1 tony 1.1 // ===================================================================
2 // Title: User-Security Privilege
3 // Filename: User28_Privilege.mof
4 // Version: 2.8
5 // Release: Final
6 // Date: Jan 26, 2004
7 // ===================================================================
8 // Copyright 2003-2004 Distributed Management Task Force, Inc. (DMTF).
9 // All rights reserved.
10 // DMTF is a not-for-profit association of industry members dedicated
11 // to promoting enterprise and systems management and interoperability.
12 // DMTF specifications and documents may be reproduced for uses
13 // consistent with this purpose by members and non-members,
14 // provided that correct attribution is given.
15 // As DMTF specifications may be revised from time to time,
16 // the particular version and release date should always be noted.
17 //
18 // Implementation of certain elements of this standard or proposed
19 // standard may be subject to third party patent rights, including
20 // provisional patent rights (herein "patent rights"). DMTF makes
21 // no representations to users of the standard as to the existence
22 tony 1.1 // of such rights, and is not responsible to recognize, disclose, or
23 // identify any or all such third party patent right, owners or
24 // claimants, nor for any incomplete or inaccurate identification or
25 // disclosure of such rights, owners or claimants. DMTF shall have no
26 // liability to any party, in any manner or circumstance, under any
27 // legal theory whatsoever, for failure to recognize, disclose, or
28 // identify any such third party patent rights, or for such party's
29 // reliance on the standard or incorporation thereof in its product,
30 // protocols or testing procedures. DMTF shall have no liability to
31 // any party implementing such standard, whether such implementation
32 // is foreseeable or not, nor to any patent owner or claimant, and shall
33 // have no liability or responsibility for costs or losses incurred if
34 // a standard is withdrawn or modified after publication, and shall be
35 // indemnified and held harmless by any party implementing the
36 // standard from any and all claims of infringement by a patent owner
37 // for such implementations.
38 //
39 // For information about patents held by third-parties which have
40 // notified the DMTF that, in their opinion, such patent may relate to
41 // or impact implementations of DMTF standards, visit
42 // http://www.dmtf.org/about/policies/disclosures.php.
43 tony 1.1 // ===================================================================
44 // Description: The User Model extends the management concepts that
45 // are related to users and security.
46 // This file defines the concepts and classes related to
47 // Privileges
48 //
49 // The object classes below are listed in an order that
50 // avoids forward references. Required objects, defined
51 // by other working groups, are omitted.
52 // ===================================================================
53 // Change Log for v2.8 Final -
54 // CR1219 - Created subclass of Privilege, AuthorizedPrivilege,
55 // moved AuthorizedSubject/Target associations to Authorized
56 // Privilege, and promoted Privilege-related classes from
57 // Experimental to Final
58 // CR1221 - Also promoted Privilege-related classes to Final
59 // CR1229 - Added ArrayType ("Indexed") qualifier to
60 // Privilege.Activites
61 // CR1235 - Corrected copyright
62 //
63 // Change Log for v2.8 Preliminary -
64 tony 1.1 // CR1011 - Created this file.
65 // CR1082 - Fixed Value/ValueMap defintions for properties in Privilege
66 // ===================================================================
67
68 #pragma Locale ("en_US")
69
70
71 // ==================================================================
72 // Privilege
73 // ==================================================================
74 [Version ( "2.8.0" ), Description (
75 "Privilege is the base class for all types of activities which "
76 "are granted or denied by a Role or an Identity. Whether an "
77 "individual Privilege is granted or denied is defined using the "
78 "PrivilegeGranted boolean. Any Privileges not specifically "
79 "granted are assumed to be denied. An explicit deny (Privilege "
80 "Granted = FALSE) takes precedence over any granted Privileges. "
81 "\n\n"
82 "The association of subjects (Roles and Identities) to "
83 "Privileges is accomplished using policy or explicitly via the "
84 "associations on a subclass. The entities that are protected "
85 tony 1.1 "(targets) can be similarly defined. \n"
86 "\n"
87 "Note that Privileges may be inherited through hierarchical "
88 "Roles, or may overlap. For example, a Privilege denying any "
89 "instance Writes in a particular CIM Server Namespace would "
90 "overlap with a Privilege defining specific access rights at an "
91 "instance level within that Namespace. In this example, the "
92 "AuthorizedSubjects are either Identities or Roles, and the "
93 "AuthorizedTargets are a Namespace in the former case, and a "
94 "particular instance in the latter.")]
