Difference between revisions of "ITI XUA Extension"
Jump to navigation
Jump to search
JohnMoehrke (talk | contribs) (→Notes) |
JohnMoehrke (talk | contribs) |
||
Line 3: | Line 3: | ||
==Detailed proposal== | ==Detailed proposal== | ||
− | [ftp://ftp.ihe.net/IT_Infrastructure/iheitiyr8-2010-2011/Technical_Cmte/Detailed-Profile-Proposals/IHE_ITI_XUA_Option_Proposal_Detailed_FINAL_2009-2010_hornr.doc XUA Extension detailed proposal] | + | [ftp://ftp.ihe.net/IT_Infrastructure/iheitiyr8-2010-2011/Technical_Cmte/Detailed-Profile-Proposals/IHE_ITI_XUA_Option_Proposal_Detailed_FINAL_2009-2010_hornr.doc XUA Extension detailed proposal] November 20, 2009 |
==Use Cases== | ==Use Cases== |
Revision as of 18:10, 3 February 2010
History
Detailed proposal
XUA Extension detailed proposal November 20, 2009
Use Cases
- Role-Based-Access Control: Need to specify a fuller vocabulary of attributes needed for access control decisions.
- Consent/Authorization: Need to carry an indicator of BPPC document that is relevant to the transaction
- Level Of Assurance for (a) the authentication event, and/or (b) the provisioning of the account
- Extended Audit Logging: Support descriptive identifiers to support environments where post-processing doesn’t have access to directory for id translation into description.
- Purpose-of-Use: Carry in the assertion purpose-of-use, including support for Break-Glass / Emergency-Mode-Access
- Relationship-to-Patient: Carry the indicator of the patient, relationship to patient, location of patient
Supplement for Public Comment
Security Assessment
Resources
OASIS XSPA - SAML
OASIS SAML Assurance Profile Draft
epSOS Experience with XSPA
NHIN Messaging Framework, Authorization Framework
Notes
Current NHIN specifications Return to ITI Technical Committee