Asim Mehmood (guest)

Asim Mehmood is a security research engineer, holding a Master and a Bachelor of Science in Information Security.
Asim's core professional experience and competence is centered around
- Applied Classical & Modern Cryptography & Information
- Key Management
- HSMs
- Development of Public Key Infrastructure (PKI).
- Smart card enabled Key Management System in C#.
- Vulnerability assessment and Penetration Testing.
- Smart Card Applications development on Windows and Linux.
- LDAP and Secure LDAP Integration in Web Applications.
Asim loves music and reading.

PCI DSS Compliance Validation

Payment Card Industry Data Security Standard (PCI DSS) is an information security standard to prevent credit card fraud and protect against numerous additional security threats & vulnerabilities.

Read more

An Introduction to PCI DSS

Payment Card Industry Data Security Standard (PCI DSS) is an information security standard to protect against credit card fraud and numerous additional security threats & vulnerabilities. Credit/Debit card providers, such as MasterCard and Visa etc., implement the mechanisms and security controls specified and suggested in PCI DSS.

Read more

Introduction to Digital Signatures and PKCS #7

Through many parts of the world, including the European Union and the United States, digital signing has been adopted as a way to implement electronic signatures that are considered legally binding. This article introduces digital signatures, digital certificates and the relationship between digital signatures and PKCS #7.

Read more

HSMs and Key Management: Effective Key Security

Appropriate management of cryptographic keys is essential for the application of cryptography. This is often aided by the use of a hardware security module (HSM), a dedicated hardware machine with an embedded processor that offers cryptographic services to users, applications, and computers in a network, and which explicitly protects cryptographic keys at every phase of their life cycle.

Read more

Key Management Lifecycles compliant to PCI DSS

This article highlights the NIST key lifecycle recommendations in relation to PCI DSS compliance.

Read more

Differences between Hash functions, Symmetric & Asymmetric Algorithms

Cryptographic algorithms can be categorized into three classes: Hash functions, Symmetric and Asymmetric algorithms. This article sheds light on their differences, purpose and main fields of application.

Read more

PKI for EMV cards compliant to PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard to prevent credit card scams and numerous additional security threats & vulnerabilities.

Read more