1 kumpf 1.2 // ===================================================================
2 // Title: User-Security Authentication Requirements 2.7
3 // Filename: User27_AuthenticationReqmt.mof
4 // Version: 2.7.0
5 // Status: Final
6 // Date: 03/31/2003
7 // ===================================================================
8 // Copyright 2000-2003 Distributed Management Task Force, Inc. (DMTF).
9 // All rights reserved.
10 // DMTF is a not-for-profit association of industry members dedicated
11 // to promoting enterprise and systems management and interoperability.
12 // DMTF specifications and documents may be reproduced for uses
13 // consistent with this purpose by members and non-members,
14 // provided that correct attribution is given.
15 // As DMTF specifications may be revised from time to time,
16 // the particular version and release date should always be noted.
17 //
18 // Implementation of certain elements of this standard or proposed
19 // standard may be subject to third party patent rights, including
20 // provisional patent rights (herein "patent rights"). DMTF makes
21 // no representations to users of the standard as to the existence
22 kumpf 1.2 // of such rights, and is not responsible to recognize, disclose, or
23 // identify any or all such third party patent right, owners or
24 // claimants, nor for any incomplete or inaccurate identification or
25 // disclosure of such rights, owners or claimants. DMTF shall have no
26 // liability to any party, in any manner or circumstance, under any
27 // legal theory whatsoever, for failure to recognize, disclose, or
28 // identify any such third party patent rights, or for such party's
29 // reliance on the standard or incorporation thereof in its product,
30 // protocols or testing procedures. DMTF shall have no liability to
31 // any party implementing such standard, whether such implementation
32 // is foreseeable or not, nor to any patent owner or claimant, and shall
33 // have no liability or responsibility for costs or losses incurred if
34 // a standard is withdrawn or modified after publication, and shall be
35 // indemnified and held harmless by any party implementing the
36 // standard from any and all claims of infringement by a patent owner
37 // for such implementations.
38 //
39 // For information about patents held by third-parties which have
40 // notified the DMTF that, in their opinion, such patent may relate to
41 // or impact implementations of DMTF standards, visit
42 // http://www.dmtf.org/about/policies/disclosures.php.
43 kumpf 1.2 // ===================================================================
44 // Description: The User Model extends the management concepts that
45 // are related to users and security.
46 // This file defines the concepts and classes related to
47 // requirements for authentication.
48 //
49 // The object classes below are listed in an order that
50 // avoids forward references. Required objects, defined
51 // by other working groups, are omitted.
52 // ===================================================================
53 // Change Log for v2.7 - None
54 // ===================================================================
55
56 #pragma Locale ("en_US")
57
58
59 // ==================================================================
60 // AuthenticationRequirement
61 // ==================================================================
62 [Version ("2.6.0"), Description (
63 "CIM_AuthenticationRequirement provides, through its "
64 kumpf 1.2 "associations, the authentication requirements for access to "
65 "system resources. For a particular set of target resources, the "
66 "AuthenticationService may require that credentials be issued by "
67 "a specific CredentialManagementService. The "
68 "AuthenticationRequirement class is weak to the system (e.g., "
69 "Computer System or Administrative Domain) for which the "
70 "requirements apply.") ]
71 class CIM_AuthenticationRequirement : CIM_LogicalElement {
72
73 [Propagated ("CIM_System.CreationClassName"), Key,
74 MaxLen (256), Description ("Hosting system creation class name.") ]
75 string SystemCreationClassName;
76
77 [Propagated ("CIM_System.Name"), Key, MaxLen (256),
78 Description ("Hosting system name.") ]
79 string SystemName;
80
81 [Key, MaxLen (256), Description (
82 "CreationClassName indicates the name of the class or the "
