Page 40 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 40
ITU-T Focus Group Digital Financial Services
Technology, Innovation and Competition
References
The following ITU-T Recommendations and other references contain provisions which, through reference in
this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were
valid. All Recommendations and other references are subject to revision; users of this Recommendation are
therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations
and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published.
The reference to a document within this Recommendation does not give it, as a stand-alone document, the
status of a Recommendation.
[1] B. Reaves, N. Scaife, A. Bates, P. Traynor, K.R.B. Butler, Mo(bile) Money, Mo(bile) Problems: Analysis of
Branchless Banking Applications in the Developing World, in: 24th USENIX Security Symposium (Security’15),
Washington, DC, USA, 2015. https:// www. usenix. org/ system/ files/ conference/ usenixsecurity15/ sec15-
paper- reaves- mobile_ 0. pdf .
[2] T. Gendrullis, M. Novotný, A. Rupp, A Real-World Attack Breaking A5/1 within Hours, in: Cryptographic
Hardware and Embedded Systems – CHES 2008, Springer Berlin Heidelberg, 2008: pp. 266–282.
[3] P. Papantonakis, D. Pnevmatikatos, I. Papaefstathiou, C. Manifavas, Fast, FPGA-based Rainbow Table
creation for attacking encrypted mobile communications, in: 23 Internaional Conference on Field
rd
Programmable Logic and Applications (FPL), 2013. http:// ieeexplore. ieee. org/ document/ 6645525/
[4] K. Nohl. Rooting SIM Cards. BlackHat, July 2013. https:// srlabs. de/ rooting- sim- cards/
[5] US CERT. OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160). https:// www. us- cert. gov/ ncas/ alerts/
TA14- 098A
[6] [ITU-T X.800] Recommendation ITU-T X.800 (March 1991), Security Architecture for Open Systems
Interconnection for CCITT Applications.
[7] [ITU-T X.805] Recommendation ITU-T X.805 (January 2004), Security architecture for systems providing
end-to-end communications.
[8] [ITU-T Y.2740] Recommendation ITU-T Y.2740 (January 2011), Security requirements for mobile remote
financial transactions in next generation networks.
[9] [ITU-T Y.2741] Recommendation ITU-T Y.2741 (January 2011), Architecture of secure mobile financial
transactions in next generation networks.
[10] J.Rutkowska.“Evil Maid goes after TrueCrypt!” October 2009. http:// theinvisiblethings. blogspot. com/
2009/ 10/ evil- maid- goes- after- truecrypt. html
[11] Halderman, J. A., Schoen, S. D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J. A, & Felten, E. W. (2009).
Lest we remember: cold-boot attacks on encryption keys. Communications of the ACM, 52(5), 91-98.
[12] Ukrainian National Commission for the State Regulation of Communications and Information, Verification
of Telecommunications Compliance, May 2014.
[13] National Institute of Standards and Technology, Publication 800-171 “Protecting Uncontrolled Unclassified
Information in Nonfederal Information Systems and Organizations”
[14] PCI Data Security Standards Council, PCI Data Security Standards Requirements v3.1.
[15] Carol Coye Benson, Charles Niehaus, Mina Mashayekhi, Nils Clotteau, Trevor Zimmer, Bruno Antunes, Yury
Grin, Peter Potgieser, Quang Nguyen, Graham Wright, Nathalie Feingold, Ashwini Sathnur, Johan Bosini,
Jeremy Leach, Oksana Smirnova, Evgeniy Bondarenko, May 2016: ITU-T Focus Group Digital Financial
Services Technical Report: The Digital Financial Services Ecosystem.
26
