论文和白皮书

atsec员工的专业知识是被公认的:我们是诸多国际组织的成员、会议的讲演者、以及书籍和论文的作者。

如下是我们一些报告和发表物。

主题 事件 / 媒体 作者 / 讲演者
PCI产业概述和产业发展动态分享
[ read more]
Paper Haiwei Bai
PCI DSS针对恶意脚本防范的新要求及其方案探讨
[ read more]
Paper Dongsheng Tang
PCI PIN标准相关截止时间的解读以及近期重要信息
[ read more]
Paper Zhipeng Zhang
atsec CST实验室2023年12月简报(英文)
[ read more]
Newsletter atsec
PCI 3DS 技术常见问题解答(FAQ)简介
[ read more]
Paper Jinyun Chen
atsec CST实验室2022年12月简报(英文)
[ read more]
Newsletter atsec
PCI卡片生产和供应的安全标准V3.0.1变更说明及合规流程
[ read more]
Paper Jinyun Chen
PCI DSS v4.0变更系列之十——新要求点统计
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之九——第六大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之八——第五大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之七——第四大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之六——第三大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之五——第二大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之四——第一大类要求点
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之三——通过“定制方法”增加标准灵活性
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之二——主体章节的变更情况说明
[ read more]
Paper Xiangdong Gao
PCI DSS v4.0变更系列之一——变更概述
[ read more]
Paper Xiangdong Gao
PCI 3DS核心安全标准助力线上交易-为支付安全保驾护航
[ read more]
Paper Jinyun Chen and Yan Liu
感受2021年度PCI GCF
[ read more]
Paper Yan Liu
8位长度银行卡BIN码在PCI DSS中的实践
[ read more]
Paper Di Li
PA-DSS到PCI SSF标准的过渡
[ read more]
Paper Li Zhang
适用于应用软件的PCI DSS合规要求
[ read more]
Paper Xiangdong Gao
PCI产业标准家族和相关体系发展动态
[ read more]
Paper Haiwei Bai
atsec CST实验室2020年9月简报(英文)
[ read more]
Newsletter atsec
浅谈PCI DSS标准要求的渗透测试
[ read more]
Paper Li Zhang
PIN Security的标准简介
[ read more]
Paper Zhipeng Zhang
A PCI Walk In The Clouds
[ read more]
PCI AP Community Meeting Todd Xie, Cathy Wang (Tecent Cloud), Yan Liu
Chinese Commercial Cryptography
Scheme and ISO_IEC 19790
[ read more]
Paper Di Li
商户和服务提供商分级和验证要求
[ read more]
Paper Haiwei Bai
基于PCI DSS的云用户数据安全标准白皮书(简版)
[ read more]
White Paper atsec与腾讯云
应用《网络设备安全保证计划》来提高电
信设备的安全保障
[ read more]
Paper Zhipeng Zhang and Yan Liu
下一代密码模块安全标准探讨
[ read more]
Paper Di Li
PCI DSS V3.2再回首
——谈谈在2018年强制执行的要求
[ read more]
Paper Guohua Shen and Xiangdong Gao
参考PCI最佳实践合规GDPR个人数据保护
[ read more]
Paper Haiwei Bai and Yan Liu
PCI DSS V3.2变更分析
[ read more]
Paper Xiangdong Gao
全球支付卡安全产业动态
[ read more]
支付技术及信息安全研讨会 Yan Liu
支付产业数据安全保护机制
[ read more]
支付技术及信息安全研讨会 Di Li
Improving Policy based Security Specifications
[ read more]
2015 Community
Meetings
