{"id":3582,"date":"2024-06-13T04:37:00","date_gmt":"2024-06-13T02:37:00","guid":{"rendered":"http:\/\/10.0.1.197\/?p=3582"},"modified":"2024-08-02T06:59:26","modified_gmt":"2024-08-02T04:59:26","slug":"pcidss-v4-0-1","status":"publish","type":"post","link":"http:\/\/192.168.0.78\/pcidss-v4-0-1\/","title":{"rendered":"\u652f\u4ed8\u5361\u4ea7\u4e1a\u6700\u65b0\u53d1\u5e03PCI DSS V4.0.1"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

\u81ea2022\u5e743\u6708PCI DSS v4.0\u53d1\u5e03\u4ee5\u6765\uff0c\u53d7\u5230\u5168\u7403\u652f\u4ed8\u4ea7\u4e1a\u9ad8\u5ea6\u5173\u6ce8\uff0c\u4e3a\u4e86\u89e3\u51b3\u6765\u81ea\u6240\u6709\u4ea7\u4e1a\u76f8\u5173\u8005\u7684\u53cd\u9988\u548c\u95ee\u9898\uff0cPCI\u5b89\u5168\u6807\u51c6\u59d4\u5458\u4f1a\uff08PCI SSC\uff09\u53d1\u5e03\u4e86\u8be5\u6807\u51c6\u7684\u4fee\u8ba2\u7248PCI DSS v4.0.1\u3002\u5176\u4e2d\u5305\u62ec\u5bf9\u683c\u5f0f\u548c\u5370\u5237\u9519\u8bef\u7684\u66f4\u6b63\uff0c\u4e5f\u6f84\u6e05\u4e86\u4e00\u4e9b\u8981\u6c42\u548c\u6307\u5357\u7684\u91cd\u70b9\u548c\u610f\u56fe\u3002\u672c\u4fee\u8ba2\u7248\u4e2d\u6ca1\u6709\u9644\u52a0\u6216\u5220\u9664\u7684\u8981\u6c42\u5185\u5bb9\u3002<\/p>\n\n\n\n

\u4e3a\u4e86\u786e\u4fdd\u53d8\u66f4\u3001\u6f84\u6e05\u548c\u989d\u5916\u7684\u6307\u5bfc\u80fd\u591f\u6709\u6548\u5730\u652f\u6301\u4ea7\u4e1a\u91c7\u7528PCI DSS v4\uff0cPCI SSC\u987e\u95ee\u59d4\u5458\u4f1a\uff08BoA\uff1aBoard of Advisors\uff09\u3001\u5168\u7403\u6267\u884c\u8bc4\u4f30\u5458\u5706\u684c\u4f1a\u8bae\uff08GEAR\uff1aGlobal Executive Assessor Roundtable\uff09\u548c\u4e3b\u8981\u53c2\u4e0e\u673a\u6784\uff08Principal Participating Organizations\uff09\uff08\u901a\u8fc7\u6280\u672f\u6307\u5bfc\u5c0f\u7ec4\uff09\u88ab\u9080\u8bf7\u57282023\u5e7412\u6708\u81f32024\u5e741\u6708\u7684\u5f81\u6c42\u610f\u89c1\uff08RFC: Request for Comments\uff09\u671f\u95f4\u5ba1\u67e5\u53d8\u66f4\u63d0\u8bae\uff0c\u5e76\u63d0\u4f9b\u53cd\u9988\u3002<\/p>\n\n\n\n

\u6709\u5173\u66f4\u6539\u7684\u5b8c\u6574\u63cf\u8ff0\uff0c\u8bf7\u53c2\u9605PCI DSS v4.0\u81f3v4.0.1\u7248\u672c\u7684\u66f4\u6539\u6458\u8981\uff0c\u8be5\u6458\u8981\u73b0\u5df2\u5728PCI SSC\u6587\u6863\u5e93\uff08PCI SSC Document Library\uff09\u4e2d\u63d0\u4f9b\u3002\u672c\u6b21\u66f4\u65b0\u4e2d\u6240\u505a\u7684\u4e00\u4e9b\u66f4\u6539\u5305\u62ec\uff1a<\/p>\n\n\n\n