83 "subclass used in the creation of an instance. When used "
84 "with the other key properties of this class, this property "
85 kumpf 1.2 "allows all instances of this class and its subclasses to "
86 "be uniquely identified.") ]
87 string CreationClassName;
88
89 [Key, MaxLen (256), Override ("Name"), Description (
90 "The Name property defines the unique label, in the context of "
91 "the hosting system, by which the AuthenticationRequirement "
92 "is known.") ]
93 string Name;
94
95 [Description (
96 "The SecurityClassification property specifies a named level "
97 "of security associated with the AuthenticationRequirement, "
98 "e.g., 'Confidential', 'Top Secret', etc.") ]
99 string SecurityClassification;
100 };
101
102
103 // ==================================================================
104 // HostedAuthenticationRequirement
105 // ==================================================================
106 kumpf 1.2 [Association, Version ("2.6.0"), Description (
107 "CIM_HostedAuthenticationRequirement is an association used to "
108 "provide the namespace scoping of AuthenticationRequirement. The "
109 "hosted requirements may or may not apply to resources on the "
110 "hosting system.") ]
111 class CIM_HostedAuthenticationRequirement : CIM_Dependency {
112
113 [Min (1), Max (1), Override ("Antecedent"),
114 Description ("The hosting system.") ]
115 CIM_System REF Antecedent;
116
117 [Override ("Dependent"), Weak,
118 Description ("The hosted AuthenticationRequirement.") ]
119 CIM_AuthenticationRequirement REF Dependent;
120 };
121
122
123 // ==================================================================
124 // AuthenticateForUse
125 // ==================================================================
126 [Association, Version ("2.6.0"), Description (
127 kumpf 1.2 "CIM_AuthenticateForUse is an association used to provide an "
128 "AuthenticationService with the AuthenticationRequirement it "
129 "needs to do its job.") ]
130 class CIM_AuthenticateForUse : CIM_Dependency {
131
132 [Override ("Antecedent"),
133 Description ("AuthenticationRequirement for use.") ]
134 CIM_AuthenticationRequirement REF Antecedent;
135
136 [Override ("Dependent"), Description (
137 "AuthenticationService that uses the requirements.") ]
138 CIM_AuthenticationService REF Dependent;
139 };
140
141
142 // ==================================================================
143 // RequireCredentialsFrom
144 // ==================================================================
145 [Association, Version ("2.6.0"), Description (
146 "CIM_RequireCredentialsFrom is an association used to require "
147 "that credentials are issued by particular Credential Management "
148 kumpf 1.2 "Services in order to authenticate a user.") ]
149 class CIM_RequireCredentialsFrom : CIM_Dependency {
150
151 [Override ("Antecedent"), Description (
152 "CredentialManagementService from which credentials are "
153 "accepted for the associated AuthenticationRequirement.") ]
154 CIM_CredentialManagementService REF Antecedent;
155
156 [Override ("Dependent"), Description (
157 "AuthenticationRequirement that limit acceptable credentials.") ]
158 CIM_AuthenticationRequirement REF Dependent;
159 };
160
161
162 // ==================================================================
163 // AuthenticationTarget
164 // ==================================================================
165 [Association, Version ("2.6.0"), Description (
166 "CIM_AuthenticationTarget is an association used to apply "
167 "authentication requirements for access to specific resources. "
168 "For example, a shared secret may be sufficient for access to "
169 kumpf 1.2 "unclassified resources, but for confidential resources, a "
170 "stronger authentication may be required.") ]
171 class CIM_AuthenticationTarget : CIM_Dependency {
172
173 [Override ("Antecedent"), Description (
174 "AuthenticationRequirement that apply to specific resources.") ]
175 CIM_AuthenticationRequirement REF Antecedent;
176
177 [Override ("Dependent"), Description (
178 "Target resources that may be in a Collection or an "
179 "individual ManagedElement. These resources are protected "
180 "by the AuthenticationRequirement.") ]
181 CIM_ManagedElement REF Dependent;
182 };
183
184
185 // ===================================================================
186 // end of file
187 // ===================================================================
|