// Copyright (c) 2010 DMTF.  All rights reserved.
   [Version ( "2.27.0" ), 
    UMLPackagePath ( "CIM::User::SharedCredential" ), 
    Description ( 
       "SharedCredential is a secret (such as a password or the "
       "response to a challenge question) that is shared between a "
       "principal and a particular SharedCredential security service. "
       "Secrets may be in the form of a password used for initial "
       "authentication, or as with a session key, used as part of a "
       "message to verify the originator of the message. It is "
       "important to note that SharedCredential is not just a "
       "password, but rather is the password used with a particular "
       "security service." )]
class CIM_SharedCredential : CIM_Credential {

      [Key, Override ( "InstanceID" ), 
       Description ( 
          "Within the scope of the instantiating Namespace, "
          "InstanceID opaquely and uniquely identifies an instance "
          "of this class. In order to ensure uniqueness within the "
          "NameSpace, the value of InstanceID SHOULD be constructed "
          "using the following \'preferred\' algorithm: \n"
          "<OrgID>:<LocalID> \n"
          "Where <OrgID> and <LocalID> are separated by a colon "
          "\':\', and where <OrgID> MUST include a copyrighted, "
          "trademarked or otherwise unique name that is owned by "
          "the business entity creating/defining the InstanceID, or "
          "is a registered ID that is assigned to the business "
          "entity by a recognized global authority. (This is "
          "similar to the <Schema Name>_<Class Name> structure of "
          "Schema class names.) In addition, to ensure uniqueness, "
          "<OrgID> MUST NOT contain a colon (\':\'). When using "
          "this algorithm, the first colon to appear in InstanceID "
          "MUST appear between <OrgID> and <LocalID>. \n"
          "<LocalID> is chosen by the organizational entity and "
          "SHOULD not be re-used to identify different underlying "
          "(real-world) elements. If the above \'preferred\' "
          "algorithm is not used, the defining entity MUST assure "
          "that the resultant InstanceID is not re-used across any "
          "InstanceIDs produced by this or other providers for this "
          "instance\'s NameSpace. \n"
          "For DMTF defined instances, the \'preferred\' algorithm "
          "MUST be used with the <OrgID> set to \'CIM\'." )]
   string InstanceID;

      [Description ( 
          "RemoteID is the name by which the principal is known at "
          "the remote secret key authentication service." ), 
       MaxLen ( 256 )]
   string RemoteID;

      [Description ( "The secret known by the principal." )]
   string Secret;

      [Description ( 
          "The transformation algorithm, if any, used to protect "
          "passwords before use in the protocol. For instance, "
          "Kerberos doesn\'t store passwords as the shared secret, "
          "but rather, a hash of the password." )]
   string Algorithm;

      [Description ( 
          "The protocol with which the SharedCredential is used." )]
   string Protocol;


};