Requirement \u8981\u6c423<\/strong><\/p>\n\n\n\n

\u2022 Clarified Applicability Notes for issuers and companies that support issuing services.
\u2022 \u9488\u5bf9\u53d1\u5361\u673a\u6784\u548c\u652f\u6301\u53d1\u5361\u670d\u52a1\u7684\u516c\u53f8\u660e\u786e\u7684\u9002\u7528\u6027\u8bf4\u660e\u3002<\/p>\n\n\n\n

\u2022 Added a Customized Approach Objective and clarified applicability for organizations using keyed cryptographic hashes to render Primary Account Numbers (PAN) unreadable.
\u2022 \u589e\u52a0\u4e86\u81ea\u5b9a\u4e49\u65b9\u6cd5\u76ee\u6807\uff0c\u5e76\u9610\u660e\u4e86\u4f7f\u7528\u5e26\u5bc6\u94a5\u7684\u5f3a\u52a0\u5bc6\u54c8\u5e0c\u7b97\u6cd5\u4f7f\u4e3b\u8d26\u53f7\uff08PAN\uff09\u4e0d\u53ef\u8bfb\u53d6\u7684\u673a\u6784\u7684\u9002\u7528\u6027\u3002<\/p>\n\n\n\n

Requirement\u8981\u6c426<\/strong><\/p>\n\n\n\n

\u2022 Reverted to PCI DSS v3.2.1 language that installing patches\/updates within 30 days applies only for \u201ccritical vulnerabilities.\u201d
\u2022 \u6062\u590d\u5230PCI DSS v3.2.1\u8bed\u8a00\uff0c\u5373\u572830\u5929\u5185\u5b89\u88c5\u4fee\u8865\u7a0b\u5e8f\/\u66f4\u65b0\u4ec5\u9002\u7528\u4e8e\u201c\u91cd\u8981\u6f0f\u6d1e\u201d\u3002<\/p>\n\n\n\n

\u2022 Added Applicability Notes to clarify how the requirement for managing payment page scripts applies.
\u2022 \u6dfb\u52a0\u4e86\u9002\u7528\u6027\u8bf4\u660e\uff0c\u4ee5\u6f84\u6e05\u9488\u5bf9\u7ba1\u7406\u652f\u4ed8\u9875\u9762\u811a\u672c\u7684\u8981\u6c42\u5982\u4f55\u9002\u7528\u3002<\/p>\n\n\n\n

Requirement\u8981\u6c428<\/strong><\/p>\n\n\n\n

\u2022 Added an Applicability Note that multi-factor authentication for all (non-administrative) access into the CDE does not apply to user accounts that are only authenticated with phishing-resistant authentication factors.
\u2022 \u6dfb\u52a0\u4e86\u4e00\u4e2a\u9002\u7528\u6027\u8bf4\u660e\uff0c\u5373\u5bf9CDE\u7684\u6240\u6709\uff08\u975e\u7ba1\u7406\uff09\u8bbf\u95ee\u7684\u591a\u56e0\u7d20\u8eab\u4efd\u9a8c\u8bc1\u4e0d\u9002\u7528\u4e8e\u4ec5\u4f7f\u7528\u9632\u9493\u9c7c\u8eab\u4efd\u9a8c\u8bc1\u56e0\u7d20\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u5e10\u6237\u3002<\/p>\n\n\n\n

Requirement\u8981\u6c4212<\/strong><\/p>\n\n\n\n

\u2022 Updated Applicability Notes to clarify several points about relationships between customers and third-party service providers (TPSPs).
\u2022 \u66f4\u65b0\u4e86\u9002\u7528\u6027\u8bf4\u660e\uff0c\u4ee5\u6f84\u6e05\u6709\u5173\u5ba2\u6237\u548c\u7b2c\u4e09\u65b9\u670d\u52a1\u63d0\u4f9b\u5546\uff08TPSP\uff09\u4e4b\u95f4\u5173\u7cfb\u7684\u51e0\u70b9\u8bf4\u660e\u3002<\/p>\n\n\n\n

