|Scope:||The Entity Identity Assertion Component provides the mechanisms to ensure that an entity is the person or application that claims the identity provided. An example of this Component is the validation and assertion of a consumer logging on to a Personal Health Record (PHR) system. |
The meaning of the Entity Identity Assertion Component will vary depending on the perspective taken by the implementer of HITSP constructs. The scope of this Component is limited by the context of AHIC Use Cases to the servicing of requests by a service provider from a service user (which can be defined as any of the business actors currently identified within HITSP Interoperability Specifications). The Component is designed to work in conjunction with the collection of an audit trail (as defined in HITSP/T15 - Collect and Communicate Security Audit Trail) and with the maintenance of consistent time (as defined in HITSP/T16 - Consistent Time).
The scope of this Component represented by all scenarios in which HITSP constructs interact across enterprise boundaries, as well as interactions that may occur within an enterprise, i.e., the assertion mechanism is the same whether the Use Case scenarios are within an enterprise or across enterprises. The scope of this Component is also limited to how to correctly assert the identity of a service user to a service provider.
The specific perspective chosen for this Component is to leverage the IHE Cross-Enterprise User Authentication (XUA) Supplement to the IHE-ITI-TF-2. The technological mechanism that this IHE profile relies on is Security Assertion Markup Language (SAML) assertions. This Component also provides support for evolving and ongoing work to support web services through constraining the Web Service-Security standards.
|is a component of||HITSP||HITSP IS06 Quality Interoperability Specification Compare these items|
|further defines||HITSP||HITSP SC108 Access Control V1.0 July 8, 2009 Compare these items|
|further defines||HITSP||HITSP SC108 Access Control V1.1 25 Jan 2010 Compare these items|
|is a component of||HITSP||No Data Mapping|
There are no Value Domains linked to HITSP C19 Entity Identity Assertion Component V.