Please use a compatible browser :Google Chrome or Mozilla Firefox
Page expired. Any change will be lost. Try to refresh the page.
Gazelle update scheduled, unsaved changes will be lost :
Your session will timeout :
Redeployed...
Logged out...
The server is restarting. Any change will be lost.
 

Test : ATNA_Logging

Test Summary

Id
12796
Keyword
ATNA_Logging
Name
ATNA_Logging
Version
NA2016
Test Author
lynn
Last modifier
r.hilary
Status
ready
Type
connectathon
Is external tool ?
Is Orchestrable
is Validated ?
Peer Type
Peer To Peer
Short Description
Secure Node Sends Log Message to Audit Record Repository
Last changed
9/2/20 5:22:57 PM

Test Description in English

Short Description

Send an audit messages to a Audit Record Repository

Goal

This test verifies the required steps for a Secure Node or Secure Application send an Audit Message to an Audit Record Repository. 

Tested Components

  • Secure Node or Secure Application (SN or SA)
  • Audit Record Repository (ARR)

Prerequisite

A Secure Node or Secure Application must send audit messages to a vendor's Audit Record Repository using the SYSLOG protocol; a tool is not a valid partner for this test
 
Which Audit-Message XSD Schema is required? :
·        More Information to the DICOM schema can be found here.

Description

The purpose of the ATNA_Logging test is for your ATNA Secure Node or Secure Application to send one or more audit messages to an Audit Record Repository. 

The type of audit message depends on the nature of the Secure Node/Application.

The top priority for audit testing would be an event that involves access to a Document that would result in an audit message that includes a Patient ID.

If the Secure Node or Secure Application does not generate an audit message that includes a patient ID, we will accept a different audit message.

Only SYSLOG UDP or SYSLOG TLS over TCP is allowed

Evidence

The verification of the audit messages that are exchanged in this test is not necessary. 

That kind of verification is already done in the ATNA_Questionnaire test.


Evidence provided by the SN/SA:

  • XML of the Audit Message send
  • If you can trigger a non-message action (Login/Logout) please attach this XML too


Evidence provided by the ARR:

  • If the ARR has a User Interface please present the received audit messages.
  • Otherwise the ARR is asked to paste log evidence, database evidence, or a screen capture  

Evaluation

In order to verify the test the Connectathon monitor will ask the following:

The monitor will be able to confirm that what was sent by the SN and SA has been received and stored on the ARR.



Test Roles

Keyword
# to realize
Card Min
Card Max
Optionality
URL
URL Doc
SN_or_SA-ATNA
Integration profileActorOptionIs tested ?
Keyword
Keyword
Keyword
Keyword
IntegrationProfile ATNA-Audit Trail and Node Authentication Actor SA-Secure ApplicationNONEtrue
IntegrationProfile ATNA-Audit Trail and Node Authentication Actor SN-Secure NodeNONEtrue
311Required
ARR-ATNA
Integration profileActorOptionIs tested ?
Keyword
Keyword
Keyword
Keyword
IntegrationProfile ATNA-Audit Trail and Node Authentication Actor ARR-Audit Record RepositoryNONEtrue
311Required

Test Steps


Step Index
Initiator Role
Responder Role
Transaction
Secured
Message Type
Option
Description
Assertions
10ARR-ATNAARR-ATNAInstructionsRequiredSome ARRs have good user interfaces which make it easy for Monitors to find the sent audit messages. If your ARR has a web interface that the monitor can access remotely, in this test step please provide the details of the parameters to use to query for the audit message(s) exchanged in this test.
20ARR-ATNAARR-ATNAInstructionsRequired ***If your ARR does not have a web interface or GUI***, you are still compliant with the ATNA profile; however, to assist the Connectathon Monitor with evaluation, the ARR partner in the test must post time-stamped evidence from their local system log or database, or a screen shot that shows that it received the audit message from the SA/SN partner in this test. This saves the monitor's time -- and yours -- trying to hunt for logs within the ARR. Attach the log file to this test step.
30ARR-ATNAARR-ATNAInstructionsRequiredIf evidence for the monitor is not in either Step 10 or 20, the monitor will not verify this test.
100SN_or_SA-ATNASN_or_SA-ATNAInstructionsRequiredSecure Node or Secure Application engages in some transaction that triggers an audit message. In the best scenario, this includes a specific Patient ID, but that is not required. If a Patient ID is used, please paste it into this test step, along with the transaction you sent, eg PatientID=XXXX, Transaction=ITI-43.
110SN_or_SA-ATNAARR-ATNAITI-20Record Audit MessageRequiredSecure Node or Secure Application sends audit message. Attach a copy of the XML for your audit message in this test step.
120SN_or_SA-ATNAARR-ATNAITI-20Record Audit MessageOptionalIf your Secure Node can trigger an audit message by a non-message action (eg application start/stop or many others), you perform that action and send the associated audit log. Attach a copy of the XML for your audit message in this test step.

Tool index

  • Simulators

    Copyright IHE 2024
  • Gazelle 7.1.7
Back to top