• ANSI X9.112-1 : 2009

    Superseded A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

    WIRELESS MANAGEMENT AND SECURITY - PART 1: GENERAL REQUIREMENTS

    Available format(s): 

    Superseded date:  27-05-2016

    Language(s): 

    Published date:  13-01-2013

    Publisher:  American Bankers Association

    Sorry this product is not available in your region.

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Foreword
    Introduction
    1 Scope
      1.1 Audience
      1.2 Business Case
    2 Normative references
    3 Terms and definitions
    4 Symbols and abbreviated terms
    5 Wireless Risks
      5.1 Introduction
      5.2 Applicable Risks
           5.2.1 Physical Topology
           5.2.2 Access Control - Least Privilege
           5.2.3 Encryption
           5.2.4 Network Integrity
           5.2.5 Wireless Transmission
           5.2.6 Unauthorized Wireless Access Devices
           5.2.7 Denial of Service (DoS)
           5.2.8 Data Integrity
    6 Requirements
      6.1 Overview
      6.2 Wireless Security Policy
      6.3 Data Security
      6.4 Entity Authentication
      6.5 Data Integrity
      6.6 Security Encapsulation
      6.7 Key Management
      6.8 Wireless Network
      6.9 Audit Logging
      6.10 Physical Security
      6.11 Access Control
    7 Wireless Security Policy
      7.1 Roles and Responsibilities
      7.2 Security Controls
      7.3 Technology Controls
      7.4 Access Controls
      7.5 Configuration Controls
      7.6 Cryptograph Controls
      7.7 Physical Controls
      7.8 Log Management
    Annex A (normative) Wireless Validation Control Objectives
      A.1 Introduction
      A.2 Environmental Controls
           A.2.1 Security Policy
           A.2.2 Security Organization
           A.2.3 Asset Classification and Management
           A.2.4 Personnel Security
           A.2.5 Physical and Environmental Security
           A.2.6 Operations Management
           A.2.7 System Access Management
           A.2.8 Systems Development and Maintenance
           A.2.9 Wireless Access Continuity Management
           A.2.10 Monitoring and Compliance
           A.2.11 Event Journaling
      A.3 Key Management Life Cycle Controls
           A.3.1 Key Generation
           A.3.2 Key Storage, Backup and Recover
           A.3.3 Key Distribution
           A.3.4 Key Usage
           A.3.5 Key Destruction and Archival
           A.3.6 Cryptographic Device Life Cycle Controls
      A.4 Wireless Management Life Cycle Controls
           A.4.1 Wireless Device Life Cycle
           A.4.2 Wireless Encryption
           A.4.3 Wireless Authentication
           A.4.4 Wireless Integrity
           A.4.5 Wireless Encapsulation
    Annex B (Normative) Wireless Cryptograph Controls
    Annex C (Informative) Wireless Technology Standards
    Wireless Local Area Networks
      C.1 Broadband Wireless
      C.2 Bluetooth
           C.2.1 Architecture
           C.2.2 Client ID
           C.2.3 Client Provisioning
           C.2.4 External Functional Interface (EFI)
           C.2.5 General formats
           C.2.6 Multimedia Messaging Service (MMS)
           C.2.7 Persistence
           C.2.8 Pictogram
           C.2.9 Push
           C.2.10 Synchronisation
           C.2.11 User Agent Profile (UAProf)
           C.2.12 Wireless Application Environment
           C.2.13 Wireless Protocols
           C.2.14 Wireless Security
           C.2.15 Wireless Telephony Application (WTA)
      C.3 Voice and Messaging
    Annex D (Informative) X9 Registry
    Annex E (Informative) OCC Risk Management of Wireless Networks
    Bibliography

    Abstract - (Show below) - (Hide below)

    Covers an overview of wireless radio frequency (RF) technologies and general requirements applicable to all wireless implementations for the financial services industry.

    General Product Information - (Show below) - (Hide below)

    Committee X9
    Document Type Standard
    Publisher American Bankers Association
    Status Superseded
    Superseded By

    Standards Referencing This Book - (Show below) - (Hide below)

    ANSI X9.30.1 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - PART 1: THE DIGITAL SIGNATURE ALGORITHM (DSA)
    ANSI X9.57 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT
    ANSI X9.95 : 2016 FINANCIAL SERVICES - TRUSTED TIME STAMP MANAGEMENT AND SECURITY
    ISO/IEC 9798-3:1998 Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques
    ANSI X9.8-1 : 2015 FINANCIAL SERVICES - PERSONAL IDENTIFICATION NUMBER (PIN) MANAGEMENT AND SECURITY - PART 1: BASIC PRINCIPLES AND REQUIREMENTS FOR PINS IN CARD-BASED SYSTEMS
    ISO 11568-2:2012 Financial services Key management (retail) Part 2: Symmetric ciphers, their key management and life cycle
    ANSI X9.52 : 1998 TRIPLE DATA ENCRYPTION ALGORITHM MODES OF OPERATION
    ISO/IEC 9798-4:1999 Information technology Security techniques Entity authentication Part 4: Mechanisms using a cryptographic check function
    ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
    ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
    ANSI X9.24-1 : 2017 RETAIL FINANCIAL SERVICES - SYMMETRIC KEY MANAGEMENT - PART 1: USING SYMMETRIC TECHNIQUES
    ANSI X9.84 : 2010(R2017) BIOMETRIC INFORMATION MANAGEMENT AND SECURITY FOR THE FINANCIAL SERVICES INDUSTRY
    ISO/IEC 9798-2:2008 Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithms
    ISO/IEC 9798-5:2009 Information technology Security techniques Entity authentication Part 5: Mechanisms using zero-knowledge techniques
    ISO 11568-1:2005 Banking Key management (retail) Part 1: Principles
    ISO 11568-4:2007 Banking Key management (retail) Part 4: Asymmetric cryptosystems Key management and life cycle
    ANSI X9.30.2 : 1997 PUBLIC KEY CRYPTOGRAPHY USING IRREVERSIBLE ALGORITHMS - PART 2: THE SECURE HASH ALGORITHM (SHA-1)
    ANSI X9.31 : 1998 DIGITAL SIGNATURES USING REVERSIBLE PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY (RDSA)
    ANSI X9.24-2 : 2016 RETAIL FINANCIAL SERVICES - SYMMETRIC KEY MANAGEMENT - PART 2: USING ASYMMETRIC TECHNIQUES FOR THE DISTRIBUTION OF SYMMETRIC KEYS
    ISO/IEC 9798-1:2010 Information technology Security techniques Entity authentication Part 1: General
    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective