AssertionManagerGui

Id scheme	Assertion id	Status	Testable?	#Coverage	#Applies to	Comment	Predicate	Page	Tags	Last changed

ITI40	ITI40-035	reviewed	Testable	7	3	Note: A purpose-of-use-code set will need to be defined as part of the testing environment for XUA	The X-ServiceUser shall encode the PurposeOfUse <Attribute> element with the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:purposeofuse”. The value of the <AttributeValue> element is a child element, “PurposeOfUse”, in the namespace “urn:hl7-org:v3”, whose content is defined by the “CE” (coded element) data type from the HL7 version 3 specification. The PurposeOfUse element shall contain the coded representation of the Purpose for Use that is in effect for the request.	149	Section 3.40.4.1.2.3	9/17/19 4:38:01 PM by mtoudic
ITI40	ITI40-036	reviewed	Testable	0	3		The X-Service User shall place the PurposeOfUse value into the ATNA Audit Message associated with the transaction according to the ATNA Audit Message transaction ITI-20 (see ITI-TF-2a: 3.20.7.3).	150	Section 3.40.4.1.2.3.1	5/2/19 11:31:13 AM by NicolasBailliet
ITI40	ITI40-047	reviewed	Testable	0	4		When the PurposeOfUse Option is used the X-Service Provider SHALL place the PurposeOfUse into the ATNA Audit Message associated with the transaction	151	Section 3.40.4.1.3.3	5/2/19 11:31:13 AM by NicolasBailliet
ITI40	ITI40-048	reviewed	Not testable	0	4		The X-Service Provider MAY use the PurposeOfUse value in Access Control decisions.	151	Section 3.40.4.1.3.3	9/17/19 4:53:10 PM by mtoudic
ITI40	ITI40-058	reviewed	Not testable	0	3		The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Purpose of Use attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:purposeofuse”.	148	Section 3.40.4.1.2.2	9/17/19 4:53:36 PM by mtoudic
XUA	XUA-010	reviewed	Testable	0	2		X-Service User that supports the PurposeOfUse option shall support the transaction requirements in ITI TF-2b:3.40.4.1.2.3	131	Section 13.5.3	9/10/19 10:20:48 AM by NicolasBailliet

reviewed

Testable

Note: A purpose-of-use-code set will need to be defined as part of the testing environment for XUA

The X-ServiceUser shall encode the PurposeOfUse <Attribute> element with the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:purposeofuse”. The value of the <AttributeValue> element is a child element, “PurposeOfUse”, in the namespace “urn:hl7-org:v3”, whose content is defined by the “CE” (coded element) data type from the HL7 version 3 specification. The PurposeOfUse element shall contain the coded representation of the Purpose for Use that is in effect for the request.

149

Section 3.40.4.1.2.3

9/17/19 4:38:01 PM by mtoudic

ITI40

ITI40-036

reviewed

Testable

0

3

The X-Service User shall place the PurposeOfUse value into the ATNA Audit Message associated with the transaction according to the ATNA Audit Message transaction ITI-20 (see ITI-TF-2a: 3.20.7.3).

150

Section 3.40.4.1.2.3.1

5/2/19 11:31:13 AM by NicolasBailliet

ITI40

ITI40-047

reviewed

Testable

0

4

When the PurposeOfUse Option is used the X-Service Provider SHALL place the PurposeOfUse into the ATNA Audit Message associated with the transaction

151

Section 3.40.4.1.3.3

5/2/19 11:31:13 AM by NicolasBailliet

ITI40

ITI40-048

reviewed

Not testable

0

4

The X-Service Provider MAY use the PurposeOfUse value in Access Control decisions.

151

Section 3.40.4.1.3.3

9/17/19 4:53:10 PM by mtoudic

ITI40

ITI40-058

reviewed

Not testable

0

3

The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Purpose of Use attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:purposeofuse”.

148

Section 3.40.4.1.2.2

9/17/19 4:53:36 PM by mtoudic

XUA

XUA-010

reviewed

Testable

0

2

X-Service User that supports the PurposeOfUse option shall support the transaction requirements in ITI TF-2b:3.40.4.1.2.3

131

Section 13.5.3

9/10/19 10:20:48 AM by NicolasBailliet

Search Criteria : 6 assertions found for this search Review filtered assertions

Assertion

Applies to

Coverage