// =================================================================== // Title: User_Privilege // $State: Exp $ // $Date: 2005/02/17 00:09:56 $ // $RCSfile: User_Privilege.mof,v $ // $Revision: 1.1 $ // =================================================================== //#pragma inLine ("Includes/copyright.inc") // Copyright 1998-2005 Distributed Management Task Force, Inc. (DMTF). // All rights reserved. // DMTF is a not-for-profit association of industry members dedicated // to promoting enterprise and systems management and interoperability. // DMTF specifications and documents may be reproduced for uses // consistent with this purpose by members and non-members, // provided that correct attribution is given. // As DMTF specifications may be revised from time to time, // the particular version and release date should always be noted. // // Implementation of certain elements of this standard or proposed // standard may be subject to third party patent rights, including // provisional patent rights (herein "patent rights"). DMTF makes // no representations to users of the standard as to the existence // of such rights, and is not responsible to recognize, disclose, or // identify any or all such third party patent right, owners or // claimants, nor for any incomplete or inaccurate identification or // disclosure of such rights, owners or claimants. DMTF shall have no // liability to any party, in any manner or circumstance, under any // legal theory whatsoever, for failure to recognize, disclose, or // identify any such third party patent rights, or for such party's // reliance on the standard or incorporation thereof in its product, // protocols or testing procedures. DMTF shall have no liability to // any party implementing such standard, whether such implementation // is foreseeable or not, nor to any patent owner or claimant, and shall // have no liability or responsibility for costs or losses incurred if // a standard is withdrawn or modified after publication, and shall be // indemnified and held harmless by any party implementing the // standard from any and all claims of infringement by a patent owner // for such implementations. // // For information about patents held by third-parties which have // notified the DMTF that, in their opinion, such patent may relate to // or impact implementations of DMTF standards, visit // http://www.dmtf.org/about/policies/disclosures.php. //#pragma inLine // =================================================================== // Description: The User Model extends the management concepts that // are related to users and security. // This file defines the concepts and classes related to // Privileges // // The object classes below are listed in an order that // avoids forward references. Required objects, defined // by other working groups, are omitted. // =================================================================== // Change Log for v2.8 Final - // CR1219 - Created subclass of Privilege, AuthorizedPrivilege, // moved AuthorizedSubject/Target associations to Authorized // Privilege, and promoted Privilege-related classes from // Experimental to Final // CR1221 - Also promoted Privilege-related classes to Final // CR1229 - Added ArrayType ("Indexed") qualifier to // Privilege.Activites // CR1235 - Corrected copyright // // Change Log for v2.8 Preliminary - // CR1011 - Created this file. // CR1082 - Fixed Value/ValueMap defintions for properties in Privilege // =================================================================== #pragma Locale ("en_US") // ================================================================== // Privilege // ================================================================== [Version ( "2.8.0" ), Description ( "Privilege is the base class for all types of activities which " "are granted or denied by a Role or an Identity. Whether an " "individual Privilege is granted or denied is defined using the " "PrivilegeGranted boolean. Any Privileges not specifically " "granted are assumed to be denied. An explicit deny (Privilege " "Granted = FALSE) takes precedence over any granted Privileges. " "\n\n" "The association of subjects (Roles and Identities) to " "Privileges is accomplished using policy or explicitly via the " "associations on a subclass. The entities that are protected " "(targets) can be similarly defined. \n" "\n" "Note that Privileges may be inherited through hierarchical " "Roles, or may overlap. For example, a Privilege denying any " "instance Writes in a particular CIM Server Namespace would " "overlap with a Privilege defining specific access rights at an " "instance level within that Namespace. In this example, the " "AuthorizedSubjects are either Identities or Roles, and the " "AuthorizedTargets are a Namespace in the former case, and a " "particular instance in the latter.")] class CIM_Privilege : CIM_ManagedElement { [Key, Description ( "Within the scope of the instantiating Namespace, InstanceID " "opaquely and uniquely identifies an instance of this class. " "In order to ensure uniqueness within the NameSpace, the " "value of InstanceID SHOULD be constructed using the " "following 'preferred' algorithm: \n" ": \n" "Where and are separated by a colon ':', " "and where MUST include a copyrighted, trademarked " "or otherwise unique name that is owned by the business " "entity creating/defining the InstanceID, or is a registered " "ID that is assigned to the business entity by a recognized " "global authority. (This is similar to the _ structure of Schema class names.) In " "addition, to ensure uniqueness MUST NOT contain a " "colon (':'). When using this algorithm, the first colon to " "appear in InstanceID MUST appear between and " ". \n" " is chosen by the business entity and SHOULD not " "be re-used to identify different underlying (real-world) " "elements. If the above 'preferred' algorithm is not used, " "the defining entity MUST assure that the resultant " "InstanceID is not re-used across any InstanceIDs produced " "by this or other providers for this instance's NameSpace. " "For DMTF defined instances, the 'preferred' algorithm MUST " "be used with the set to 'CIM'.")] string InstanceID; [Description ( "Boolean indicating whether the Privilege is granted (TRUE) " "or denied (FALSE). The default is to grant permission.")] boolean PrivilegeGranted = TRUE; [Description ( "An enumeration indicating the activities that are granted " "or denied. These activities apply to all entities specified " "in the ActivityQualifiers array. The values in the " "enumeration are straightforward except for one, " "4=\"Detect\". This value indicates that the existence