FHIR Cross-Version Extensions package for FHIR R4 from FHIR R5 - Version 0.0.1-snapshot-2. See the Directory of published versions
: Permission Rule Combining - TTL Representation
Raw ttl | Download
@prefix fhir: <http://hl7.org/fhir/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
# - resource -------------------------------------------------------------------
a fhir:CodeSystem ;
fhir:nodeRole fhir:treeRoot ;
fhir:id [ fhir:v "permission-rule-combining"] ; #
fhir:text [
fhir:status [ fhir:v "generated" ] ;
fhir:div "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n <p>This code system \n <code>http://hl7.org/fhir/permission-rule-combining</code> defines the following codes:\n </p>\n <table class=\"codes\">\n <tr>\n <td style=\"white-space:nowrap\">\n <b>Code</b>\n </td>\n <td>\n <b>Display</b>\n </td>\n <td>\n <b>Definition</b>\n </td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">deny-overrides\n <a name=\"permission-rule-combining-deny-overrides\"> </a>\n </td>\n <td>Deny-overrides</td>\n <td>The deny overrides combining algorithm is intended for those cases where a deny decision should have priority over a permit decision.</td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">permit-overrides\n <a name=\"permission-rule-combining-permit-overrides\"> </a>\n </td>\n <td>Permit-overrides</td>\n <td>The permit overrides combining algorithm is intended for those cases where a permit decision should have priority over a deny decision.</td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">ordered-deny-overrides\n <a name=\"permission-rule-combining-ordered-deny-overrides\"> </a>\n </td>\n <td>Ordered-deny-overrides</td>\n <td>The behavior of this algorithm is identical to that of the “Deny-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission.</td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">ordered-permit-overrides\n <a name=\"permission-rule-combining-ordered-permit-overrides\"> </a>\n </td>\n <td>Ordered-permit-overrides</td>\n <td>The behavior of this algorithm is identical to that of the “Permit-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission.</td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">deny-unless-permit\n <a name=\"permission-rule-combining-deny-unless-permit\"> </a>\n </td>\n <td>Deny-unless-permit</td>\n <td>The “Deny-unless-permit” combining algorithm is intended for those cases where a permit decision should have priority over a deny decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result.</td>\n </tr>\n <tr>\n <td style=\"white-space:nowrap\">permit-unless-deny\n <a name=\"permission-rule-combining-permit-unless-deny\"> </a>\n </td>\n <td>Permit-unless-deny</td>\n <td>The “Permit-unless-deny” combining algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. This algorithm has the following behavior.</td>\n </tr>\n </table>\n </div>"^^rdf:XMLLiteral
] ; #
fhir:extension ( [
fhir:url [ fhir:v "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status"^^xsd:anyURI ] ;
fhir:value [
a fhir:code ;
fhir:v "informative" ]
] [
fhir:url [ fhir:v "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm"^^xsd:anyURI ] ;
fhir:value [
a fhir:integer ;
fhir:v 0 ]
] [
( fhir:extension [
fhir:url [ fhir:v "packageId"^^xsd:anyURI ] ;
fhir:value [
a fhir:id ;
fhir:v "hl7.fhir.uv.xver-r5.r4" ] ] [
fhir:url [ fhir:v "version"^^xsd:anyURI ] ;
fhir:value [
a fhir:string ;
fhir:v "0.0.1-snapshot-2" ] ] ) ;
fhir:url [ fhir:v "http://hl7.org/fhir/StructureDefinition/package-source"^^xsd:anyURI ]
] [
fhir:url [ fhir:v "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg"^^xsd:anyURI ] ;
fhir:value [
a fhir:code ;
fhir:v "sec" ]
] ) ; #
fhir:url [ fhir:v "http://hl7.org/fhir/permission-rule-combining"^^xsd:anyURI] ; #
fhir:version [ fhir:v "5.0.0"] ; #
fhir:name [ fhir:v "PermissionRuleCombining"] ; #
fhir:title [ fhir:v "Permission Rule Combining"] ; #
fhir:status [ fhir:v "active"] ; #
fhir:experimental [ fhir:v false] ; #
fhir:date [ fhir:v "2022-08-05T09:01:24+10:00"^^xsd:dateTime] ; #
fhir:publisher [ fhir:v "Security"] ; #
fhir:contact ( [
fhir:name [ fhir:v "Security" ] ;
( fhir:telecom [
fhir:system [ fhir:v "url" ] ;
fhir:value [ fhir:v "http://www.hl7.org/Special/committees/secure" ] ] )
] ) ; #
fhir:description [ fhir:v "Codes identifying the rule combining. See XACML Combining algorithms http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cos01-en.html"] ; #
fhir:jurisdiction ( [
( fhir:coding [
fhir:system [ fhir:v "http://unstats.un.org/unsd/methods/m49/m49.htm"^^xsd:anyURI ] ;
fhir:code [ fhir:v "001" ] ;
fhir:display [ fhir:v "World" ] ] )
] ) ; #
fhir:caseSensitive [ fhir:v true] ; #
fhir:content [ fhir:v "complete"] ; #
fhir:concept ( [
fhir:code [ fhir:v "deny-overrides" ] ;
fhir:display [ fhir:v "Deny-overrides" ] ;
fhir:definition [ fhir:v "The deny overrides combining algorithm is intended for those cases where a deny decision should have priority over a permit decision." ]
] [
fhir:code [ fhir:v "permit-overrides" ] ;
fhir:display [ fhir:v "Permit-overrides" ] ;
fhir:definition [ fhir:v "The permit overrides combining algorithm is intended for those cases where a permit decision should have priority over a deny decision." ]
] [
fhir:code [ fhir:v "ordered-deny-overrides" ] ;
fhir:display [ fhir:v "Ordered-deny-overrides" ] ;
fhir:definition [ fhir:v "The behavior of this algorithm is identical to that of the “Deny-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission." ]
] [
fhir:code [ fhir:v "ordered-permit-overrides" ] ;
fhir:display [ fhir:v "Ordered-permit-overrides" ] ;
fhir:definition [ fhir:v "The behavior of this algorithm is identical to that of the “Permit-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission." ]
] [
fhir:code [ fhir:v "deny-unless-permit" ] ;
fhir:display [ fhir:v "Deny-unless-permit" ] ;
fhir:definition [ fhir:v "The “Deny-unless-permit” combining algorithm is intended for those cases where a permit decision should have priority over a deny decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result." ]
] [
fhir:code [ fhir:v "permit-unless-deny" ] ;
fhir:display [ fhir:v "Permit-unless-deny" ] ;
fhir:definition [ fhir:v "The “Permit-unless-deny” combining algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. This algorithm has the following behavior." ]
] ) . #
|
History