// ===================================================================
// Title: User_SecurityServices
// $State: Exp $
// $Date: 2005/02/17 00:09:56 $
// $RCSfile: User_SecurityServices.mof,v $
// $Revision: 1.1 $
// ===================================================================
//#pragma inLine ("Includes/copyright.inc")
// Copyright 1998-2005 Distributed Management Task Force, Inc. (DMTF).
// All rights reserved.
// DMTF is a not-for-profit association of industry members dedicated
// to promoting enterprise and systems management and interoperability.
// DMTF specifications and documents may be reproduced for uses
// consistent with this purpose by members and non-members,
// provided that correct attribution is given.
// As DMTF specifications may be revised from time to time,
// the particular version and release date should always be noted.
// 
// Implementation of certain elements of this standard or proposed
// standard may be subject to third party patent rights, including
// provisional patent rights (herein "patent rights"). DMTF makes
// no representations to users of the standard as to the existence
// of such rights, and is not responsible to recognize, disclose, or
// identify any or all such third party patent right, owners or
// claimants, nor for any incomplete or inaccurate identification or
// disclosure of such rights, owners or claimants. DMTF shall have no
// liability to any party, in any manner or circumstance, under any
// legal theory whatsoever, for failure to recognize, disclose, or
// identify any such third party patent rights, or for such party's
// reliance on the standard or incorporation thereof in its product,
// protocols or testing procedures. DMTF shall have no liability to
// any party implementing such standard, whether such implementation
// is foreseeable or not, nor to any patent owner or claimant, and shall
// have no liability or responsibility for costs or losses incurred if
// a standard is withdrawn or modified after publication, and shall be
// indemnified and held harmless by any party implementing the
// standard from any and all claims of infringement by a patent owner
// for such implementations.
// 
// For information about patents held by third-parties which have
// notified the DMTF that, in their opinion, such patent may relate to
// or impact implementations of DMTF standards, visit
// http://www.dmtf.org/about/policies/disclosures.php.
//#pragma inLine
// ===================================================================
// Description: The User Model extends the management concepts that
//              are related to users and security.
//              This file defines the generic concepts of various
//              authentication and authorization security services.
// 
//              The object classes below are listed in an order that
//              avoids forward references. Required objects, defined
//              by other working groups, are omitted.
// ===================================================================
// Change Log for v2.8 Final:
//  CR1235 - Accepted all Description changes in V2.8 Preliminary
// 
// Change Log for v2.8 Preliminary:
//  CR1013: Updated the Descriptions for AuthenticationService and
//             AuthorizationService
// 
// Change Log for v2.7
//  CR965 - Updated the Description for SecurityServiceForSystem
// ===================================================================

#pragma Locale ("en_US")


// ==================================================================
// SecurityService
// ==================================================================
   [Abstract, Version ( "2.6.0" ), Description (
       "A service providing security functionaity.")]
class CIM_SecurityService : CIM_Service {
};


// ===================================================================
// ServiceUsesSecurityService
// ===================================================================
   [Association, Version ( "2.6.0" ), Description (
       "This relationship associates a Service with the Security "
       "Services that it uses.")]
class CIM_ServiceUsesSecurityService : CIM_ServiceServiceDependency {

      [Override ( "Antecedent" )]
   CIM_SecurityService REF Antecedent;

      [Override ( "Dependent" )]
   CIM_Service REF Dependent;
};


// ===================================================================
// SecurityServiceForSystem
// ===================================================================
   [Association, Version ( "2.6.0" ), Description (
       "The CIM_SecurityServiceForSystem provides the association "
       "between a System and a SecurityService that provides services "
       "for that system. Examining the SecurityServiceForSystem class "
       "definition, note that its superclass ProvidesServiceToElement "
       "is deprecated. Unfortunately, ProvidesServiceToElement cannot "
       "be removed from the object hierarchy without a major Schema "
       "release. When/if this occurs, the ProvidesServiceToElement "
       "superclass will be removed, and SecurityServiceForSystem will "
       "subclass from CIM_Dependency directly.")]
class CIM_SecurityServiceForSystem : CIM_ProvidesServiceToElement {

      [Override ( "Antecedent" ), Description (
          "The SecurityService that provides services for the system.")]
   CIM_SecurityService REF Antecedent;

      [Override ( "Dependent" ), Description (
          "The system that is dependent on the security service.")]
   CIM_System REF Dependent;
};


// ==================================================================
// AuthenticationService
// ==================================================================
   [Version ( "2.8.0" ), Description (
       "CIM_AuthenticationService verifies users' identities through "
       "some means. These services are decomposed into a subclass that "
       "provides credentials to users and a subclass that provides for "
       "the verification of the validity of a credential and, perhaps, "
       "the appropriateness of its use for access to target resources. "
       "The persistent state information used from one such "
       "verification to another is maintained in an instance of "
       "Identity class.")]
class CIM_AuthenticationService : CIM_SecurityService {
};


// ==================================================================
// VerificationService
// ==================================================================
   [Version ( "2.6.0" ), Description (
       "CIM_VerificationService is the authentication service that "
       "verifies a credential for use and may also verify the "
       "appropriateness of a particular credential in conjunction with "
       "a particular target resource.")]
class CIM_VerificationService : CIM_AuthenticationService {
};


// ==================================================================
// CredentialManagementService
// ==================================================================
   [Version ( "2.6.0" ), Description (
       "CIM_CredentialManagementService issues credentials and manages "
       "the credential lifecycle.")]
class CIM_CredentialManagementService : CIM_AuthenticationService {
};


// ==================================================================
// TrustHierarchy
// ==================================================================
   [Association, Version ( "2.6.0" ), Description (
       "CIM_TrustHierarchy is an association between two "
       "CredentialManagementService instances that establishes the "
       "trust hierarchy between them.")]
class CIM_TrustHierarchy : CIM_Dependency {

      [Override ( "Antecedent" ), Max ( 1 ), Description (
          "The superior CredentialManagementService from which the "
          "dependent service gets its authority.")]
   CIM_CredentialManagementService  REF Antecedent;

      [Override ( "Dependent" ), Description (
          "The subordinate CredentialManagementService.")]
   CIM_CredentialManagementService  REF Dependent;
};


// ==================================================================
// CredentialManagementSAP
// ==================================================================
   [Version ( "2.6.0" ), Description (
       "CIM_CredentialManagementSAP represents the ability to utilize "
       "or invoke a CredentialManagementService.")]
class CIM_CredentialManagementSAP : CIM_ServiceAccessPoint {

      [Description (
          "The URL for the access point.")]
   string URL;
};


// ==================================================================
// LocalCredentialManagementService
// ==================================================================
   [Version ( "2.6.0" ), Description (
       "CIM_LocalCredentialManagementService is a credential "
       "management service that provides management of credentials "
       "used by the local system.")]
class CIM_LocalCredentialManagementService : CIM_CredentialManagementService {
};


// ==================================================================
// AuthorizationService
// ==================================================================
   [Version ( "2.8.0" ), Description (
       "CIM_AuthorizationService determines whether an Identity, "
       "established by an AuthorizationService, is permitted access to "
       "a resource or set of resources.")]
class CIM_AuthorizationService : CIM_SecurityService {
};


// ===================================================================
// end of file
// ===================================================================