Appendices\u9644\u5f55<\/strong><\/p>\n\n\n\n

\u2022 Removed Customized Approach sample templates from Appendix E and referred to the sample templates that are available on the PCI SSC website.
\u2022 \u4ece\u9644\u5f55E\u4e2d\u5220\u9664\u4e86\u5b9a\u5236\u65b9\u6cd5\u6837\u672c\u6a21\u677f\uff0c\u5e76\u53c2\u8003\u4e86PCI SSC\u7f51\u7ad9\u4e0a\u7684\u6837\u672c\u6a21\u677f\u3002<\/p>\n\n\n\n

\u2022 Added definitions for \u201cLegal Exception,\u201d “Phishing Resistant Authentication,” and \u201cVisitor\u201d to Appendix G.
\u2022 \u5728\u9644\u5f55G\u4e2d\u589e\u52a0\u4e86\u201c\u6cd5\u5f8b\u4f8b\u5916\u201d\u3001\u201c\u6297\u7f51\u7edc\u9493\u9c7c\u8ba4\u8bc1\u201d\u548c\u201c\u8bbf\u95ee\u8005\u201d\u7684\u5b9a\u4e49\u3002<\/p>\n\n\n\n

PCI DSS v4.0.1\u5e38\u89c1\u95ee\u9898\u89e3\u7b54<\/strong><\/p>\n\n\n\n

\u2022 PCI DSS v4.0\u4f55\u65f6\u9000\u4f11\uff1f<\/p>\n\n\n\n

\u4e0e\u6240\u6709\u65b0\u7248\u672c\u7684PCI DSS\u4e00\u6837\uff0c\u5728\u4e00\u6bb5\u65f6\u95f4\u5185\uff0c\u5f53\u524d\u7248\u672c\u548c\u66f4\u65b0\u7248\u672c\u5c06\u540c\u65f6\u5904\u4e8e\u6d3b\u52a8\u72b6\u6001\u3002PCI DSS v4.0\u5c06\u4e8e2024\u5e7412\u670831\u65e5\u9000\u4f11\u3002\u5728\u6b64\u4e4b\u540e\uff0cPCI DSS v4.0.1\u5c06\u6210\u4e3aPCI SSC\u652f\u6301\u7684\u552f\u4e00\u5f53\u524d\u7248\u672c\u3002<\/p>\n\n\n\n

\u2022 PCI DSS v4.0.1\u662f\u5426\u66f4\u6539\u4e86\u65b0\u8981\u6c42\u76842025\u5e743\u670831\u65e5\u751f\u6548\u65e5\u671f\uff1f<\/p>\n\n\n\n

\u5426\u3002\u76ee\u524d\u6709\u9650\u7684\u4fee\u8ba2\u4e0d\u4f1a\u5f71\u54cd\u8fd9\u4e9b\u65b0\u8981\u6c42\u7684\u751f\u6548\u65e5\u671f\u3002<\/p>\n\n\n\n

\u2022 PCI DSS v4.0.1\u4e2d\u662f\u5426\u6709\u4efb\u4f55\u65b0\u8981\u6c42\uff1f<\/p>\n\n\n\n

\u5426\u3002\u7531\u4e8e\u8fd9\u662f\u4e00\u4e2a\u6709\u9650\u7684\u4fee\u8ba2\uff0c\u6ca1\u6709\u65b0\u7684\u6216\u5220\u9664\u7684\u8981\u6c42\u3002\u6709\u5173\u5b8c\u6574\u8be6\u7ec6\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605PCI DSS v4.0\u5230v4.0.1\u7684\u53d8\u66f4\u6458\u8981\u3002<\/p>\n\n\n\n

