FHIR IG analytics| Package | hl7.fhir.uv.dap |
| Resource Type | CodeSystem |
| Id | CodeSystem-permission-rule-combining.json |
| FHIR Version | R6 |
| Source | https://build.fhir.org/ig/HL7/data-access-policies/CodeSystem-permission-rule-combining.html |
| URL | http://hl7.org/fhir/permission-rule-combining |
| Version | 1.0.0-current |
| Status | active |
| Date | 2022-08-05T10:01:24+11:00 |
| Name | PermissionRuleCombining |
| Title | Permission Rule Combining |
| Realm | uv |
| Authority | hl7 |
| Description | Codes identifying the rule combining. See XACML Combining algorithms http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cos01-en.html |
| Content | complete |
| ValueSet | |
| permission-rule-combining-vs | ValueSet for Permission Rule Combining |
| R5-permission-rule-combining-for-R4B | Cross-version VS for R5.PermissionRuleCombining for use in FHIR R4B |
| R5-permission-rule-combining-for-R4 | Cross-version VS for R5.PermissionRuleCombining for use in FHIR R4 |
No resources found
Note: links and images are rebased to the (stated) source
Generated Narrative: CodeSystem permission-rule-combining
Last updated: 2022-08-05 10:01:24+1100
Profile: Shareable CodeSystem
This case-sensitive code system http://hl7.org/fhir/permission-rule-combining defines the following codes:
FHIR
FHIRsmith{
"resourceType": "CodeSystem",
"id": "permission-rule-combining",
"meta": {
"lastUpdated": "2022-08-05T10:01:24.148+11:00",
"profile": [
"http://hl7.org/fhir/StructureDefinition/shareablecodesystem"
]
},
"text": {
"status": "generated",
"div": "<!-- snip (see above) -->"
},
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
"valueCode": "sec"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
"valueCode": "trial-use"
},
{
"url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm",
"valueInteger": 0
}
],
"url": "http://hl7.org/fhir/permission-rule-combining",
"identifier": [
{
"system": "urn:ietf:rfc:3986",
"value": "urn:oid:2.16.840.1.113883.4.642.4.2070"
}
],
"version": "1.0.0-current",
"name": "PermissionRuleCombining",
"title": "Permission Rule Combining",
"status": "active",
"experimental": false,
"date": "2022-08-05T10:01:24+11:00",
"publisher": "HL7 International / Security",
"contact": [
{
"name": "HL7 International / Security",
"telecom": [
{
"system": "url",
"value": "http://www.hl7.org/Special/committees/secure"
},
{
"system": "email",
"value": "security-cc@lists.hl7.org"
}
]
},
{
"name": "John Moehrke",
"telecom": [
{
"system": "email",
"value": "johnmoehrke@gmail.com",
"use": "work"
}
]
},
{
"name": "HL7 Security Work Group",
"telecom": [
{
"system": "url",
"value": "http://www.hl7.org/Special/committees/secure/index.cfm"
}
]
}
],
"description": "Codes identifying the rule combining. See XACML Combining algorithms http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cos01-en.html",
"jurisdiction": [
{
"coding": [
{
"system": "http://unstats.un.org/unsd/methods/m49/m49.htm",
"code": "001"
}
]
}
],
"caseSensitive": true,
"content": "complete",
"concept": [
{
"code": "deny-overrides",
"display": "Deny-overrides",
"definition": "The deny overrides combining algorithm is intended for those cases where a deny decision should have priority over a permit decision."
},
{
"code": "permit-overrides",
"display": "Permit-overrides",
"definition": "The permit overrides combining algorithm is intended for those cases where a permit decision should have priority over a deny decision."
},
{
"code": "ordered-deny-overrides",
"display": "Ordered-deny-overrides",
"definition": "The behavior of this algorithm is identical to that of the “Deny-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission."
},
{
"code": "ordered-permit-overrides",
"display": "Ordered-permit-overrides",
"definition": "The behavior of this algorithm is identical to that of the “Permit-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission."
},
{
"code": "deny-unless-permit",
"display": "Deny-unless-permit",
"definition": "The “Deny-unless-permit” combining algorithm is intended for those cases where a permit decision should have priority over a deny decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result."
},
{
"code": "permit-unless-deny",
"display": "Permit-unless-deny",
"definition": "The “Permit-unless-deny” combining algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. This algorithm has the following behavior."
}
]
}