• There are no items in your cart

ANSI X9.112-1 : 2009

Superseded
Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by
superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

WIRELESS MANAGEMENT AND SECURITY - PART 1: GENERAL REQUIREMENTS
Superseded date

05-27-2016

Published date

01-12-2013

Foreword
Introduction
1 Scope
  1.1 Audience
  1.2 Business Case
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Wireless Risks
  5.1 Introduction
  5.2 Applicable Risks
       5.2.1 Physical Topology
       5.2.2 Access Control - Least Privilege
       5.2.3 Encryption
       5.2.4 Network Integrity
       5.2.5 Wireless Transmission
       5.2.6 Unauthorized Wireless Access Devices
       5.2.7 Denial of Service (DoS)
       5.2.8 Data Integrity
6 Requirements
  6.1 Overview
  6.2 Wireless Security Policy
  6.3 Data Security
  6.4 Entity Authentication
  6.5 Data Integrity
  6.6 Security Encapsulation
  6.7 Key Management
  6.8 Wireless Network
  6.9 Audit Logging
  6.10 Physical Security
  6.11 Access Control
7 Wireless Security Policy
  7.1 Roles and Responsibilities
  7.2 Security Controls
  7.3 Technology Controls
  7.4 Access Controls
  7.5 Configuration Controls
  7.6 Cryptograph Controls
  7.7 Physical Controls
  7.8 Log Management
Annex A (normative) Wireless Validation Control Objectives
  A.1 Introduction
  A.2 Environmental Controls
       A.2.1 Security Policy
       A.2.2 Security Organization
       A.2.3 Asset Classification and Management
       A.2.4 Personnel Security
       A.2.5 Physical and Environmental Security
       A.2.6 Operations Management
       A.2.7 System Access Management
       A.2.8 Systems Development and Maintenance
       A.2.9 Wireless Access Continuity Management
       A.2.10 Monitoring and Compliance
       A.2.11 Event Journaling
  A.3 Key Management Life Cycle Controls
       A.3.1 Key Generation
       A.3.2 Key Storage, Backup and Recover
       A.3.3 Key Distribution
       A.3.4 Key Usage
       A.3.5 Key Destruction and Archival
       A.3.6 Cryptographic Device Life Cycle Controls
  A.4 Wireless Management Life Cycle Controls
       A.4.1 Wireless Device Life Cycle
       A.4.2 Wireless Encryption
       A.4.3 Wireless Authentication
       A.4.4 Wireless Integrity
       A.4.5 Wireless Encapsulation
Annex B (Normative) Wireless Cryptograph Controls
Annex C (Informative) Wireless Technology Standards
Wireless Local Area Networks
  C.1 Broadband Wireless
  C.2 Bluetooth
       C.2.1 Architecture
       C.2.2 Client ID
       C.2.3 Client Provisioning
       C.2.4 External Functional Interface (EFI)
       C.2.5 General formats
       C.2.6 Multimedia Messaging Service (MMS)
       C.2.7 Persistence
       C.2.8 Pictogram
       C.2.9 Push
       C.2.10 Synchronisation
       C.2.11 User Agent Profile (UAProf)
       C.2.12 Wireless Application Environment
       C.2.13 Wireless Protocols
       C.2.14 Wireless Security
       C.2.15 Wireless Telephony Application (WTA)
  C.3 Voice and Messaging
Annex D (Informative) X9 Registry
Annex E (Informative) OCC Risk Management of Wireless Networks
Bibliography

Covers an overview of wireless radio frequency (RF) technologies and general requirements applicable to all wireless implementations for the financial services industry.

Committee
X9
DocumentType
Standard
PublisherName
American Bankers Association
Status
Superseded
SupersededBy

ANSI X9.30.1 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - PART 1: THE DIGITAL SIGNATURE ALGORITHM (DSA)
ANSI X9.57 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT
ANSI X9.95 : 2016 FINANCIAL SERVICES - TRUSTED TIME STAMP MANAGEMENT AND SECURITY
ISO/IEC 9798-3:1998 Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques
ANSI X9.8-1 : 2015 FINANCIAL SERVICES - PERSONAL IDENTIFICATION NUMBER (PIN) MANAGEMENT AND SECURITY - PART 1: BASIC PRINCIPLES AND REQUIREMENTS FOR PINS IN CARD-BASED SYSTEMS
ISO 11568-2:2012 Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ANSI X9.52 : 1998 TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
ISO/IEC 9798-4:1999 Information technology Security techniques Entity authentication Part 4: Mechanisms using a cryptographic check function
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
ANSI X9.24-1 : 2017 RETAIL FINANCIAL SERVICES - SYMMETRIC KEY MANAGEMENT - PART 1: USING SYMMETRIC TECHNIQUES
ANSI X9.84 : 2010(R2017) BIOMETRIC INFORMATION MANAGEMENT AND SECURITY FOR THE FINANCIAL SERVICES INDUSTRY
ISO/IEC 9798-2:2008 Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithms
ISO/IEC 9798-5:2009 Information technology — Security techniques — Entity authentication — Part 5: Mechanisms using zero-knowledge techniques
ISO 11568-1:2005 Banking — Key management (retail) — Part 1: Principles
ISO 11568-4:2007 Banking — Key management (retail) — Part 4: Asymmetric cryptosystems — Key management and life cycle
ANSI X9.30.2 : 1997 PUBLIC KEY CRYPTOGRAPHY USING IRREVERSIBLE ALGORITHMS - PART 2: THE SECURE HASH ALGORITHM (SHA-1)
ANSI X9.31 : 1998 DIGITAL SIGNATURES USING REVERSIBLE PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY (RDSA)
ISO/IEC 9798-1:2010 Information technology Security techniques Entity authentication Part 1: General

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.