Gazelle Security Suite

Audit Message : epSOS-2 - Import of an epSOS NCP Trusted Service List

Name: epSOS-2 - Import of an epSOS NCP Trusted Service List
OID: 1.3.6.1.4.1.12559.11.1.2.1.12.27
Document reference: WP3A_epSOS_EED_AuditTrail_Binding
Section: 2.3.4.3
Last change: 3/23/15 3:50:46 PM (CET GMT+0100) by Abderrazek Boufahja
Schema: /opt/XDStarClient/xsd/RFC3881.xsd
Dicom compatible
Deprecate RFC3881 Validation: false
Deprecated Validator

	Field Name	Opt	Value	Regex
EventIdentification	EventID	M
	EventActionCode	M
	EventDateTime	M
	EventOutcomeIndicator	M		^0\|1\|4\|8$
	EventTypeCode	U

ServiceConsumerNCP: 1 .. 1
ServiceProviderNCP: 1 .. 1
AuditSourceIdentification: 1 .. 1
ErrorMessage: 0 .. *
RequestMessage: 1 .. 1
ResponseMessage: 1 .. 1
EventTarget: 1 .. *

	Field Name	Opt	Value	Regex
ServiceConsumerNCP ActiveParticipant	Distinguisher	RoleIDCode[@code='ServiceConsumer']
	UserID	M
	AlternativeUserID	U
	UserName	U
	UserIsRequestor	M	true
	RoleIDCode	M
	NetworkAccessPointTypeCode	U
	NetworkAccessPointID	U

	Field Name	Opt	Value	Regex
ServiceProviderNCP ActiveParticipant	Distinguisher	RoleIDCode[@code='ServiceProvider']
	UserID	M
	AlternativeUserID	U
	UserName	U
	UserIsRequestor	M	false
	RoleIDCode	M
	NetworkAccessPointTypeCode	U
	NetworkAccessPointID	U

	Field Name	Opt	Value	Regex
AuditSourceIdentification	AuditSourceID	M		^[A-Z][A-Z]-[A-Z0-9]{1,3}$
	AuditEnterpriseSiteID	U
	AuditSourceTypeCode	U

	Field Name	Opt	Value	Regex
ErrorMessage ParticipantObjectIdentification	Distinguisher	@ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'
	ParticipantObjectTypeCode	M	2
	ParticipantObjectTypeCodeRole	M	3
	ParticipantObjectDataLifeCycle	U
	ParticipantObjectIDTypeCode	M	9
	ParticipantObjectSensitivity	U
	ParticipantObjectID	M
	ParticipantObjectName	U
	ParticipantObjectQuery	U
	ParticipantObjectDetail	M

	Field Name	Opt	Value	Regex
RequestMessage ParticipantObjectIdentification	Distinguisher	ParticipantObjectIDTypeCode[@code='req']
	ParticipantObjectTypeCode	M	4
	ParticipantObjectTypeCodeRole	U
	ParticipantObjectDataLifeCycle	U
	ParticipantObjectIDTypeCode	M	EV('req', 'epSOS Msg', 'Request Message')
	ParticipantObjectSensitivity	U
	ParticipantObjectID	M		urn:uuid:.*
	ParticipantObjectName	U
	ParticipantObjectQuery	U
	ParticipantObjectDetail	M

	Field Name	Opt	Value	Regex
ResponseMessage ParticipantObjectIdentification	Distinguisher	ParticipantObjectIDTypeCode[@code='rsp']
	ParticipantObjectTypeCode	M	4
	ParticipantObjectTypeCodeRole	U
	ParticipantObjectDataLifeCycle	U
	ParticipantObjectIDTypeCode	M	EV('rsp', 'epSOS Msg', 'Response Message')
	ParticipantObjectSensitivity	U
	ParticipantObjectID	M		urn:uuid:.*
	ParticipantObjectName	U
	ParticipantObjectQuery	U
	ParticipantObjectDetail	M

	Field Name	Opt	Value	Regex
EventTarget ParticipantObjectIdentification	Distinguisher	ParticipantObjectIDTypeCode[@code='NSL']
	ParticipantObjectTypeCode	M	2
	ParticipantObjectTypeCodeRole	U
	ParticipantObjectDataLifeCycle	U
	ParticipantObjectIDTypeCode	M	EV('NSL', 'epSOS Security', 'Trusted Service List')
	ParticipantObjectSensitivity	U
	ParticipantObjectID	M		[A-Z][A-Z]\s\d+
	ParticipantObjectName	U
	ParticipantObjectQuery	U
	ParticipantObjectDetail	U

Extra constraints :