Gordon McIntosh
PCI DSS合规建设ASV扫描介绍
[ read more]
Paper Jinyun Chen and Changlong Wang
atsec Newsletter China 05/2015
[ read more]
Newsletter
国际CC认证体系和CCRA简介
[ read more]
Paper Yan
PA DSS 3.0标准更新解读
[ read more]
Paper Li Zhang
采用OTTPS保护
供应链安全
[ read more]
Paper Todd and Yan
PCI SSC 2014CM Payment Security In China
[ read more]
2014 Community
Meetings
Yan Liu
atsec Newsletter China 01/2014
[ read more]
Newsletter
PCI DSS标准V3.0变更分析
[ read more]
Paper Xiangdong Gao
ISO's Cryptographic Module Work
[ read more]
White Paper Fiona Pattinson
Implementation and assessment on
cryptography for payment solutions
[ read more]
ICMC 2013 Yan Liu
atsec Newsletter China 04/2013
[ read more]
Newsletter
atsec Newsletter China 12/2012
[ read more]
Newsletter
Mobile Payment Solution
[ read more]
13th ICCC Yan Liu
浅谈信用卡收单机构和发卡机构PCI DSS合规
[ read more]
Paper Yan Liu
Why and How to Get Cryptographic
Modules FIPS Validated
[ read more]
Whitepaper Yi Mao
Understanding Information Entropy
[ read more]
Whitepaper Yi Mao
IT Security Evaluation in China
[ read more]
13th ICCC Yi Mao
Experience with OSPP Evaluations
[ read more]
13th ICCC Krummeck
atsec Newsletter China 08/2012
[ read more]
Newsletter
众人拾柴火焰高,共筑支付安全
[ read more]
Paper Haiwei Bai
atsec移动支付安全方案简介
[ read more]
CMIS 2012 Yan Liu
atsec Newsletter China 04/2012
[ read more]
Newsletter
Is your randomness predictable?
(or, how to properly seed crypto libraries)
[ read more]
BSides Austin 2012 Ochel
atsec Newsletter USA 04/2012
[ read more]
Newsletter
水涨船高,我眼中的外部安全扫描
[ read more]
Paper Changlong Wang & Jinyun Chen
Common Criteria and Packages
[ read more]
Whitepaper Pattinson
atsec Newsletter Germany 02/2011
[ read more]
Newsletter various
FRITSA: Do You Understand How all of your IT
Security Assurance Efforts fit Together?
[ read more]
ISSA Austin Fiona Pattinson
atsec Newsletter China 12/2011
[ read more]
Newsletter various
中国产品迎来FIPS 140丰收年
[ read more]
Paper Haiwei Bai
从研发角度理解CC
[ read more]
Paper Li Zhang
参考OWASP实现安全开发
[ read more]
Paper Xiangdong Gao
迎接支付安全的挑战,期待支付安全的春天
[ read more]
Paper Yan Liu & Jinyun Chen
PCI DSS合规建设ASV扫描介绍
[ read more]
Paper Jinyun Chen
如何高效地执行信息安全风险评估
[ read more]
Paper Xiangdong Gao
感受第十二届国际CC会议
[ read more]
Paper Haiwei Bai & Yan Liu
渗透测试助力PCI DSS合规建设
[ read more]
Paper Jinyun Chen
采用NASPO标准进行风险管理
[ read more]
Paper Li Zhang
Evaluating Third-Party Code:
How Can It Be Trusted?
