Introduction

This is a draft of the Cross-Enterprise User Assertion Profile supplement to the IT Infrastructure Technical Framework. This draft is a work in progress, not the official supplement or profile.

Profile Abstract

The Cross-Enterprise User Assertion (XUA) Profile provides a trustable user identity for transactions that cross enterprise boundaries. The user identities may be centrally managed, or distributed.

Glossary

XUA

Cross-Enterprise User Assertion (Formerly Cross-Enterprise User Authentication)

Issue Log

Open Issues

1. Content for this profile have been vetted to be used to provide trusable user identity for the use in the XDS Stored Query and XDS Web Services Retrieve Transactions. The final content profile can only be determined after technical assessment by the full IT Infrastructure Technical Committee.
   

Closed Issues

Systems

Typical systems involved:

• XDS Document Consumers
• XDS Registry
• XDS Repository

Data Standards

• [SAMLTechOvw] SAML V2.0 Technical Overview (still in active development) http://www.oasis-open.org/committees/download.php/12938/sstc-saml-tech-overview-2.0-draft-06.pdf
• SAML Tutorial presentation by Eve Maler of Sun Microsystems http://www.oasis-open.org/committees/download.php/12958/SAMLV2.0-basics.pdf
• SAML V2.0 Standards http://www.oasis-open.org/committees/security/.

Technical Approach

Risks

Summary

References

Volume 1

Add the following bullet to the list of profiles

Dependencies

Add the following row(s) to the list of dependencies

Profile Name

Use Case

Emergency Department Visit

Real-Life Example

Actors

• X-Assertion Provider – This is a SAML Identity Provider (IDP), and is not further specified by IHE.
• X-Service User – This is the system making a web-services request. In the first year this is the XDS-Document Consumer Actor.
• X-Service Provider – This is the system providing the web-service. In the first year this is the XDS-Document Registry and XDS-Document Repository Actors.

Volume 2