Search Criteria : 64 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ATNAATNA-10Testable 0 2 Audit Record Repository actor which claims support of the Audit Trail and Node Authentication (ATNA) integration profile shall support the Record Audit Event [ITI-20] transaction.69Table 9.1-15/22/23 2:18:09 PM by testAuto
ATNAATNA-12Testable 0 2 Secure Node actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile shall support the Record Audit Event [ITI-20] transaction69Table 9.1-16/27/22 4:37:57 PM by testAuto
ATNAATNA-15Testable 0 2 Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Maitain Time [ITI-1] transaction72Table 9.3-17/9/24 2:31:02 PM by dgraveto
ATNAATNA-16Testable 0 2 see previous comment on ITI-19Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Record Audit Event [ITI-20] transaction69Table 9.1-16/29/22 11:49:04 AM by testAuto
ATNAATNA-21Testable 0 2 The Audit Repository shall support any IHE-specified audit message format, when sent over one of those transport mechanisms. Note that new applications domains may have their own extended vocabularies in addition to the DICOM and IHE vocabularies. This also means that an ATNA Audit Repository is also automatically a Radiology Basic Security Profile Audit Repository because it must support the IHE Provisional Message format and it must support the BSD syslog protocol70Section 9.1.1.36/29/22 2:22:50 PM by testAuto
ATNAATNA-3Testable 0 2 A Secure Node Actor shall be configurable to support both connection authentication and physically secured networks 72Section 9.44/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-4Testable 0 4 The mechanism for logging audit record messages to the audit record repository shall be either Transmission of Syslog Messages over UDP (RFC5426) with The Syslog Protocol (RFC5424) which formalizes and obsoletes Syslog (RFC-3164), either 2) Transmission of Syslog Messages over TLS (RFC5425) with The Syslog Protocol (RFC5424) which formalizes sending syslog messages over a streaming protocol protectable by TLS.72Section 9.34/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-6Testable 0 4 A means must be provided to upload the required certificates to the implementation, e.g., via floppy disk or file transfer via network. 72Section 9.44/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-7Testable 0 2 I don't know what this assertion means.When an IHE profile requires a grouping of an actor with either Secure Node or Secure Application, then the ATNA requirements apply to all actors in the implementation.72Section 9.3.14/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-8Testable 0 2 When an implementation chooses to support this Integration Profile for an actor, it is required that all IHE actors and any other activities in this implementation support the Audit Trail and Node Authentication Integration Profile. 72Section 9.44/30/19 4:13:19 PM by NicolasBailliet
ITI19ITI19-10reviewedTestable 0 0 The Secure Node or Secure Application shall not reject certificates that contain unknown attributes or other parameters.134Section 3.19.6.1.34/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-12reviewedTestable 0 0 The IHE Technical Framework recommends a maximum expiration time for certificates of 2 years.134Section 3.19.6.1.34/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-13reviewedTestable 0 0 Using a certificate chain back to an external trusted certificate authority to determine authorizations is strongly discouraged.134Section 3.19.6.1.34/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-16reviewedTestable 0 0 For all connections carrying Protected Information (PI), the recommended "well-known port 2762" as specified by DICOM shall be used when the Secure node is configured for use not on a physically secured network.135Section 3.19.6.24/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-17reviewedTestable 0 0 For all connections carrying Protected Information (PI), and when the secure node is configured for use on a physically secured network, a different port number shall be used, preferably the standard port 104. 135Section 3.19.6.24/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-18reviewedTestable 0 0 For all connections carrying Protected Information (PI), the port number used when configured for use on a physically secured network shall be different than the port number used when configured for use not on a physically secured network.135Section 3.19.6.24/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-19reviewedTestable 0 0 For all connections carrying Protected Information (PI), if SN/SA is configured for physical security, then it may use the non-TLS DICOM port and protocol.135Section 3.19.6.24/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-20reviewedTestable 0 0 For all web-services carrying Protected Information(PI), a trusted association shall be established between the two nodes utilizing WS-I Basic Security Profile Version 1.1.135Section 3.19.6.44/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-21reviewedTestable 0 0 For SMTP communications, when configured to use email on a network that is not physically secured, implementations shall use S/MIME (RFC-3851).135Section 3.19.6.54/30/19 4:50:25 PM by NicolasBailliet
ITI19ITI19-22reviewedTestable 0 0 For SMTP communications on a network that is not physically secured, the message shall be signed using the signedData format.135Section 3.19.6.54/30/19 4:50:25 PM by NicolasBailliet