HL7 Terminology (THO)
3.1.0 - Publication
This page is part of the HL7 Terminology (v3.1.0: Release) based on FHIR R4. The current version which supercedes this version is 5.2.0. For a full list of available versions, see the Directory of published versions
Official URL: http://terminology.hl7.org/ValueSet/v3-SecurityTrustObservationType | Version: 2.0.0 | |||
Active as of 2014-08-07 | Computable Name: SecurityTrustObservationType | |||
Other Identifiers: : urn:oid:2.16.840.1.113883.1.11.20531 |
Type of security metadata observation made about aspects of trust applicable to an IT resource (data, information object, service, or system capability). Trust applicable to IT resources is established and maintained in and among security domains, and may be comprised of observations about the domain’s trust authority, trust framework, trust policy, trust interaction rules, means for assessing and monitoring adherence to trust policies, mechanisms that enforce trust, and quality and reliability measures of assurance in those mechanisms. [Based on ISO IEC 10181-1 and NIST SP 800-63-2]
Usage Note: SecurityTrustObservationType may be used as a trust attribute in a computable trust policy, trust credential, trust assertion, or trust label field in a security label and populated with trust observation values. The valued trust attributes may be used for used for authentication, authorization, and access control decisions. These may also be used to negotiate trust relationships, adjudicate or bridge trust policies, and to specify requirements for participation in a Trust Domain or for asserting compliance with a Trust Framework.
References
This value set is not used here; it may be used elsewhere (e.g. specifications and/or implementations that use this content)
http://terminology.hl7.org/CodeSystem/v3-ActCode
where concept is-a SECTRSTOBS
This value set contains 6 concepts
Expansion based on ActCode v6.1.0 (CodeSystem)
All codes in this table are from the system http://terminology.hl7.org/CodeSystem/v3-ActCode
Lvl | Code | Display | Definition |
0 | SECTRSTOBS | SECTRSTOBS | An observation identifying trust metadata about an IT resource (data, information object, service, or system capability), which may be used as a trust attribute to populate a computable trust policy, trust credential, trust assertion, or trust label field in a security label or trust policy, which are principally used for authentication, authorization, and access control decisions. |
1 | TRSTACCRDOBS | trust accreditation observation | Type of security metadata observation made about the formal declaration by an authority or neutral third party that validates the technical, security, trust, and business practice conformance of Trust Agents to facilitate security, interoperability, and trust among participants within a security domain or trust framework. |
1 | TRSTAGREOBS | trust agreement observation | Type of security metadata observation made about privacy and security requirements with which a security domain must comply. \[ISO IEC 10181-1\] |
1 | TRSTCERTOBS | trust certificate observation | Type of security metadata observation made about a set of security-relevant data issued by a security authority or trusted third party, together with security information which is used to provide the integrity and data origin authentication services for an IT resource (data, information object, service, or system capability). \[Based on ISO IEC 10181-1\] **For example,** * A Certificate Policy (CP), which is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. For example, a particular Certificate Policy might indicate the applicability of a type of certificate to the authentication of electronic data interchange transactions for the trading of goods within a given price range. \[Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants. * A Certificate Practice Statement (CSP), which is a statement of the practices which an Authority employs in issuing and managing certificates. \[Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants.\] |
1 | TRSTFWKOBS | trust framework observation | Type of security metadata observation made about a complete set of contracts, regulations or commitments that enable participating actors to rely on certain assertions by other actors to fulfill their information security requirements. \[Kantara Initiative\] |
1 | TRSTLOAOBS | trust assurance observation | Type of security metadata observation made about the digital quality or reliability of a trust assertion, activity, capability, information exchange, mechanism, process, or protocol. |
1 | TRSTMECOBS | trust mechanism observation | Type of security metadata observation made about a security architecture system component that supports enforcement of security policies. |
Explanation of the columns that may appear on this page:
Level | A few code lists that FHIR defines are hierarchical - each code is assigned a level. In this scheme, some codes are under other codes, and imply that the code they are under also applies |
System | The source of the definition of the code (when the value set draws in codes defined elsewhere) |
Code | The code (used as the code in the resource instance) |
Display | The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application |
Definition | An explanation of the meaning of the concept |
Comments | Additional notes about how to use the code |
History
Date | Action | Author | Custodian | Comment |
2020-05-06 | revise | Ted Klein | Vocabulary WG | Migrated to the UTG maintenance environment and publishing tooling. |
2014-08-07 | revise | FHIR (Kathleen Connor) (no record of original request) | 2014T2_2014-08-07_001306 (RIM release ID) | Add ActTrustPolicyType concept domain to ActPolicyType branch of the ActCode concept domain. Add TrustPolicy concept codes to the Act.code system. Add 15 value sets binding c:TrustPolicy to 15 Concept Domains. |