Cross-Enterprise User Assertion (XUA) Profile
Introduction
This is a draft of the Cross-Enterprise User Assertion Profile supplement to the IT Infrastructure Technical Framework. This draft is a work in progress, not the official supplement or profile.
Profile Abstract
The Cross-Enterprise User Assertion (XUA) Profile provides a trustable user identity for transactions that cross enterprise boundaries. The user identities may be centrally managed, or distributed.
Glossary
- XUA
- Cross-Enterprise User Assertion (Formerly Cross-Enterprise User Authentication)
Issue Log
Open Issues
- Issue 1
Closed Issues
Systems
Typical systems involved:
- XDS Document Consumers
- XDS Registry
- XDS Repository
Data Standards
- [SAMLTechOvw] SAML V2.0 Technical Overview (still in active development) http://www.oasis-open.org/committees/download.php/12938/sstc-saml-tech-overview-2.0-draft-06.pdf
- SAML Tutorial presentation by Eve Maler of Sun Microsystems http://www.oasis-open.org/committees/download.php/12958/SAMLV2.0-basics.pdf
- SAML V2.0 Standards http://www.oasis-open.org/committees/security/.
Technical Approach
Risks
Summary
References
Volume 1
Add the following bullet to the list of profiles
Dependencies
Add the following row(s) to the list of dependencies
Profile Name
Use Case
Emergency Department Visit
Real-Life Example
Actors
- X-Assertion Provider – This is a SAML Identity Provider (IDP), and is not further specified by IHE.
- X-Service User – This is the system making a web-services request. In the first year this is the XDS-Document Consumer Actor.
- X-Service Provider – This is the system providing the web-service. In the first year this is the XDS-Document Registry and XDS-Document Repository Actors.