Protecting Memory Secrets: Difference between revisions
Content added Content deleted
(Added Wren) |
(added definitions/meanings of PAN and SAD) |
||
Line 60: | Line 60: | ||
PCI Point-to-Point-Encryption (P2PE) Standard (v3.1) [https://docs-prv.pcisecuritystandards.org/P2PE/Standard/PCI-P2PE-v3_1-Standard.pdf PCI P2PE Standard] see requirements 2A-2.3 & 2B-1.5 |
PCI Point-to-Point-Encryption (P2PE) Standard (v3.1) [https://docs-prv.pcisecuritystandards.org/P2PE/Standard/PCI-P2PE-v3_1-Standard.pdf PCI P2PE Standard] see requirements 2A-2.3 & 2B-1.5 |
||
* has two types of secrets called PAN and SAD |
* has two types of secrets called PAN (Primary Account Number) and SAD (Sensitive Authentication Data) |
||
* don't secrets in working memory any longer than strictly necessary |
* don't secrets in working memory any longer than strictly necessary |
||
* developers should have secure coding traing for their langauge that includes managing sensitive data in memory |
* developers should have secure coding traing for their langauge that includes managing sensitive data in memory |