95 class CIM_Privilege : CIM_ManagedElement {
96
97 [Key, Description (
98 "Within the scope of the instantiating Namespace, InstanceID "
99 "opaquely and uniquely identifies an instance of this class. "
100 "In order to ensure uniqueness within the NameSpace, the "
101 "value of InstanceID SHOULD be constructed using the "
102 "following 'preferred' algorithm: \n"
103 "<OrgID>:<LocalID> \n"
104 "Where <OrgID> and <LocalID> are separated by a colon ':', "
105 "and where <OrgID> MUST include a copyrighted, trademarked "
106 tony 1.1 "or otherwise unique name that is owned by the business "
107 "entity creating/defining the InstanceID, or is a registered "
108 "ID that is assigned to the business entity by a recognized "
109 "global authority. (This is similar to the <Schema "
110 "Name>_<Class Name> structure of Schema class names.) In "
111 "addition, to ensure uniqueness <OrgID> MUST NOT contain a "
112 "colon (':'). When using this algorithm, the first colon to "
113 "appear in InstanceID MUST appear between <OrgID> and "
114 "<LocalID>. \n"
115 "<LocalID> is chosen by the business entity and SHOULD not "
116 "be re-used to identify different underlying (real-world) "
117 "elements. If the above 'preferred' algorithm is not used, "
118 "the defining entity MUST assure that the resultant "
119 "InstanceID is not re-used across any InstanceIDs produced "
120 "by this or other providers for this instance's NameSpace. "
121 "For DMTF defined instances, the 'preferred' algorithm MUST "
122 "be used with the <OrgID> set to 'CIM'.")]
123 string InstanceID;
124
125 [Description (
126 "Boolean indicating whether the Privilege is granted (TRUE) "
127 tony 1.1 "or denied (FALSE). The default is to grant permission.")]
128 boolean PrivilegeGranted = TRUE;
129
130 [Description (
131 "An enumeration indicating the activities that are granted "
132 "or denied. These activities apply to all entities specified "
133 "in the ActivityQualifiers array. The values in the "
134 "enumeration are straightforward except for one, "
135 "4=\"Detect\". This value indicates that the existence or "
136 "presence of an entity may be determined, but not "
137 "necessarily specific data (which requires the Read "
138 "privilege to be true). This activity is exemplified by "
139 "'hidden files'- if you list the contents of a directory, "
140 "you will not see hidden files. However, if you know a "
141 "specific file name, or know how to expose hidden files, "
142 "then they can be 'detected'. Another example is the ability "
143 "to define search privileges in directory implementations."),
144 ValueMap { "1", "2", "3", "4", "5", "6", "7", "..15999",
145 "16000.." },
146 Values { "Other", "Create", "Delete", "Detect", "Read", "Write",
147 "Execute", "DMTF Reserved", "Vendor Reserved" },
148 tony 1.1 ArrayType ( "Indexed" ),
149 ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }]
150 uint16 Activities[];
151
152 [Description (
153 "The ActivityQualifiers property is an array of string "
154 "values used to further qualify and specify the privileges "
155 "granted or denied. For example, it is used to specify a set "
156 "of files for which 'Read'/'Write' access is permitted or "
157 "denied. Or, it defines a class' methods that may be "
158 "'Executed'. Details on the semantics of the individual "
159 "entries in ActivityQualifiers are provided by corresponding "
160 "entries in the QualifierFormats array."),
161 ArrayType ( "Indexed" ),
162 ModelCorrespondence { "CIM_Privilege.Activities",
163 "CIM_Privilege.QualifierFormats" }]
164 string ActivityQualifiers[];
165
166 [Description (
167 "Defines the semantics of corresponding entries in the "
168 "ActivityQualifiers array. An example of each of these "
169 tony 1.1 "'formats' and their use follows: \n"
170 "- 2=Class Name. Example: If the authorization target is a "
171 "CIM Service or a Namespace, then the ActivityQualifiers "
172 "entries can define a list of classes that the authorized "
173 "subject is able to create or delete. \n"
174 "- 3=<Class.>Property. Example: If the authorization target "
175 "is a CIM Service, Namespace or Collection of instances, "
176 "then the ActivityQualifiers entries can define the class "
177 "properties that may or may not be accessed. In this case, "
178 "the class names are specified with the property names to "
179 "avoid ambiguity - since a CIM Service, Namespace or "
180 "Collection could manage multiple classes. On the other "
181 "hand, if the authorization target is an individual "
182 "instance, then there is no possible ambiguity and the class "
183 "name may be omitted. To specify ALL properties, the "
184 "wildcard string \"*\" should be used. \n"
185 "- 4=<Class.>Method. This example is very similar to the "
