Search Criteria : 21 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ITI40ITI40-002reviewedTestable 0 3 The X-Service Provider uses the X-Assertion Provider as the third party issuer of the X-User assertion147Section 3.40.12/15/17 6:00:10 PM by ceoche
ITI40ITI40-004reviewedTestable 0 3 The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary149Section 3.40.1.12/15/17 6:00:10 PM by ceoche
ITI40ITI40-009reviewedTestable 1 3 The SAML assertion sent by the X-Service User shall contain a Subject. The Subject contains the logical identifier of the principal performing the original service request150Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-010reviewedTestable 0 3 The Subject in the SAML assertion sent by the X-Service User shall remain unchanged through operations acting on the assertion.150Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-011reviewedTestable 1 3 The Subject in the SAML assertion sent by the X-Service User shall contain a SubjectConfirmation element.150Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-012reviewedTestable 0 3 The X-Service User shall support the bearer confirmation method as defined in the SAML 2.0 Profile specification, Section 3.150Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-013reviewedTestable 1 3 In the SAML Assertion Conditions element, the NotBefore element shall be populated with the issue instant of the Assertion150Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-014reviewedTestable 1 3 The SAML Assertion Conditions element, shall contain an AudienceRestriction containing an Audience whose value is a URI identifying the X-Service Provider.150Section 3.40.4.1.28/23/21 7:20:55 PM by matt
ITI40ITI40-021reviewedTestable 0 3 If the Subject ID is present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:subject-id”. The name of the user shall be placed in the value of the <AttributeValue> element.151Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-022reviewedTestable 1 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with an Subject Organization attribute. If present, the value of the Subject Organization shall be a plain text description of the organization.151Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-023reviewedTestable 1 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Organization ID attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:organization-id”.151Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-024reviewedTestable 0 3 A unique identifier for the organization that the user is representing in performing this transaction shall be placed in the value of the <AttributeValue> element of the organization ID Attribute Statement element. This organization ID shall be consistent with the plain-text name of the organization provided in the User Organization Attribute. The organization ID may be an Object Identifier (OID), using the urn format (that is, “urn:oid:” appended with the OID); or it may be a URL assigned to that organization.151Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-025reviewedTestable 1 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Home Community ID attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:ihe:iti:xca:2010:homeCommunityId”. The value shall be the Home Community ID (an Object Identifier) assigned to the Community that is initiating the request (ie the X-Service User, using the urn format (that is, “urn:oid:” appended with the OID).152Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-026reviewedTestable 1 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a National Provider Identifier (NPI) attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:npi”.152Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-027reviewedTestable 0 3 The SAML assertion sent by the X-Service User may contain other Attributes than those listed above.152Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-028reviewedTestable 0 3 The SAML assertion sent by the X-Service User shall be signed by the X-Assertion Provider as devined in SAML Core.152Section 3.40.4.1.22/15/17 6:00:10 PM by ceoche
ITI40ITI40-050reviewedTestable 3 3 When an ATNA Audit message needs to be generated and the user is authenticated by way of an X-User Assertion, the ATNA Audit message UserNameelement shall record the X-User Assertion using the following encoding: alias"<"user"@"issuer">" where: • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute • user is the required content of the SAML Assertion's Subject element • issuer is the X-Assertion Provider entity ID contained with the content of SAML Assertion's Issuer element156Section 3.40.4.22/15/17 6:00:11 PM by ceoche
XUAXUA-005reviewedTestable 1 2 X-Service Provider shall support [ITI-40]137Section 13.4-12/15/17 6:00:12 PM by ceoche
XUAXUA-013reviewedTestable 1 2 The X-Service Provider shall protect the X-User Assertion. If the system supports ATNA, then TLS meets this requirement. If the system does not support ATNA, then it shall provide another mechanism to protect the X-User Assertion.139Section 13.6.12/15/17 6:00:12 PM by ceoche
XUAXUA-015reviewedTestable 1 2 The X-Service Provider shall represent the X-User Assertion in ATNA Audit Messages according the the encoding rules in ITI TF-2b: 3.40.4.2139Section 13.6.12/15/17 6:00:12 PM by ceoche