monitoring
Requirement 10
Application access
= Attestation
Secure audit data
Requirement 12
= Partner services
PCI Suite
1 2 3 4 5 6 7 8 9 10 11
Identity Manager
IDM
Access Manager
eSSO
Suite
Virtual Directory
Adaptive Access
Data Vault
DB
Audit Vault
Security
ASO
Secure Backup
Options
Enterprise Manager
Summary
#1 Encryption
#2 User access
3
Feedback Forms
Q&
A