\u2022 PCI DSS v4.0.1\u5408\u89c4\u62a5\u544a\uff08ROC\uff09\u548c\u5408\u89c4\u8bc1\u660e\uff08AOC\uff09\u4ee5\u53ca\u81ea\u6211\u8bc4\u4f30\u95ee\u5377\uff08SAQ\uff09\u7684\u6a21\u677f\u4f55\u65f6\u53d1\u5e03\uff1f<\/p>\n\n\n\n

PCI DSS v4.0.1\u7684\u5408\u89c4\u6027\u62a5\u544a\uff08ROC\uff09\u548c\u5408\u89c4\u8bc1\u660e\uff08AOC\uff09\u4ee5\u53ca\u81ea\u6211\u8bc4\u4f30\u95ee\u5377\uff08SAQ\uff09\u7684\u6a21\u677f\u5c06\u4e8e2024\u5e74\u7b2c\u4e09\u5b63\u5ea6\u53d1\u5e03\uff0c\u968f\u540e\u4e0d\u4e45\u5c06\u53d1\u5e03\u66f4\u65b0\u7684PCI DSS\u652f\u6301\u6587\u4ef6\uff0c\u5982\u4f18\u5148\u65b9\u6cd5\u5de5\u5177\u3002<\/p>\n\n\n\n

\u5982\u679c\u9700\u8981\u66f4\u591a\u4fe1\u606f\u4e86\u89e3PCI DSS v4.0.1\u548c\u4ecePCI DSS v4.0\u5230v4.0.1\u7684\u53d8\u66f4\u6458\u8981\uff0c\u53ef\u5728PCI SSC\u6587\u6863\u5e93\u4e2d\u627e\u5230\u3002\u4e5f\u968f\u65f6\u6b22\u8fce\u8054\u7cfbatsec\u4fe1\u606f\u5b89\u5168\u83b7\u53d6\u66f4\u591a\u8d44\u8baf\u3002<\/p>\n\n\n\n

atsec\u4f5c\u4e3aGEAR\u6210\u5458\u4e4b\u4e00\u79ef\u6781\u53c2\u4e0e\u6807\u51c6\u66f4\u65b0\u5236\u5b9a\u548c\u53cd\u9988\uff0c\u4e3aPCI DSS\u6807\u51c6\u53d1\u5c55\u505a\u51fa\u4e86\u8d21\u732e\uff0c\u540c\u65f6atsec\u4e5f\u4f5c\u4e3a\u4ea7\u4e1a\u673a\u6784\u7684\u6865\u6881\uff0c\u901a\u8fc7\u5408\u9002\u7684\u65b9\u5f0f\u8fdb\u884c\u4fe1\u606f\u7684\u53ca\u65f6\u5206\u4eab\uff0c\u4ece\u800c\u4fc3\u8fdb\u4e86\u4ea7\u4e1a\u7684\u79ef\u6781\u4ea4\u6d41\u3002atsec\u671f\u5f85\u7740\u5408\u89c4\u8bc4\u4f30\u9886\u57df\u5728\u8bc4\u4f30\u5de5\u4f5c\u9ad8\u8d28\u91cf\u53d1\u5c55\u7684\u540c\u65f6\uff0c\u66f4\u52a0\u63d0\u9ad8\u5ba1\u6838\u7684\u6548\u7387\u4e14\u7cbe\u7b80\u76f8\u5173\u7684\u6d41\u7a0b\u548c\u65b9\u6cd5\u3002<\/p>\n\n\n\n

\u5173\u4e8e\u827e\u7279\u8d5b\u514b\uff08atsec\uff09\u4fe1\u606f\u5b89\u5168<\/strong><\/p>\n\n\n\n

