Termini

CodeSystemsConceptSystemsStructureDefinitionsValueSetsPackagesConflicts
Conceptshttp://terminology.hl7.org/CodeSystem/v3-ObservationValue | LOAAN4
{
  "package" : "hl7.terminology.r4@6.3.0",
  "definition" : "Indicator of high digital quality or reliability of the digital reliability of the verification and validation process used to verify the claimed identity of an entity by securely associating an identifier and its authenticator. \\\\[Based on ISO 7498-2\\\\]\\r\\n\\r\\nThe degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued, and 2) the degree of confidence that the individual who uses the credential is the individual to whom the credential was issued. \\\\[OMB M-04-04 E-Authentication Guidance for Federal Agencies\\\\]\\r\\n\\r\\nHigh authentication level of assurance indicates that the relying party may have very high confidence in the asserted identity's validity. Level 4 is for transactions that need very high confidence in the accuracy of the asserted identity. Level 4 provides the highest practical assurance of remote network authentication. Authentication is based on proof of possession of a key through a cryptographic protocol. This level is similar to Level 3 except that only “hard� cryptographic tokens are allowed, cryptographic module validation requirements are strengthened, and subsequent critical data transfers must be authenticated via a key that is bound to the authentication process. The token should be a hardware cryptographic module validated at FIPS 140-2 Level 2 or higher overall with at least FIPS 140-2 Level 3 physical security. This level requires a physical token, which cannot readily be copied, and operator authentication at Level 2 and higher, and ensures good, two-factor remote authentication.\\r\\n\\r\\nLevel 4 requires strong cryptographic authentication of all parties and all sensitive data transfers between the parties. Either public key or symmetric key technology may be used. Authentication requires that the claimant prove through a secure authentication protocol that the claimant controls the token. Eavesdropper, replay, online guessing, verifier impersonation, and man-in-the-middle attacks are prevented. Long-term shared authentication secrets, if used, are never revealed to any party except the claimant and verifiers operated directly by the CSP; however, session (temporary) shared secrets may be provided to independent verifiers by the CSP. Strong approved cryptographic techniques are used for all operations. All sensitive data transfers are cryptographically authenticated using keys bound to the authentication process. \\\\[Summary of the technical requirements specified in NIST SP 800-63 for the four levels of assurance defined by the December 2003, the Office of Management and Budget (OMB) issued Memorandum M-04-04, E-Authentication Guidance for Federal Agencies.\\\\]",
  "system" : "http://terminology.hl7.org/CodeSystem/v3-ObservationValue",
  "property" : [ {
    "code" : "status",
    "valueCode" : "active"
  }, {
    "code" : "internalId",
    "valueCode" : "23681"
  }, {
    "_uri" : "http://hl7.org/fhir/concept-properties#parent",
    "code" : "parent",
    "_implicit" : true,
    "valueCode" : "LOAAN"
  } ],
  "codesystem" : "730c6680-1192-583b-885c-ffeb9abd3fa3",
  "concept_id" : "97ff1aaa-35f3-5859-8656-01e83bbd5e63",
  "ancestors" : {
    "LOAAN" : 1,
    "LOAAN4" : 0,
    "SECTRSTOBV" : 3,
    "TRSTLOAOBV" : 2,
    "_SecurityObservationValue" : 4
  },
  "id" : "eccfd010-95fb-4005-b821-1ceb2dad7602",
  "code" : "LOAAN4",
  "display" : "high authentication level of assurance",
  "version" : "4.0.0"
}