View Transaction

Id	Keyword	Name	Description
50	XUA	Cross Enterprise User Assertion	provides user identity in transactions that cross enterprise boundaries, specifically the XDS profile that creates an Affinity Domain. When transactions cross enterprise boundaries the mechanisms found in the EUA and PWP profile are insufficient and often nonfunctional. Enterprises may choose to have their own user directory and their own unique method of authenticating. To provide accountability in these cross enterprise transactions there is a need to identify the requesting user in a way that the receiver can make access decisions and proper audit entries.
241	epSOS-Authentication	epSOS-Authentication
355	AUTH	Authorization Framework	It defines the required exchange of information describing the initiator of a request between Health Information Organizations (HIOs) participating as nodes on the NHIN. The purpose of this information exchange is to enable a responding NHIO to evaluate the request based on the information contained in the initiating NHIOs assertions and its own local policies and permissions.

Id	actor	Integration profile	Option
692	X-SERVICE-USER - X-Service User	XUA - Cross Enterprise User Assertion	Required
693	X-SERVICE-PROVIDER - X-Service Provider	XUA - Cross Enterprise User Assertion	Required
1688	NCP-B - National Contact Point Country B	epSOS-Authentication - epSOS-Authentication	Required
1689	NCP-A - National Contact Point Country A	epSOS-Authentication - epSOS-Authentication	Required
2391	NHIO_INIT - initiating NHIO	AUTH - Authorization Framework	Required
2392	NHIO_RESP - responding NHIO	AUTH - Authorization Framework	Required

Id	Keyword	Name	Description
87	X-SERVICE-USER	X-Service User	X-Service User
88	X-SERVICE-PROVIDER	X-Service Provider	X-Service Provider
1181	NCP-A	National Contact Point Country A	This is the country of affiliation of the patient
1182	NCP-B	National Contact Point Country B	This is the country of care
1300	NHIO_INIT	initiating NHIO	NHIN node playing the role of an initiator
1301	NHIO_RESP	responding NHIO	NHIN node playing the role of a responder

Id	From Actor	To Actor
267	X-SERVICE-USER - X-Service User	X-SERVICE-PROVIDER - X-Service Provider
489	NCP-B - National Contact Point Country B	NCP-A - National Contact Point Country A
690	NHIO_INIT - initiating NHIO	NHIO_RESP - responding NHIO

Assertion Id	Description
ITI40-001	The X-Service User uses the X-Assertion Provider as the third party issuer of the X-User assertion
ITI40-002	The X-Service Provider uses the X-Assertion Provider as the third party issuer of the X-User assertion
ITI40-003	The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary
ITI40-004	The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary
ITI40-005	The X-Service User shall include the OASIS Web Services Security (WSS) Header
ITI40-006	The X-Service User shall include a SAML 2.0 Assertion as the security token
ITI40-007	Any ATNA Audit Messages that the X-Service User records in relationship to a transaction protected by the XUA shall have the user identity recorded according to the XUA specific ATNA encoding rules in Section 3.40.4.2 ATNA Audit encoding).
ITI40-008	Any ATNA Audit Messages recorded by Actor grouped with the X-Service User Actor, shall have the user identity recorded according to the XUA specific ATNA encoding rules (See 3.40.4.2 ATNA Audit encoding).
ITI40-009	The SAML assertion sent by the X-Service User shall contain a Subject. The Subject contains the logical identifier of the principal performing the original service request
ITI40-010	The Subject in the SAML assertion sent by the X-Service User shall remain unchanged through operations acting on the assertion.
ITI40-011	The Subject in the SAML assertion sent by the X-Service User shall contain a SubjectConfirmation element.
ITI40-012	The X-Service User shall support the bearer confirmation method as defined in the SAML 2.0 Profile specification, Section 3.
ITI40-013	In the SAML Assertion Conditions element, the NotBefore element shall be populated with the issue instant of the Assertion
ITI40-014	The SAML Assertion Conditions element, shall contain an AudienceRestriction containing an Audience whose value is a URI identifying the X-Service Provider.
ITI40-015	An X-Service User may ignore a ProxyRestriction condition.
ITI40-016	An X-Service Provider may ignore a ProxyRestriction condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)
ITI40-017	An X-Service User may ignore a OneTimeUsecondition.
ITI40-018	An X-Service Provider may ignore a OneTimeUse condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)
ITI40-019	The SAML assertion sent by the X-Service User shall contain an AuthnStatement to specify the AuthnContextClassRef or AuthnContextDeclRef
ITI40-020	The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute.

View Transaction

View Transaction Information