| ATNA | ATNA-10 | | Testable |
0
|
2
| | Audit Record Repository actor which claims support of the Audit Trail and Node Authentication (ATNA) integration profile shall support the Record Audit Event [ITI-20] transaction. | 69 | Table 9.1-1 | 5/22/23 2:18:09 PM by testAuto |
|
| ATNA | ATNA-12 | | Testable |
0
|
2
| | Secure Node actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile shall support the Record Audit Event [ITI-20] transaction | 69 | Table 9.1-1 | 6/27/22 4:37:57 PM by testAuto |
|
| ATNA | ATNA-15 | | Testable |
0
|
2
| | Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Maitain Time [ITI-1] transaction | 72 | Table 9.3-1 | 6/29/22 11:39:13 AM by testAuto |
|
| ATNA | ATNA-16 | | Testable |
0
|
2
| see previous comment on ITI-19 | Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Record Audit Event [ITI-20] transaction | 69 | Table 9.1-1 | 6/29/22 11:49:04 AM by testAuto |
|
| ATNA | ATNA-20 | | Testable |
0
|
2
| | The Audit Repository shall support both audit transport mechanisms
| 70 | Section 9.1.1.3 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| ATNA | ATNA-21 | | Testable |
0
|
2
| | The Audit Repository shall support any IHE-specified audit message format, when sent over one of those transport mechanisms. Note that new applications domains may have their own extended vocabularies in addition to the DICOM and IHE vocabularies. This also means that an ATNA Audit Repository is also automatically a Radiology Basic Security Profile Audit Repository because it must support the IHE Provisional Message format and it must support the BSD syslog protocol | 70 | Section 9.1.1.3 | 6/29/22 2:22:50 PM by testAuto |
|
| ATNA | ATNA-22 | | Testable |
0
|
2
| | The Audit Repository shall support self protections and user access controls | 70 | Section 9.1.1.3 | 6/29/22 11:20:02 AM by testAuto |
|
| ATNA | ATNA-26 | | Testable |
0
|
0
| Agreed to do not cover this assertion | Audit Record Forwarder actor which claims support of the Audit Trail and Node Authentication (ATNA) integration profile shall support the Record Audit Event [ITI-20] transaction. | 69 | Table 9.1-1 | 7/26/19 10:00:08 AM by aeschlimann |
|
| ATNA | ATNA-27 | | Testable |
0
|
0
| | The Secure Node shall use the Authenticate Node transaction for all network connections to or from the node that may expose private information as specified in ITI TF-2a: 3.19 | 69 | Section 9.1.1.1 | 7/26/19 10:00:08 AM by aeschlimann |
|
| ATNA | ATNA-3 | | Testable |
0
|
2
| | A Secure Node Actor shall be configurable to support both connection authentication and physically secured networks | 72 | Section 9.4 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| ATNA | ATNA-30 | reviewed | Testable |
0
|
1
| | The Secure Application shall detect and report a Record Audit Event as specified in ITI TF-2a: 3.20 | 70 | Section 9.1.1.2 | 7/8/19 5:09:19 PM by NicolasBailliet |
|
| ATNA | ATNA-31 | reviewed | Testable |
0
|
1
| | The Audit Repository shall support all messages complying with the Syslog RFCs shall be accepted. The Audit Repository may ignore or process messages in non-IHE message formats. This may be for backwards compatibility or other reasons. | 70 | Section 9.1.1.3 | 7/8/19 5:09:22 PM by NicolasBailliet |
|
| ATNA | ATNA-32 | reviewed | Testable |
0
|
1
| | The Audit Record Forwarder shall be grouped with an Audit Record Repository | 71 | Section 9.1.1.4 | 7/8/19 5:09:25 PM by NicolasBailliet |
|
| ATNA | ATNA-33 | reviewed | Testable |
0
|
1
| | The Audit Record Forwarder shall filter and forward Syslog messages as they arrive. Filter and forward is described in ITI TF-2a: 3.20 and Syslog RFC5424. | 71 | Section 9.1.1.4 | 7/8/19 5:09:31 PM by NicolasBailliet |
|
| ATNA | ATNA-34 | reviewed | Testable |
0
|
1
| | The Audit Record Forwarder shall be configurable to forward messages to destination Audit Record Repositories. | 71 | Section 9.1.1.4 | 7/8/19 5:09:34 PM by NicolasBailliet |
|
| ATNA | ATNA-4 | | Testable |
0
|
4
| | The mechanism for logging audit record messages to the audit record repository shall be either Transmission of Syslog Messages over UDP (RFC5426) with The Syslog Protocol (RFC5424) which formalizes and obsoletes Syslog (RFC-3164), either 2) Transmission of Syslog Messages over TLS (RFC5425) with The Syslog Protocol (RFC5424) which formalizes sending syslog messages over a streaming protocol protectable by TLS. | 72 | Section 9.3 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| ATNA | ATNA-6 | | Testable |
0
|
4
| | A means must be provided to upload the required certificates to the implementation, e.g., via floppy disk or file transfer via network. | 72 | Section 9.4 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| ATNA | ATNA-7 | | Testable |
0
|
2
| I don't know what this assertion means. | When an IHE profile requires a grouping of an actor with either Secure Node or Secure Application, then the ATNA requirements apply to all actors in the implementation. | 72 | Section 9.3.1 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| ATNA | ATNA-8 | | Testable |
0
|
2
| | When an implementation chooses to support this Integration Profile for an actor, it is required that all IHE actors and any other activities in this implementation support the Audit Trail and Node Authentication Integration Profile. | 72 | Section 9.4 | 4/30/19 4:13:19 PM by NicolasBailliet |
|
| CH-ADR | CH-XADR-001 | reviewed | Testable |
0
|
1
| Agreed to do not cover this assertion | Any Authorization Decision Consumer grouped with a XDS Document Registry SHALL ask each Authorization Decision Provider, even outside their home community, until a response includes a decision code other than NotApplicable (see Section 3.2 Cross-Community Authorization Decision Request (CH:XADR)) | 21 | Section 3.2 | 11/20/23 2:39:12 PM by vhofman |
|