net.ihe.gazelle.assets.SearchCriteria : 8 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ATNAATNA-1Testable 1 4 I think this is redundant to ATNA-11. This is just a generic statement about the ITI-19 transaction. > No, the use of bi-directionnal certificate authentication is implicit in ITI19-1, this assertion makes it explicit.The Audit Trail and Node Authentication Integration Profile requires the use of bi-directional certificate-based node authentication for connections to and from each node.72Section 9.48/26/19 5:25:26 PM by ceoche
ATNAATNA-14Testable 2 2 I disagree with this assertion. Section 9.7 reads "If the product claims only to include the Secure Application Actor, that indicates that only those security features that apply to the application features are provided by the product." I expect SAs to support ITI-19 for its IHE transactions that carry PHI. > Yes, this is the philosophy of the SA actor in the TF : "required only for transactions containing PHI". According to 2nd Review group, the TF is the reference, so we won't delete this assertion.Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Authentication Node [ITI-19] transaction69Table 9.1-18/26/19 5:25:26 PM by ceoche
ATNAATNA-15Testable 0 2 Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Maitain Time [ITI-1] transaction72Table 9.3-14/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-16Testable 0 2 see previous comment on ITI-19Secure Application actor which claims support for the Audit Trail and Node Authentication (ATNA) integration profile may perform the Record Audit Event [ITI-20] transaction69Table 9.1-14/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-2Testable 1 3 probably not a testable assertionSecure Nodes shall either prohibit, or be designed and verified to prevent access to PHI, whenever connections are not bi-directionally node-authenticated .69Section 9.1.18/26/19 5:25:26 PM by ceoche
ATNAATNA-24Testable 0 2 Secure Application actors may support the Radiology Audit Trail option71Table 9.2-14/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-4Testable 0 4 The mechanism for logging audit record messages to the audit record repository shall be either Transmission of Syslog Messages over UDP (RFC5426) with The Syslog Protocol (RFC5424) which formalizes and obsoletes Syslog (RFC-3164), either 2) Transmission of Syslog Messages over TLS (RFC5425) with The Syslog Protocol (RFC5424) which formalizes sending syslog messages over a streaming protocol protectable by TLS.72Section 9.34/30/19 4:13:19 PM by NicolasBailliet
ATNAATNA-6Testable 0 4 A means must be provided to upload the required certificates to the implementation, e.g., via floppy disk or file transfer via network. 72Section 9.44/30/19 4:13:19 PM by NicolasBailliet