HL7 Terminology (THO)
5.2.0 - Publication International flag

This page is part of the HL7 Terminology (v5.2.0: Release) based on FHIR R4. This is the current published version in its permanent home (it will always be available at this URL). For a full list of available versions, see the Directory of published versions

ValueSet: SecurityTrustObservationType

Official URL: http://terminology.hl7.org/ValueSet/v3-SecurityTrustObservationType Version: 2.0.1
Active as of 2023-06-02 Computable Name: SecurityTrustObservationType
Other Identifiers: id: urn:oid:2.16.840.1.113883.1.11.20531

Type of security metadata observation made about aspects of trust applicable to an IT resource (data, information object, service, or system capability). Trust applicable to IT resources is established and maintained in and among security domains, and may be comprised of observations about the domain’s trust authority, trust framework, trust policy, trust interaction rules, means for assessing and monitoring adherence to trust policies, mechanisms that enforce trust, and quality and reliability measures of assurance in those mechanisms. [Based on ISO IEC 10181-1 and NIST SP 800-63-2]

Usage Note: SecurityTrustObservationType may be used as a trust attribute in a computable trust policy, trust credential, trust assertion, or trust label field in a security label and populated with trust observation values. The valued trust attributes may be used for used for authentication, authorization, and access control decisions. These may also be used to negotiate trust relationships, adjudicate or bridge trust policies, and to specify requirements for participation in a Trust Domain or for asserting compliance with a Trust Framework.

References

This value set is not used here; it may be used elsewhere (e.g. specifications and/or implementations that use this content)

Logical Definition (CLD)

 

Expansion

This value set contains 6 concepts

Expansion based on ActCode v8.0.1 (CodeSystem)

LevelCodeSystemDisplayDefinition
1  SECTRSTOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodeSECTRSTOBS

An observation identifying trust metadata about an IT resource (data, information object, service, or system capability), which may be used as a trust attribute to populate a computable trust policy, trust credential, trust assertion, or trust label field in a security label or trust policy, which are principally used for authentication, authorization, and access control decisions.

2    TRSTACCRDOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust accreditation observation

Type of security metadata observation made about the formal declaration by an authority or neutral third party that validates the technical, security, trust, and business practice conformance of Trust Agents to facilitate security, interoperability, and trust among participants within a security domain or trust framework.

2    TRSTAGREOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust agreement observation

Type of security metadata observation made about privacy and security requirements with which a security domain must comply. [ISO IEC 10181-1]

2    TRSTCERTOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust certificate observation

Type of security metadata observation made about a set of security-relevant data issued by a security authority or trusted third party, together with security information which is used to provide the integrity and data origin authentication services for an IT resource (data, information object, service, or system capability). [Based on ISO IEC 10181-1]

For example,

  • A Certificate Policy (CP), which is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. For example, a particular Certificate Policy might indicate the applicability of a type of certificate to the authentication of electronic data interchange transactions for the trading of goods within a given price range. [Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants.
  • A Certificate Practice Statement (CSP), which is a statement of the practices which an Authority employs in issuing and managing certificates. [Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants.]
2    TRSTFWKOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust framework observation

Type of security metadata observation made about a complete set of contracts, regulations or commitments that enable participating actors to rely on certain assertions by other actors to fulfill their information security requirements. [Kantara Initiative]

2    TRSTLOAOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust assurance observation

Type of security metadata observation made about the digital quality or reliability of a trust assertion, activity, capability, information exchange, mechanism, process, or protocol.

2    TRSTMECOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodetrust mechanism observation

Type of security metadata observation made about a security architecture system component that supports enforcement of security policies.


Explanation of the columns that may appear on this page:

Level A few code lists that FHIR defines are hierarchical - each code is assigned a level. In this scheme, some codes are under other codes, and imply that the code they are under also applies
System The source of the definition of the code (when the value set draws in codes defined elsewhere)
Code The code (used as the code in the resource instance)
Display The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application
Definition An explanation of the meaning of the concept
Comments Additional notes about how to use the code

History

DateActionCustodianAuthorComment
2022-10-18reviseTSMGMarc DuteauFixing missing metadata; up-349
2020-05-06reviseVocabulary WGTed KleinMigrated to the UTG maintenance environment and publishing tooling.
2014-08-07revise2014T2_2014-08-07_001306 (RIM release ID)FHIR (Kathleen Connor) (no record of original request)Add ActTrustPolicyType concept domain to ActPolicyType branch of the ActCode concept domain. Add TrustPolicy concept codes to the Act.code system. Add 15 value sets binding c:TrustPolicy to 15 Concept Domains.