// =================================================================== // Title: User-Security Security Services 2.7 // Filename: User27_SecurityServices.mof // Version: 2.7.0 // Status: Preliminary // Date: 07/07/2002 // =================================================================== // Copyright 2000-2002 Distributed Management Task Force, Inc. (DMTF). // All rights reserved. // DMTF is a not-for-profit association of industry members dedicated // to promoting enterprise and systems management and interoperability. // DMTF specifications and documents may be reproduced for uses // consistent with this purpose by members and non-members, // provided that correct attribution is given. // As DMTF specifications may be revised from time to time, // the particular version and release date should always be noted. // // Implementation of certain elements of this standard or proposed // standard may be subject to third party patent rights, including // provisional patent rights (herein "patent rights"). DMTF makes // no representations to users of the standard as to the existence // of such rights, and is not responsible to recognize, disclose, or // identify any or all such third party patent right, owners or // claimants, nor for any incomplete or inaccurate identification or // disclosure of such rights, owners or claimants. DMTF shall have no // liability to any party, in any manner or circumstance, under any // legal theory whatsoever, for failure to recognize, disclose, or // identify any such third party patent rights, or for such party's // reliance on the standard or incorporation thereof in its product, // protocols or testing procedures. DMTF shall have no liability to // any party implementing such standard, whether such implementation // is foreseeable or not, nor to any patent owner or claimant, and shall // have no liability or responsibility for costs or losses incurred if // a standard is withdrawn or modified after publication, and shall be // indemnified and held harmless by any party implementing the // standard from any and all claims of infringement by a patent owner // for such implementations. // // For information about patents held by third-parties which have // notified the DMTF that, in their opinion, such patent may relate to // or impact implementations of DMTF standards, visit // http://www.dmtf.org/about/policies/disclosures.php. // =================================================================== // Description: The User Model extends the management concepts that // are related to users and security. // This file defines the generic concepts of various // authentication and authorization security services. // // The object classes below are listed in an order that // avoids forward references. Required objects, defined // by other working groups, are omitted. // =================================================================== // Change Log for v2.7 - None // =================================================================== #pragma Locale ("en_US") // ================================================================== // SecurityService // ================================================================== [Abstract, Version ("2.6.0"), Description ( "A service providing security functionaity.") ] class CIM_SecurityService : CIM_Service { }; // =================================================================== // ServiceUsesSecurityService // =================================================================== [Association, Version ("2.6.0"), Description ( "This relationship associates a Service with the Security" "Services that it uses.") ] class CIM_ServiceUsesSecurityService : CIM_ServiceServiceDependency { [Override ("Antecedent") ] CIM_SecurityService REF Antecedent; [Override ("Dependent") ] CIM_Service REF Dependent; }; // =================================================================== // SecurityServiceForSystem // =================================================================== [Association, Version ("2.6.0"), Description ( "The CIM_SecurityServiceForSystem provides the association between " "a System and a SecurityService that provides services for that " "system.") ] class CIM_SecurityServiceForSystem : CIM_ProvidesServiceToElement { [Override ("Antecedent"), Description ( "The SecurityService that provides services for the system.") ] CIM_SecurityService REF Antecedent; [Override ("Dependent"), Description ( "The system that is dependent on the security service.") ] CIM_System REF Dependent; }; // ================================================================== // AuthenticationService // ================================================================== [Version ("2.6.0"), Description ( "CIM_AuthenticationService verifies users' identities through " "some means. These services are decomposed into a subclass that " "provides credentials to users and a subclass that provides for " "the verification of the validity of a credential and, perhaps, " "the appropriateness of its use for access to target resources. " "The persistent state information used from one such verification " "to another is maintained in an Account for that Users Access on " "that AuthenticationService.") ] class CIM_AuthenticationService : CIM_SecurityService { }; // ================================================================== // VerificationService // ================================================================== [Version ("2.6.0"), Description ( "CIM_VerificationService is the authentication service that " "verifies a credential for use and may also verify the " "appropriateness of a particular credential in conjunction with a " "particular target resource.") ] class CIM_VerificationService : CIM_AuthenticationService { }; // ================================================================== // CredentialManagementService // ================================================================== [Version ("2.6.0"), Description ( "CIM_CredentialManagementService issues credentials and manages " "the credential lifecycle.") ] class CIM_CredentialManagementService : CIM_AuthenticationService { }; // ================================================================== // TrustHierarchy // ================================================================== [Association, Version ("2.6.0"), Description ( "CIM_TrustHierarchy is an association between two " "CredentialManagementService instances that establishes " "the trust hierarchy between them.") ] class CIM_TrustHierarchy : CIM_Dependency { [Override ("Antecedent"), Max (1), Description ( "The superior CredentialManagementService " "from which the dependent service gets its authority.") ] CIM_CredentialManagementService REF Antecedent; [Override ("Dependent"), Description ( "The subordinate CredentialManagementService.") ] CIM_CredentialManagementService REF Dependent; }; // ================================================================== // CredentialManagementSAP // ================================================================== [Version ("2.6.0"), Description ( "CIM_CredentialManagementSAP represents the ability to " "utilize or invoke a CredentialManagementService.") ] class CIM_CredentialManagementSAP : CIM_ServiceAccessPoint { [Description ("The URL for the access point.") ] string URL; }; // ================================================================== // LocalCredentialManagementService // ================================================================== [Version ("2.6.0"), Description ( "CIM_LocalCredentialManagementService is a credential " "management service that provides management of " "credentials used by the local system.") ] class CIM_LocalCredentialManagementService : CIM_CredentialManagementService { }; // ================================================================== // AuthorizationService // ================================================================== [Version ("2.6.0"), Description ( "CIM_AuthorizationService determines whether a user, by " "association with an Account used by the AuthorizationService, is " "permitted access a resource or set of resources.") ] class CIM_AuthorizationService : CIM_SecurityService { }; // =================================================================== // end of file // ===================================================================