Search Criteria : 22 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
CH-ADRCH-ADR-077reviewedTestable 8 5 PEP authorizing PPQ-1 and PPQ-2 transactions by implementing an Authorization Decision Consumer MUST, in addition to the result from the Authorization Decision Query, validate that the resource-id of the SAML Assertion identifies the same patient (EPR-sPID) as the resource-id* supplied in the policies to be added, updated deleted or queried for. If not true, the transaction MUST be denied (see Section 3.1.6.3 CH:ADR due to CH:PPQ)15Section 3.1.6.33/8/24 10:54:03 AM by vhofman
CH-PPQCH-PPQ-001reviewedTestable 3 2 Checking only the BODY part of the messagePrivacy Policy Feed request messages SHALL use SOAP v1.2 message encoding (see Section 3.3.5 Message Semantics)35Section 3.3.57/2/21 10:51:20 AM by aeschlimann
CH-PPQCH-PPQ-0010reviewedTestable 5 2 Checking only the BODY part of the messagePrivacy Policy Feed response messages SHALL use SOAP v1.2 message encoding (see Section 3.3.5 Message Semantics)35Section 3.3.57/2/21 10:51:20 AM by aeschlimann
CH-PPQCH-PPQ-0012reviewedTestable 5 2 Checking only the BODY part of the messagePrivacy Policy Feed response messages MAY be used to respond to, (1) add (AddPolicyRequest) (2) edit (UpdatePolicyRequest) or (3) delete (DeletePolicyRequest) authorization policies requests (see Section 3.3.5 Message Semantics)40Section 3.3.5 8/27/19 2:54:23 PM by aeschlimann
CH-PPQCH-PPQ-003reviewedTestable 2 3 Checking only the BODY part of the message & See also: Page 34EPR AddPolicyRequest and EPR UpdatePolicyRequest SHALL rely on SAML 2.0 profile of XACML v2.0 (see Section 3.3.6 EPR AddPolicyRequest and EPR UpdatePolicyRequest)36Section 3.3.67/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0035reviewedTestable 2 3 -The Policy Source SHALL sends AddPolicyRequest / EPR UpdatePolicyRequestmessages when it needs to add new or update existing policies and/or policy sets stored within the Policy Repository (of a patients referencecommunity) (see Section 3.3.6.1 Trigger Events) 36Section 3.3.6.17/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0036reviewedTestable 1 2 -AddPolicyRequest message relies on an EPR specific transaction schema, i.e. epr-policy-administration-combined-schema-1.3-local.xsd (see Section 3.3.6.2 Message Semantics)36Section 3.3.6.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0037reviewedTestable 1 2 -The body of EPR AddPolicyRequest SHALL use an <epr:AddPolicyRequest> element to identify the transaction and convey the request (see Section 3.3.6.2 Message Semantics)36Section 3.3.6.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0038reviewedTestable 1 2 -AddPolicyRequest SHALL convey a XACML Policy SAML <Assertion> as specified in OASIS SAML 2.0 profile of XACML v2.0 (see Section 3.3.6.2 Message Semantics)36Section 3.3.6.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0045reviewedTestable 1 2 -The body of EPR AddPolicyRequest Response message SHALL use an <epr:EprPolicyRepositoryResponse> element to report success or failure (see Section 3.3.7.2 Message Semantics)38Section 3.3.7.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0048reviewedTestable 1 3 -The Policy Source SHALL use this message for updating XACML policies, respectively existing XACML Policy Sets of a patient stored (see Section 3.3.6 EPR AddPolicyRequest and EPR UpdatePolicyRequest)36Section 3.3.67/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0049to deleteTestable 1 2 -EPR UpdatePolicyRequest message relies on an EPR specific transaction schema, i.e. epr-policy-administration-combined-schema-1.3-local.xsd36Section 3.3.6.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0051to deleteTestable 1 2 -The EPR UpdatePolicyRequest SHALL convey a XACML Policy SAML <Assertion> as specified in OASIS SAML 2.0 profile of XACML v2.036Section 3.3.6.27/2/21 10:51:21 AM by aeschlimann
CH-PPQCH-PPQ-0057to deleteTestable 2 3 -An EPR UpdatePolicyRequest Response message SHALL be created by the Policy Repository in response to the EPR UpdatePolicyRequest message to report a general success or failure code. 37Section 3.3.77/2/21 10:51:22 AM by aeschlimann
CH-PPQCH-PPQ-0058reviewedTestable 2 2 -A SOAP fault SHALL be reported back to the Policy Manager in case an EPR UpdatePolicyRequest cannot be executed due to unknown Policy or Policy Set IDs (see Section 3.3.7 EPR AddPolicyRequest Response and EPR UpdatePolicyRequest Response)37Section 3.3.712/10/19 10:44:32 AM by aeschlimann
CH-PPQCH-PPQ-0059reviewedTestable 2 2 -The body of EPR UpdatePolicyRequest Response message SHALL use an <epr:EprPolicyRepositoryResponse> element to report success or failure (see Section 3.3.7.2 Message Semantics)38Section 3.3.7.27/2/21 10:51:22 AM by aeschlimann
CH-PPQCH-PPQ-0062to deleteTestable 2 2 -The body of EPR UpdatePolicyRequest Response message SHALL use a <soap:Fault> element to report an update failure due to unknown Policy Set IDs38Section 3.3.7.212/10/19 10:44:50 AM by aeschlimann
CH-PPQCH-PPQ-0067reviewedTestable 1 2 -EPR DeletePolicyRequest SHALL rely on the epr-policy-administration-combined-schema-1.3-local.xsd transaction schema (see Section 3.3.8.2 Message Semantics)38Section 3.3.8.27/2/21 10:51:22 AM by aeschlimann
CH-PPQCH-PPQ-0068reviewedTestable 1 2 -The body of EPR DeletePolicyRequest SHALL use an <epr:DeletePolicyRequest> element to identify the transaction and convey the request (see Section 3.3.8.2 Message Semantics)38Section 3.3.8.27/2/21 10:51:22 AM by aeschlimann
CH-PPQCH-PPQ-0069reviewedTestable 1 2 -The <epr:DeletePolicyRequest> element SHALL convey a XACML Policy SAML <Assertion> as specified in OASIS SAML 2.0 profile of XACML (see Section 3.3.8.2 Message Semantics)38Section 3.3.8.27/2/21 10:51:22 AM by aeschlimann