我们有一个行政网站,它基本上是客户查阅客户交易和报告的一个用户界面。这是在ASP.net MVC3上用Telerik MVC控制软件开发的。我们产品的主要核心是网络服务。我们正在研究如何让我们遵守PCI。网站的认证完全不安全,没有定制会员或表格认证。我们在数据库中存储了散口密码。我想看看是否有第三方“PCI Compliant”图书馆外的任何可以用来进行用户认证的?如果不是在成员中实现PCI合规的最佳方法,那么什么不是?
此外,我们目前使用开放源码日志4net来记录网站和网络服务。 是否有其他符合 PCI 的“ 登录” 解决方案? 最好在产品层面和网络层面同时使用。
感谢您的帮助。
Thanks, SDD
关于认证 PCI, 要求所有密码都要加密或仓促使用散列法才能最容易执行。
避免使用 MD5. 我建议使用 PBKDF2. 查看 < a href="http://code.google.com/p/stackid/sources/browse/OpenIdProvider/Current.cs#1135" rel=“nofolt" >http://code.google.com/p/stackid/sources/browse/OpenIdProvider/Current.cs#1135 , 以了解堆叠流实际使用的一些参考代码。
Log4net 可用于记录, 但您需要使用 UdpAppender 将日志发送到 syslog 服务器。 请至少记录 PCI 的日志记录要求, 并确保您不登录任何密码或信用卡号码 。
What is the use of default keyword in C#? Is it introduced in C# 3.0 ?
I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...
I m pretty new to the Objective-C world and I have a long history with .net/C# so naturally I m inclined to use my C# wits. Now here s the question: I feel really inclined to create some type of ...
I cannot figure out how to marshal a C++ CBitmap to a C# Bitmap or Image class. My import looks like this: [DllImport(@"test.dll", CharSet = CharSet.Unicode)] public static extern IntPtr ...
I have two EF entities. One has a property called HouseNumber. The other has two properties, one called StartHouseNumber and one called EndHouseNumber. I want to create a many to many association ...
How to user GhostScript DLL to convert PDF to PDF/A. I know I kind of have to call the exported function of gsdll32.dll whose name is gsapi_init_with_args, but how do i pass the right arguments? BTW, ...
Since I cannot order my dictionary, what is the best way of going about taking key value pairs and also maintaing an index?
Maybe it s something I m doing wrong. I m just learning Linq because I m bored. And so far so good. I made a little program and it basically just outputs all matches (foreach) into a label control. ...
