SecurityTrustObservationType - HL7 Terminology (THO) v5.5.0

HL7 Terminology (THO)
5.5.0 - Publication International flag

This page is part of the HL7 Terminology (v5.5.0: Release) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

ValueSet: SecurityTrustObservationType

Official URL: http://terminology.hl7.org/ValueSet/v3-SecurityTrustObservationType		Version: 3.0.0
Active as of 2023-06-02	Responsible: Health Level Seven International	Computable Name: SecurityTrustObservationType
Other Identifiers: urn:ietf:rfc:3986#Uniform Resource Identifier (URI)#urn:oid:2.16.840.1.113883.1.11.20531
Copyright/Legal: This material derives from the HL7 Terminology THO. THO is copyright ©1989+ Health Level Seven International and is made available under the CC0 designation. For more licensing information see: https://terminology.hl7.org/license

Type of security metadata observation made about aspects of trust applicable to an IT resource (data, information object, service, or system capability). Trust applicable to IT resources is established and maintained in and among security domains, and may be comprised of observations about the domain’s trust authority, trust framework, trust policy, trust interaction rules, means for assessing and monitoring adherence to trust policies, mechanisms that enforce trust, and quality and reliability measures of assurance in those mechanisms. [Based on ISO IEC 10181-1 and NIST SP 800-63-2]

Usage Note: SecurityTrustObservationType may be used as a trust attribute in a computable trust policy, trust credential, trust assertion, or trust label field in a security label and populated with trust observation values. The valued trust attributes may be used for used for authentication, authorization, and access control decisions. These may also be used to negotiate trust relationships, adjudicate or bridge trust policies, and to specify requirements for participation in a Trust Domain or for asserting compliance with a Trust Framework.

References

This value set is not used here; it may be used elsewhere (e.g. specifications and/or implementations that use this content)

Logical Definition (CLD)

Include codes from http://terminology.hl7.org/CodeSystem/v3-ActCode where concept is-a SECTRSTOBS

Expansion

Expansion based on codesystem ActCode v9.0.0 (CodeSystem)

This value set contains 7 concepts.

Level	Code	System	Display	Definition
1	SECTRSTOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	SECTRSTOBS	An observation identifying trust metadata about an IT resource (data, information object, service, or system capability), which may be used as a trust attribute to populate a computable trust policy, trust credential, trust assertion, or trust label field in a security label or trust policy, which are principally used for authentication, authorization, and access control decisions.
2	TRSTACCRDOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust accreditation observation	Type of security metadata observation made about the formal declaration by an authority or neutral third party that validates the technical, security, trust, and business practice conformance of Trust Agents to facilitate security, interoperability, and trust among participants within a security domain or trust framework.
2	TRSTAGREOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust agreement observation	Type of security metadata observation made about privacy and security requirements with which a security domain must comply. [ISO IEC 10181-1]
2	TRSTCERTOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust certificate observation	Type of security metadata observation made about a set of security-relevant data issued by a security authority or trusted third party, together with security information which is used to provide the integrity and data origin authentication services for an IT resource (data, information object, service, or system capability). [Based on ISO IEC 10181-1] For example, A Certificate Policy (CP), which is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. For example, a particular Certificate Policy might indicate the applicability of a type of certificate to the authentication of electronic data interchange transactions for the trading of goods within a given price range. [Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants. A Certificate Practice Statement (CSP), which is a statement of the practices which an Authority employs in issuing and managing certificates. [Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 Copyright 2011 by Canadian Institute of Chartered Accountants.]
2	TRSTFWKOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust framework observation	Type of security metadata observation made about a complete set of contracts, regulations or commitments that enable participating actors to rely on certain assertions by other actors to fulfill their information security requirements. [Kantara Initiative]
2	TRSTLOAOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust assurance observation	Type of security metadata observation made about the digital quality or reliability of a trust assertion, activity, capability, information exchange, mechanism, process, or protocol.
2	TRSTMECOBS	http://terminology.hl7.org/CodeSystem/v3-ActCode	trust mechanism observation	Type of security metadata observation made about a security architecture system component that supports enforcement of security policies.

Explanation of the columns that may appear on this page:

Level

A few code lists that FHIR defines are hierarchical - each code is assigned a level. In this scheme, some codes are under other codes, and imply that the code they are under also applies

System

The source of the definition of the code (when the value set draws in codes defined elsewhere)

Code

The code (used as the code in the resource instance)

Display

The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application

Definition

An explanation of the meaning of the concept

Comments

Additional notes about how to use the code

History

Date

Action

Custodian

Author

Comment

2023-11-14

revise

TSMG

Marc Duteau

Add standard copyright and contact to internal content; up-476

2022-10-18

revise

TSMG

Marc Duteau

Fixing missing metadata; up-349

2020-05-06

revise

Vocabulary WG

Ted Klein

Migrated to the UTG maintenance environment and publishing tooling.

2014-08-07

revise

2014T2_2014-08-07_001306 (RIM release ID)

FHIR (Kathleen Connor) (no record of original request)

Add ActTrustPolicyType concept domain to ActPolicyType branch of the ActCode concept domain. Add TrustPolicy concept codes to the Act.code system. Add 15 value sets binding c:TrustPolicy to 15 Concept Domains.

IG © 2020+ HL7 International - Vocabulary Work Group. Package hl7.terminology#5.5.0 based on FHIR 4.0.1. Generated 2024-03-09
Links: Table of Contents | QA Report | Version History external | | Propose a change