Id	Kind	xPath	Description
85	error	every $actpart in /AuditMessage/ActiveParticipant[RoleIDCode[@code='ServiceConsumer']] satisfies $actpart/RoleIDCode/@codeSystem='epSOS' and $actpart/RoleIDCode/@displayName='epSOS Service Consumer'	ServiceConsumerNCP/RoleIDCode/@codeSystem shall be equals to 'epSOS' and the displayName='epSOS Service Consumer'
86	error	every $actpart in /AuditMessage/ActiveParticipant[RoleIDCode[@code='ServiceProvider']] satisfies $actpart/RoleIDCode/@codeSystem='epSOS' and $actpart/RoleIDCode/@displayName='epSOS Service Provider'	ServiceProviderNCP/RoleIDCode/@codeSystem shall be equals to 'epSOS' and the displayName='epSOS Service Provider'
87	error	every $partid in /AuditMessage/ParticipantObjectIdentification[@ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='errormsg')	ErrorMessage/ParticipantObjectDetail must have the type='errormsg'
88	error	every $partid in /AuditMessage/ParticipantObjectIdentification[@ParticipantObjectTypeCode='2' and @ParticipantObjectTypeCodeRole='3'] satisfies (every $i in $partid/ParticipantObjectDetail[@type='errormsg'] satisfies matches($i/@value,'^\w+$'))	ErrorMessage/ParticipantObjectDetail with type='errormsg' shall have a value coded base 64
89	error	every $partid in /AuditMessage/ParticipantObjectIdentification[ParticipantObjectIDTypeCode[@code='req']] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='securityheader')	RequestMessage/ParticipantObjectDetail shall have the type=securityheader
90	error	every $partid in /AuditMessage/ParticipantObjectIdentification[ParticipantObjectIDTypeCode[@code='rsp']] satisfies (every $i in $partid/ParticipantObjectDetail satisfies $i/@type='securityheader')	ResponseMessage/ParticipantObjectDetail shall have the type=securityheader
91	error	/AuditMessage/EventIdentification/EventID[@codeSystemName!='unknown' or @code='epsos-00']	Event/EventID shall have the codeSystemName!=unknown, or the code=epsos-00
92	error	matches(/AuditMessage/EventIdentification/EventID/@code,'^(ITI-63\|ITI-38\|ITI-39\|ITI-41\|ITI-55\|epsos-91\|ITI-40\|epsos-92\|epsos-93\|epsos-94\|epsos-95\|epsos-96\|epsos-97\|epsos-00)$')	Event/EventID@code SHALL be from the list : ITI-63, ITI-38, ITI-39, ITI-41, ITI-55, epsos-91, ITI-40, epsos-92, epsos-93, epsos-94, epsos-95, epsos-96, epsos-97, epsos-00
93	error	matches(/AuditMessage/EventIdentification/EventID/@codeSystemName,'^epSOS Transaction\|IHE Transactions\|unknown$')	Event/EventID@codeSystemName SHALL be 'epSOS Transaction' or 'IHE Transactions'
94	error	/AuditMessage/EventIdentification/EventID[(@code='ITI-63' and @displayName='XCF::CrossGatewayFetchRequest') or (@code='ITI-38' and @displayName='XCA::CrossGatewayQuery') or (@code='ITI-39' and @displayName='XCA::CrossGatewayRetrieve') or (@code='ITI-41' and @displayName='XDR::ProvideandRegisterDocumentSet-b') or (@code='ITI-41' and @displayName='XDR::BPPCProvideandRegisterDocumentSet-b') or (@code='ITI-55' and @displayName='XCPD::CrossGatewayPatientDiscovery') or (@code='epsos-91' and @displayName='identityProvider::HPAuthentication') or (@code='ITI-40' and @displayName='XUA::ProvideX-UserAssertion') or (@code='epsos-92' and @displayName='ncp::TrcAssertion') or (@code='epsos-93' and @displayName='ncpConfigurationManager::ImportNSL') or (@code='epsos-94' and @displayName='ncpTransformationMgr::Translate') or @code='epSOS-95' or @code='epSOS-96' or (@code='epsos-97' and @displayName='ncpTransformationMgr::Translate') or (@code='epsos-00' and @displayName='unknown')]	Event/EventID@displayName SHALL be conform to the specification on the table 2.3.4.7
95	error	/AuditMessage/EventIdentification[@EventActionCode='E' and EventID[@code='ITI-55' or @code='epsos-91' or @code='ITI-40' or @code='epsos-92' or @code='epsos-93' or @code='epsos-94' or @code='epsos-95' or @code='epsos-96' or @code='epsos-97' or @code='epsos-00']] or /AuditMessage/EventIdentification[@EventActionCode='R' and EventID[@code='ITI-63' or @code='ITI-38' or @code='ITI-39']] or /AuditMessage/EventIdentification[@EventActionCode='U' and EventID[@code='ITI-41']] or /AuditMessage/EventIdentification[@EventActionCode='C' and EventID[@code='ITI-41']]	/EventID@EventActionCode SHALL be conform to the value of Event/EventID according to the table 2.3.4.7

Back to top