or " "presence of an entity may be determined, but not " "necessarily specific data (which requires the Read " "privilege to be true). This activity is exemplified by " "'hidden files'- if you list the contents of a directory, " "you will not see hidden files. However, if you know a " "specific file name, or know how to expose hidden files, " "then they can be 'detected'. Another example is the ability " "to define search privileges in directory implementations."), ValueMap { "1", "2", "3", "4", "5", "6", "7", "..15999", "16000.." }, Values { "Other", "Create", "Delete", "Detect", "Read", "Write", "Execute", "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }] uint16 Activities[]; [Description ( "The ActivityQualifiers property is an array of string " "values used to further qualify and specify the privileges " "granted or denied. For example, it is used to specify a set " "of files for which 'Read'/'Write' access is permitted or " "denied. Or, it defines a class' methods that may be " "'Executed'. Details on the semantics of the individual " "entries in ActivityQualifiers are provided by corresponding " "entries in the QualifierFormats array."), ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_Privilege.Activities", "CIM_Privilege.QualifierFormats" }] string ActivityQualifiers[]; [Description ( "Defines the semantics of corresponding entries in the " "ActivityQualifiers array. An example of each of these " "'formats' and their use follows: \n" "- 2=Class Name. Example: If the authorization target is a " "CIM Service or a Namespace, then the ActivityQualifiers " "entries can define a list of classes that the authorized " "subject is able to create or delete. \n" "- 3=Property. Example: If the authorization target " "is a CIM Service, Namespace or Collection of instances, " "then the ActivityQualifiers entries can define the class " "properties that may or may not be accessed. In this case, " "the class names are specified with the property names to " "avoid ambiguity - since a CIM Service, Namespace or " "Collection could manage multiple classes. On the other " "hand, if the authorization target is an individual " "instance, then there is no possible ambiguity and the class " "name may be omitted. To specify ALL properties, the " "wildcard string \"*\" should be used. \n" "- 4=Method. This example is very similar to the " "Property one, above. And, as above, the string \"*\" may be " "specified to select ALL methods. \n" "- 5=Object Reference. Example: If the authorization target " "is a CIM Service or Namespace, then the ActivityQualifiers " "entries can define a list of object references (as strings) " "that the authorized subject can access. \n" "- 6=Namespace. Example: If the authorization target is a " "CIM Service, then the ActivityQualifiers entries can define " "a list of Namespaces that the authorized subject is able to " "access. \n" "- 7=URL. Example: An authorization target may not be " "defined, but a Privilege could be used to deny access to " "specific URLs by individual Identities or for specific " "Roles, such as the 'under 17' Role. \n" "- 8=Directory/File Name. Example: If the authorization " "target is a FileSystem, then the ActivityQualifiers entries " "can define a list of directories and files whose access is " "protected. \n" "- 9=Command Line Instruction. Example: If the authorization " "target is a ComputerSystem or Service, then the " "ActivityQualifiers entries can define a list of command " "line instructions that may or may not be 'Executed' by the " "authorized subjects."), ValueMap { "2", "3", "4", "5", "6", "7", "8", "9", "..15999", "16000.." }, Values { "Class Name", "Property", "Method", "Object Reference", "Namespace", "URL", "Directory/File Name", "Command Line Instruction", "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }] uint16 QualifierFormats[]; }; // ================================================================== // AuthorizedPrivilege // ================================================================== [Version ( "2.8.0" ), Description ( "Privilege is the base class for all types of activities which " "are granted or denied to a Role or an Identity. " "AuthorizedPrivilege is a subclass defining static renderings " "of authorization policy rules. The association of Roles and " "Identities to AuthorizedPrivilege is accomplished using the " "AuthorizedSubject relationship. The entities that are " "protected are defined using the AuthorizedTarget relationship. " "\n\n" "Note that this class and its AuthorizedSubject/Target " "associations provide a short-hand, static mechanism to " "represent authorization policies.")] class CIM_AuthorizedPrivilege : CIM_Privilege { }; // ================================================================== // AuthorizedSubject // ================================================================== [Association, Version ( "2.8.0" ), Description ( "CIM_AuthorizedSubject is an association used to tie specific " "AuthorizedPrivileges to specific subjects (i.e., Identities, " "Roles or Collections of these). At this time, only Identities " "and Roles (or Collections of Identities and Roles) should be " "associated to AuthorizedPrivileges using this relationship. " "Note that any Privileges not explicitly granted to a subject, " "SHOULD be denied.")] class CIM_AuthorizedSubject { [Key, Description ( "The AuthorizedPrivilege either granted or denied to an " "Identity, Role or Collection. Whether the privilege is " "granted or denied is defined by the inherited property, " "CIM_Privilege.PrivilegeGranted.")] CIM_AuthorizedPrivilege REF Privilege; [Key, Description ( "The Subject for which AuthorizedPrivileges are granted or " "denied. Whether the privilege is granted or denied is " "defined by the property, CIM_Privilege.PrivilegeGranted.")] CIM_ManagedElement REF PrivilegedElement; }; // ================================================================== // AuthorizedTarget // ================================================================== [Association, Version ( "2.8.0" ), Description ( "CIM_AuthorizedTarget is an association used to tie an " "Identity's or Role's AuthorizedPrivileges to specific target " "resources.")] class CIM_AuthorizedTarget { [Key, Description ( "The AuthorizedPrivilege affecting the target resource.")] CIM_AuthorizedPrivilege REF Privilege; [Key, Description ( "The target set of resources to which the " "AuthorizedPrivilege applies.")] CIM_ManagedElement REF TargetElement; }; // =================================================================== // end of file // ===================================================================