net.ihe.gazelle.assets.SearchCriteria : 82 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
CH-ADRCH-ADR-001reviewedTestable 13 2 See also: Section 3.1.6.3 Page 17This transaction is based on SOAP v1.2 exchange protocol and Synchronous Web services (see Section 3.1.1 Scope)11Section 3.1.19/13/19 4:00:03 PM by aeschlimann
CH-ADRCH-ADR-002reviewedTestable 13 3 -The Authorization Decision Consumercan ask for authorization regarding a number of Resources in one query as the request message complies with the Multiple Resource Profile of XACML v2.0 (see Section 3.1.4 XACMLAuthzDecisionQuery Request)12Section 3.1.49/13/19 4:00:07 PM by aeschlimann
CH-ADRCH-ADR-003reviewedTestable 13 2 Checking only the BODY part of the messageThe WS-Addressing Action header SHALL have this value:urn:e-health-suisse:2015:policy-enforcement:AuthorizationDecisionRequest (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:09 PM by aeschlimann
CH-ADRCH-ADR-004reviewedTestable 13 2 Checking only the BODY part of the messageThe recipient of the Authorization Decision Query SHALL be identified by the WS-Addressing <wsa:To>element in the header (URL of the endpoint) (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:11 PM by aeschlimann
CH-ADRCH-ADR-005reviewedTestable 13 2 Checking only the BODY part of the messageThe value of the WS-Addressing To header (see Req. 4) SHALL be a URL, specifically the recipient's endpoint (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:14 PM by aeschlimann
CH-ADRCH-ADR-006reviewedTestable 13 3 Checking only the BODY part of the messageA SAML 2.0 Identity Assertion SHALL be conveyed within the WS-Security Security header (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:17 PM by aeschlimann
CH-ADRCH-ADR-007reviewedTestable 13 2 FAIL_adr_request_sample_1_XACMLAuthzDecisionQuery_Structure.xmlThe body of the message SHALL use an <XACMLAuthzDecisionQuery>element (defined in the SAML 2.0 Profile for XACML v2.0) to convey a <Request> with the Authorization Query parameters (Subject, Resource, Action, Environment). (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:19 PM by aeschlimann
CH-ADRCH-ADR-008reviewedTestable 13 2 FAIL_adr_request_sample_2_XACMLAuthzDecisionQuery_Opening_Tags_Attributes.xmlThe <XACMLAuthzDecisionQuery> element (see Req. 7) SHALL contain a @ReturnContext attribute that SHOULD be set to "false" (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:21 PM by aeschlimann
CH-ADRCH-ADR-009reviewedTestable 13 2 FAIL_adr_request_sample_2_XACMLAuthzDecisionQuery_Opening_Tags_Attributes.xmlThe <XACMLAuthzDecisionQuery> element (see Req. 7) SHALL contain a @InputContextOnly attribute that SHALL be set to "false" (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:24 PM by aeschlimann
CH-ADRCH-ADR-010reviewedTestable 13 2 FAIL_adr_request_sample_1_XACMLAuthzDecisionQuery_Structure.xmlThe <XACMLAuthzDecisionQuery> element (see Req. 7) SHALL have only one child element <Request> (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:26 PM by aeschlimann
CH-ADRCH-ADR-011reviewedTestable 13 2 FAIL_adr_request_sample_3_Request_Element_Structure.xmlThe <Request> element SHALL contain only 4 types of XACML child elements, namely <Subject>, <Resource>, <Action> and <Environment> (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:29 PM by aeschlimann
CH-ADRCH-ADR-012reviewedTestable 13 2 FAIL_adr_request_sample_3_Request_Element_Structure.xmlThe <Request> element SHALL contain only one <Subject> child element, one <Action> child element and one <Environment> child element (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:31 PM by aeschlimann
CH-ADRCH-ADR-013reviewedTestable 13 2 FAIL_adr_request_sample_3_Request_Element_Structure.xmlThe <Request> element MAY contain more than one <Resource> child elements (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:33 PM by aeschlimann
CH-ADRCH-ADR-014reviewedTestable 13 2 FAIL_adr_request_sample_3_Request_Element_Structure.xml<Request> and all subsequent elements, attributes and values SHALL comply to the namespace: xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" (see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:36 PM by aeschlimann
CH-ADRCH-ADR-015reviewedTestable 13 2 FAIL_adr_request_sample_4_Subject_Element_Structure.xml See also: Page 20The <Subject> element (see Req. 11) SHALL have at least the 6 following <Attribute> child elements:@AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" @DataType="http://www.w3.org/2001/XMLSchema#string"@AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id-qualifier" @DataType="http://www.w3.org/2001/XMLSchema#string"@AttributeId="urn:ihe:iti:xca:2010:homeCommunityId" @DataType="http://www.w3.org/2001/XMLSchema#anyURI"@AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" @DataType="urn:hl7-org:v3#CV"@AttributeId="urn:oasis:names:tc:xacml:2.0:subject:organization-id" @DataType="http://www.w3.org/2001/XMLSchema#anyURI"@AttributeId="urn:oasis:names:tc:xacml:2.0:subject:purposeofuse" @DataType="urn:hl7-org:v3#CV"(see Section 3.1.6.5 Semantics)14Section 3.1.6.59/13/19 4:00:49 PM by aeschlimann
CH-ADRCH-ADR-016reviewedTestable 13 2 FAIL_adr_request_sample_5_Subject_Element_Missing_Subject_id_Attribute.xml & FAIL_adr_request_sample_6_Subject_Element_Wrong_Subject_id_Attribute.xmlThe <AttributeValue> child element SHALL convey the subject identifier (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:51 PM by aeschlimann
CH-ADRCH-ADR-017reviewedTestable 13 2 -The <AttributeValue> child element SHALL have the same value of the /Subject/NameID element conveyed within the SAML assertion (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:54 PM by aeschlimann
CH-ADRCH-ADR-018reviewedTestable 13 2 FAIL_adr_request_sample_7_Subject_Element_Missing_Subject_id_qualifier_Attribute.xml & FAIL_adr_request_sample_8_Subject_Element_Wrong_Subject_id_qualifier_Attribute.xmlThe <AttributeValue> child element SHALL convey the subject ID qualifier (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:56 PM by aeschlimann
CH-ADRCH-ADR-019reviewedTestable 13 2 FAIL_adr_request_sample_27_Subject_Element_InvalidInput_Subjectidqualifier_Attribute.xmlThe <AttributeValue> child element SHALL be equal to urn:e-health-suisse:2015:epr-spid (in case of patient), urn:e-health-suisse:representative-id (in cas of a representative) or equal to urn:gs1:gln (in case of a healthcare professional or auxiliary person) (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:00:59 PM by aeschlimann
CH-ADRCH-ADR-020reviewedTestable 13 2 -The <AttributeValue> child element SHALL have the same value as the /Subject/NameID/@NameQualifier element conveyed within the SAML assertion (see Section 3.1.6.5 Semantics) 14Section 3.1.6.59/13/19 4:01:01 PM by aeschlimann