186 "Property one, above. And, as above, the string \"*\" may be "
187 "specified to select ALL methods. \n"
188 "- 5=Object Reference. Example: If the authorization target "
189 "is a CIM Service or Namespace, then the ActivityQualifiers "
190 tony 1.1 "entries can define a list of object references (as strings) "
191 "that the authorized subject can access. \n"
192 "- 6=Namespace. Example: If the authorization target is a "
193 "CIM Service, then the ActivityQualifiers entries can define "
194 "a list of Namespaces that the authorized subject is able to "
195 "access. \n"
196 "- 7=URL. Example: An authorization target may not be "
197 "defined, but a Privilege could be used to deny access to "
198 "specific URLs by individual Identities or for specific "
199 "Roles, such as the 'under 17' Role. \n"
200 "- 8=Directory/File Name. Example: If the authorization "
201 "target is a FileSystem, then the ActivityQualifiers entries "
202 "can define a list of directories and files whose access is "
203 "protected. \n"
204 "- 9=Command Line Instruction. Example: If the authorization "
205 "target is a ComputerSystem or Service, then the "
206 "ActivityQualifiers entries can define a list of command "
207 "line instructions that may or may not be 'Executed' by the "
208 "authorized subjects."),
209 ValueMap { "2", "3", "4", "5", "6", "7", "8", "9", "..15999",
210 "16000.." },
211 tony 1.1 Values { "Class Name", "<Class.>Property", "<Class.>Method",
212 "Object Reference", "Namespace", "URL",
213 "Directory/File Name", "Command Line Instruction",
214 "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ),
215 ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }]
216 uint16 QualifierFormats[];
217 };
218
219
220 // ==================================================================
221 // AuthorizedPrivilege
222 // ==================================================================
223 [Version ( "2.8.0" ), Description (
224 "Privilege is the base class for all types of activities which "
225 "are granted or denied to a Role or an Identity. "
226 "AuthorizedPrivilege is a subclass defining static renderings "
227 "of authorization policy rules. The association of Roles and "
228 "Identities to AuthorizedPrivilege is accomplished using the "
229 "AuthorizedSubject relationship. The entities that are "
230 "protected are defined using the AuthorizedTarget relationship. "
231 "\n\n"
232 tony 1.1 "Note that this class and its AuthorizedSubject/Target "
233 "associations provide a short-hand, static mechanism to "
234 "represent authorization policies.")]
235 class CIM_AuthorizedPrivilege : CIM_Privilege {
236 };
237
238
239 // ==================================================================
240 // AuthorizedSubject
241 // ==================================================================
242 [Association, Version ( "2.8.0" ), Description (
243 "CIM_AuthorizedSubject is an association used to tie specific "
244 "AuthorizedPrivileges to specific subjects (i.e., Identities, "
245 "Roles or Collections of these). At this time, only Identities "
246 "and Roles (or Collections of Identities and Roles) should be "
247 "associated to AuthorizedPrivileges using this relationship. "
248 "Note that any Privileges not explicitly granted to a subject, "
249 "SHOULD be denied.")]
250 class CIM_AuthorizedSubject {
251
252 [Key, Description (
253 tony 1.1 "The AuthorizedPrivilege either granted or denied to an "
254 "Identity, Role or Collection. Whether the privilege is "
255 "granted or denied is defined by the inherited property, "
256 "CIM_Privilege.PrivilegeGranted.")]
257 CIM_AuthorizedPrivilege REF Privilege;
258
259 [Key, Description (
260 "The Subject for which AuthorizedPrivileges are granted or "
261 "denied. Whether the privilege is granted or denied is "
262 "defined by the property, CIM_Privilege.PrivilegeGranted.")]
263 CIM_ManagedElement REF PrivilegedElement;
264 };
265
266
267 // ==================================================================
268 // AuthorizedTarget
269 // ==================================================================
270 [Association, Version ( "2.8.0" ), Description (
271 "CIM_AuthorizedTarget is an association used to tie an "
272 "Identity's or Role's AuthorizedPrivileges to specific target "
273 "resources.")]
274 tony 1.1 class CIM_AuthorizedTarget {
275
276 [Key, Description (
277 "The AuthorizedPrivilege affecting the target resource.")]
278 CIM_AuthorizedPrivilege REF Privilege;
279
280 [Key, Description (
281 "The target set of resources to which the "
282 "AuthorizedPrivilege applies.")]
283 CIM_ManagedElement REF TargetElement;
284 };
285
286
287 // ===================================================================
288 // end of file
289 // ===================================================================
|