// ===================================================================
// Title:       User-Security General Credentials 2.7
// Filename:    User27_Credential.mof
// Version:     2.7.0
// Status:      Final
// Date:        03/31/2003
// ===================================================================
// Copyright 2000-2003 Distributed Management Task Force, Inc. (DMTF).
// All rights reserved.  
// DMTF is a not-for-profit association of industry members dedicated 
// to promoting enterprise and systems management and interoperability. 
// DMTF specifications and documents may be reproduced for uses
// consistent with this purpose by members and non-members, 
// provided that correct attribution is given. 
// As DMTF specifications may be revised from time to time, 
// the particular version and release date should always be noted.
//
// Implementation of certain elements of this standard or proposed 
// standard may be subject to third party patent rights, including 
// provisional patent rights (herein "patent rights"). DMTF makes 
// no representations to users of the standard as to the existence 
// of such rights, and is not responsible to recognize, disclose, or
// identify any or all such third party patent right, owners or 
// claimants, nor for any incomplete or inaccurate identification or 
// disclosure of such rights, owners or claimants. DMTF shall have no 
// liability to any party, in any manner or circumstance, under any 
// legal theory whatsoever, for failure to recognize, disclose, or 
// identify any such third party patent rights, or for such party's
// reliance on the standard or incorporation thereof in its product, 
// protocols or testing procedures. DMTF shall have no liability to 
// any party implementing such standard, whether such implementation 
// is foreseeable or not, nor to any patent owner or claimant, and shall 
// have no liability or responsibility for costs or losses incurred if 
// a standard is withdrawn or modified after publication, and shall be
// indemnified and held harmless by any party implementing the 
// standard from any and all claims of infringement by a patent owner 
// for such implementations.
//
// For information about patents held by third-parties which have 
// notified the DMTF that, in their opinion, such patent may relate to 
// or impact implementations of DMTF standards, visit 
// http://www.dmtf.org/about/policies/disclosures.php.
// ===================================================================
// Description: The User Model extends the management concepts that
//              are related to users and security.
//              This file defines the generic concepts of a 
//              credential.
//
//              The object classes below are listed in an order that
//              avoids forward references. Required objects, defined 
//              by other working groups, are omitted.
// ===================================================================
// Change Log for v2.7
// CR784 - Promote 2 properties, Issued and Expired, from
//         CIM_KerberosTicket to CIM_Credential
// CR980 - Remove Experimental qualifier from 2 properties in 
//         Credential
// ===================================================================

#pragma Locale ("en_US")


// ================================================================== 
// Credential
// ==================================================================
[Abstract, Version ("2.7.0"), Description (
   "Subclasses of CIM_Credential define materials, "
   "information, or other data which are used to prove the "
   "identity of a CIM_UsersAccess to a particular "
   "CIM_SecurityService.  Generally, there may be some shared "
   "information, or credential material which is used to "
   "identify and authenticate ones self in the process of "
   "gaining access to, or permission to use, an Account. "
   "Such credential material may be used to authenticate a "
   "users access identity  initially, as done by a "
   "CIM_AuthenticationService (see later), and additionally on "
   "an ongoing basis during the course of a connection or "
   "other security association, as proof that each received "
   "message or communication came from the owning user access of "
   "that credential material.") ]
class CIM_Credential : CIM_ManagedElement {

   [Description (
      "The date and time when the credential was issued. Use a value "
      "of all 0s if this information is not applicable.") ]
   datetime Issued; 

   [Description (
      "The date and time when the credential expires (and is "
      "not appropriate for use for authentication/"
      "authorization). Use a value of all 9s if this information "
      "is not applicable. Note that this property does not define "
      "how the expiration is set - but that there IS an expiration. "
      "The property may be set to either a specific date/time or "
      "an interval (calculated from the Issued datetime). For "
      "example, for Certificate Authority-signed public key, the "
      "expiration is determined by the CA. Another example is a "
      "voice mail password that expires 60 days after it is "
      "set/issued.") ]
   datetime Expires;
};


// ===================================================================
// ManagedCredential
// ===================================================================
[Association, Version ("2.6.0"), Description (
   "This relationship associates a CredentialManagementService "
   "with the Credential it manages.") ]
class CIM_ManagedCredential : CIM_Dependency {

   [Override ("Antecedent"), Min (1), Max (1),
      Description ("The credential management service.") ] 
   CIM_CredentialManagementService REF Antecedent;

   [Override ("Dependent"),
      Description ("The managed credential.") ]
   CIM_Credential REF Dependent;
};


// ===================================================================
// end of file
// ===================================================================