[ read more]
12th ICCC Cavness
From FIPS 140-2 to CC
[ read more]
12th ICCC Yi Mao
Fighting the Bean Counters
[ read more]
12th ICCC Krummeck
An Access Control Model for
Applications on Mobile Devices using
[ read more]
12th ICCC Kurth, Huynh
atsec Newsletter USA 07/2011
[ read more]
Newsletter various
atsec Newsletter Germany 04/2011
[ read more]
Newsletter various
atsec Newsletter Germany 08/2011
[ read more]
Newsletter various
atsec Newsletter China 09/2011
[ read more]
Newsletter various
atsec Newsletter China 06/2011
[ read more]
Newsletter various
Penetration Testing as an Auditing Tool
[ read more]
ISACA Austin Meeting Jeremy Powell
移动支付领域安全建设的参考标准
[ read more]
China Mobile Payment Industry Summit Jinyun Chen
atsec Newsletter China 03/2011
[ read more]
Newsletter various
Penetration Testing as an Auditing Tool
[ read more]
ISACA Austin Meeting Jeremy Powell
Payment Card Industry Assessments & Privacy
[ read more]
IAPP Austin Pattinson
atsec Newsletter USA 02/2011
[ read more]
Newsletter various
PCI DSS数据安全标准V2.0变更分析
[ read more]
Paper Xiangdong Gao
atsec Newsletter Germany 01/2011
[ read more]
Newsletter various
SCAP标准简介
[ read more]
IETF79 Li Zhang
Inherent Problems in the Information
Technology Supply Chain
[ read more]
26th ACSAC poster session Courtney Cavness
atsec Newsletter USA 12/2010
[ read more]
Newsletter various
atsec Newsletter China 11/2010
[ read more]
Newsletter various
Building the IBM 4758 Secure Coprocessor
[ read more]
IBM Research Publications Weingart et al.
What to expect from a PCI QSA led assessment
[ read more]
Presentation Fiona Pattinson
Migrating to OSPP
[ read more]
11th ICCC Conference Krummeck, Penny, Robinson
Improving the Flexibility and Applicability
of Protection Profiles
[ read more]
11th ICCC Conference Helmut Kurth
Becoming a CNAS Laboratory
[ read more]
11th ICCC Conference Yi Mao
atsec Newsletter Germany 09/2010
[ read more]
Newsletter various
atsec Newsletter US 07/2010
[ read more]
Newsletter various
Are You Prepared to Successfully Pass a
PCI-DSS and/or a FISMA Certification Assessment?
[ read more]
SHARE Conference Pattinson
Making Sure of Security: Contrasting FISMA and ISO/IEC 27001
[ read more]
White Paper Pattinson
atsec Newsletter US 02/2010
[ read more]
Newsletter various
Payment Card Industry Compliance For Large Computing Systems
[ read more]
White Paper various
atsec Newsletter Germany 12/2009
[ read more]
Newsletter various
Secure Network Zones
[ read more]
ISSE 2009 Wimmer
Evidence based Evaluations Chances and Challenges
[ read more]
10th ICCC Kurth
Trusting Virtual Trust
[ read more]
10th ICCC Powell
Taking White Hats to the Laundry:
How to Strengthen Testing in CC
[ read more]
10th ICCC Vassilev
An Attack Surface based Approach to Evaluation
[ read more]
10th ICCC Kurth
atsec Newsletter Germany 08/2009
[ read more]
Newsletter various authors
Heiter bis Wolkig
[ read more]
iX - 5/2009 Mueller
Secure Coding Guidelines
[ read more]
White paper Shiralkar, Grove
Penetration Testing in der Praxis
[ read more]
Talk at FH BRS Wienzek
FIPS 140-2 DTR XML Templates
[ read more]
ZIP archive Masino
Introducing Assurance Measures for Security Target
[ read more]
9th ICCC, Korea Yi Mao
Designing the Trusted Service Bus for EAL5
[ read more]
9th ICCC, Korea Ochel
Using SCAP to Detect Vulnerabilities
[ read more]
White paper S. Weingart
Personal Brokerage of Web Service Access
[ read more]
IEEE Security and Privacy, vol. 5,
no. 5, pp. 24-31, Sept/Oct, 2007
A. Vassilev
Security benefits from OS virtualization:
Real or Virtual?
[ read more]
White paper A. Vassilev
IT Security Assurance and Common Criteria
[ read more]
TickIT International Pattinson
Efficient CC Evaluations
[ read more]
atsec website Mueller
"BS 7799-2 and the CC" Supporting the
Business of Software Development
[ read more]
5th International Common Criteria Conference, Berlin, 09/2004 Pattinson