atsec information security\u662f\u4e00\u5bb6\u72ec\u7acb\u4e14\u57fa\u4e8e\u6807\u51c6\u7684\u4fe1\u606f\u6280\u672f\uff08IT\uff1aInformation Technology\uff09\u5b89\u5168\u54a8\u8be2\u3001\u8bc4\u4f30\u548c\u6d4b\u8bc4\u670d\u52a1\u516c\u53f8\uff0c\u5b83\u5f88\u597d\u5730\u5c06\u5546\u4e1a\u5bfc\u5411\u7684\u4fe1\u606f\u5b89\u5168\u65b9\u6cd5\u548c\u6df1\u5165\u7684\u6280\u672f\u77e5\u8bc6\u4ee5\u53ca\u5168\u7403\u7684\u7ecf\u9a8c\u76f8\u7ed3\u5408\u3002atsec\u4e8e2000\u5e74\u6210\u7acb\u4e8e\u5fb7\u56fd\uff0c\u76ee\u524d\u901a\u8fc7\u6b27\u6d32\u3001\u7f8e\u56fd\u548c\u4e9a\u6d32\u7684\u5206\u652f\u673a\u6784\uff0c\u5e7f\u6cdb\u7684\u9762\u5411\u4e16\u754c\u8303\u56f4\u5546\u4e1a\u548c\u653f\u5e9c\u7684\u8bf8\u591a\u9886\u57df\u3002\u6211\u4eec\u7684\u540c\u4e8b\u662f\u4e0d\u540c\u6280\u672f\u9886\u57df\u7684\u4e13\u5bb6\uff0c\u5305\u62ec\u64cd\u4f5c\u7cfb\u7edf\u3001\u6570\u636e\u5e93\u3001\u7f51\u7edc\u8bbe\u5907\u3001\u5d4c\u5165\u5f0f\u7cfb\u7edf\u7b49\u7b49\u3002<\/p>\n\n\n\n

\u6211\u4eec\u7684\u5b9e\u9a8c\u5ba4\u6839\u636e\u4e0d\u540c\u7684\u6807\u51c6\u5f00\u5c55\u5546\u4e1a\u4ea7\u54c1\u548c\u7cfb\u7edf\u7684\u8bc4\u4f30\u548c\u6d4b\u8bd5\uff0c\u5305\u62ecCommon Criteria\u3001FIPS 140-3\u3001O-TTPS\u3001PCI\u3001ISO\/IEC 27001\u548cNESAS\uff0c\u4ece\u800c\u786e\u4fdd\u7528\u6237\u7684\u5b89\u5168\u6027\u3002\u6211\u4eec\u9488\u5bf9\u4e0d\u540c\u89c4\u6a21\u7684\u5ba2\u6237\u6210\u529f\u5b8c\u6210\u4e86\u8bf8\u591a\u7684\u8106\u5f31\u6027\u8bc4\u4f30\u3001\u5bc6\u7801\u6d4b\u8bd5\u3001\u5b89\u5168\u5ba1\u8ba1\uff0c\u4ee5\u53ca\u72ec\u7acb\u7684\u8bc4\u4f30\uff0c\u6d89\u53ca\u7535\u4fe1\u3001\u91d1\u878d\u548c\u80fd\u6e90\u7b49\u4e0d\u540c\u884c\u4e1a\u3002<\/p>\n\n\n\n

