net.ihe.gazelle.assets.SearchCriteria : 21 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ITI40ITI40-015reviewedNot testable 0 3 An X-Service User may ignore a ProxyRestriction condition.144Section 3.40.4.1.29/17/19 4:56:07 PM by mtoudic
ITI40ITI40-016reviewedNot testable 0 3 An X-Service Provider may ignore a ProxyRestriction condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)144Section 3.40.4.1.29/17/19 4:56:13 PM by mtoudic
ITI40ITI40-017reviewedNot testable 0 3 An X-Service User may ignore a OneTimeUsecondition.144Section 3.40.4.1.29/17/19 4:56:18 PM by mtoudic
ITI40ITI40-018reviewedNot testable 0 3 An X-Service Provider may ignore a OneTimeUse condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)144Section 3.40.4.1.29/17/19 4:56:24 PM by mtoudic
ITI40ITI40-020reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute.144Section 3.40.4.1.29/17/19 4:56:30 PM by mtoudic
ITI40ITI40-022reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with an Subject Organization attribute. If present, the value of the Subject Organization shall be a plain text description of the organization.144Section 3.40.4.1.29/17/19 4:56:34 PM by mtoudic
ITI40ITI40-023reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Organization ID attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:organization-id”.144Section 3.40.4.1.29/17/19 4:56:39 PM by mtoudic
ITI40ITI40-025reviewedNot testable 0 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Home Community ID attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:ihe:iti:xca:2010:homeCommunityId”. The value shall be the Home Community ID (an Object Identifier) assigned to the Community that is initiating the request (ie the X-Service User, using the urn format (that is, “urn:oid:” appended with the OID).144Section 3.40.4.1.29/17/19 4:54:03 PM by mtoudic
ITI40ITI40-026reviewedNot testable 0 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a National Provider Identifier (NPI) attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:npi”.144Section 3.40.4.1.29/17/19 4:54:16 PM by mtoudic
ITI40ITI40-027reviewedNot testable 0 3 The SAML assertion sent by the X-Service User may contain other Attributes than those listed above.144Section 3.40.4.1.29/17/19 4:54:35 PM by mtoudic
ITI40ITI40-029reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain other statements.150Section 3.40.4.1.39/17/19 4:54:41 PM by mtoudic
ITI40ITI40-041reviewedNot testable 0 3 Note: All assertions for this AIPO are stated as "may" in the TF documentation. The CASC XUA tests will need to document a policy regarding the purpose-of-use codes and write a test to have the Provider enforce the policy.The X-Service Provider may utilize the Subject-Role values in local policy for access control decision making151Section 3.40.4.1.3.19/17/19 4:54:55 PM by mtoudic
ITI40ITI40-042reviewedNot testable 0 3 The X-Service Provider may need to bridge the Subject-Role values into local role vocabulary.151Section 3.40.4.1.3.19/17/19 4:54:59 PM by mtoudic
ITI40ITI40-043reviewedNot testable 0 3 The Subject-Role may be used to populate the ATNA Audit Message.151Section 3.40.4.1.3.19/17/19 4:55:03 PM by mtoudic
ITI40ITI40-044reviewedNot testable 0 3 Note: All assertions for this AIPO are stated as "may" in the TF documentation. The CASC XUA tests will need to document a policy regarding the purpose-of-use codes and write a test to have the Provider enforce the policy.When the Authz-Consent Option is used, the X-Service Provider may utilize the Authz-Consent values in local policy for access control decision making. The values are informative to the X-Service Provider which may choose to ignore the values.151Section 3.40.4.1.3.29/17/19 4:55:17 PM by mtoudic
ITI40ITI40-045reviewedNot testable 0 3 This may require the X-Service Provider to lookup the metadata by reference to the values given, and may require the X-Service Provider to retrieve the consent documents.151Section 3.40.4.1.3.29/17/19 4:51:37 PM by mtoudic
ITI40ITI40-046reviewedNot testable 0 3 The Authz-Consent value may be used to populate the ATNA Audit Message.151Section 3.40.4.1.3.29/17/19 4:52:56 PM by mtoudic
ITI40ITI40-048reviewedNot testable 0 4 The X-Service Provider MAY use the PurposeOfUse value in Access Control decisions.151Section 3.40.4.1.3.39/17/19 4:53:10 PM by mtoudic
ITI40ITI40-056reviewedNot testable 0 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute.148Section 3.40.4.1.2.29/17/19 4:53:29 PM by mtoudic
ITI40ITI40-057reviewedNot testable 0 3 The value of the Patient Identifier attribute is recommended when the InstanceAccessConsentPolicy attribute is specified in an Authorization Decision Statement. 148Section 3.40.4.1.2.29/17/19 4:57:28 PM by mtoudic