\u652f\u4ed8\u5361\u4ea7\u4e1a\uff08PCI: Payment Card Industry\uff09\uff0catsec\u63d0\u4f9b\u4e0d\u540c\u5b89\u5168\u8bc4\u4f30\u4f53\u7cfb\u548c\u6807\u51c6\u9886\u57df\u7684\u5b8c\u6574\u670d\u52a1\u3002atsec\u7ecf\u8fc7PCI\u5b89\u5168\u6807\u51c6\u59d4\u5458\u4f1a\uff08SSC: Security Standards Council\uff09\u6388\u6743\u8ba4\u53ef\u7684\u5b89\u5168\u8bc4\u4f30\u8d44\u8d28\u5305\u62ecPCI\u6570\u636e\u5b89\u5168\u6807\u51c6\uff08PCI DSS: PCI Data Security Standard\uff09\u5408\u683c\u7684\u5b89\u5168\u6027\u8bc4\u4f30\u673a\u6784\uff08QSA: Qualified Security Assessor\uff09\u3001\u6388\u6743\u7684\u626b\u63cf\u670d\u52a1\u5546\uff08ASV: Approved Scanning Vendor\uff09\u3001PCI\u70b9\u5bf9\u70b9\u52a0\u5bc6\uff08P2PE\uff1aPOINT-TO-POINT ENCRYPTION\uff09\u8bc4\u4f30\u673a\u6784\u3001PCI 3DS\u8bc4\u4f30\u673a\u6784\u3001\u5408\u683c\u7684PIN\u8bc4\u4f30\u673a\u6784\uff08QPA\uff1aQualified PIN Assessor\uff09\u3001PCI\u8f6f\u4ef6\u5b89\u5168\u6846\u67b6\uff08SSF\uff1aSoftware Security Framework\uff09\u5b89\u5168\u8f6f\u4ef6\uff08Secure Software\uff09\u548c\u5b89\u5168\u8f6f\u4ef6\u751f\u547d\u5468\u671f\uff08SLC\uff1aSecure Software Lifecycle\uff09\u8bc4\u4f30\u673a\u6784\u3001\u5361\u751f\u4ea7\u5b89\u5168\u8bc4\u4f30\u673a\u6784\uff08CPSA\uff1aCard Production Security Assessor\uff09\uff08\u9762\u5411\u7269\u7406\u548c\u903b\u8f91\u5b89\u5168\u8981\u6c42\u4e24\u4e2a\u72ec\u7acb\u7684\u6807\u51c6\uff09\uff0c\u4ee5\u53ca\u53d6\u8bc1\u8c03\u7814\u673a\u6784\uff08PFI\uff1aPCI Forensic Investigators\uff09\u3002\u6b64\u5916\uff0catsec\u63d0\u4f9bPCI\u5408\u89c4\u76f8\u5173\u652f\u6301\u670d\u52a1\uff0c\u5305\u62ec\u4f46\u4e0d\u9650\u4e8e\u4f53\u7cfb\u6587\u6863\u548c\u6574\u6539\u54a8\u8be2\u3001\u6e17\u900f\u6d4b\u8bd5\u3001\u98ce\u9669\u8bc4\u4f30\u7b49\u3002<\/p>\n\n\n\n

atsec\u662f\u4ea7\u4e1a\u7684\u9886\u5bfc\u8005\u548c\u8d21\u732e\u8005\uff0c\u6211\u4eec\u662f\u5e74\u5ea6\u56fd\u9645\u5bc6\u7801\u4f1a\u8bae\uff08ICMC\uff09\u7684\u6210\u7acb\u8005\u3002atsec\u79ef\u6781\u8d21\u732e\u4e8e\u4e0d\u540c\u7684\u6807\u51c6\u5316\u7ec4\u7ec7\uff0c\u5305\u62ecCommon Criteria\u3001ISO\u3001GSMA\u3001PCI GEAR\uff0c\u4ee5\u53ca\u6b27\u76df\u5b89\u5168\u6cd5\u4ee4\u5de5\u4f5c\u7ec4\u7b49\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

\u81ea2022\u5e743\u6708PCI DSS v4.0\u53d1\u5e03\u4ee5\u6765\uff0c\u53d7\u5230\u5168\u7403\u652f\u4ed8\u4ea7\u4e1a\u9ad8\u5ea6\u5173\u6ce8\uff0c\u4e3a\u4e86\u89e3\u51b3\u6765\u81ea\u6240\u6709\u4ea7\u4e1a\u76f8\u5173\u8005\u7684\u53cd\u9988\u548c […]<\/p>\n","protected":false},"author":6,"featured_media":3686,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[11,13],"tags":[],"_links":{"self":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/3582"}],"collection":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/comments?post=3582"}],"version-history":[{"count":2,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/3582\/revisions"}],"predecessor-version":[{"id":3674,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/posts\/3582\/revisions\/3674"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/media\/3686"}],"wp:attachment":[{"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/media?parent=3582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/categories?post=3582"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/192.168.0.78\/wp-json\/wp\/v2\/tags?post=3582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}