1 tony 1.1 // ===================================================================
2 // Title: User-Security Privilege Management Service ID 2.8
3 // Filename: User28_PrivilegeManagementService.mof
4 // Version: 2.8
5 // Release: Preliminary
6 // Date: 08/04/2003
7 // ===================================================================
8 // Copyright 1998-2003 Distributed Management Task Force, Inc. (DMTF).
9 // All rights reserved.
10 // DMTF is a not-for-profit association of industry members dedicated
11 // to promoting enterprise and systems management and interoperability.
12 // DMTF specifications and documents may be reproduced for uses
13 // consistent with this purpose by members and non-members,
14 // provided that correct attribution is given.
15 // As DMTF specifications may be revised from time to time,
16 // the particular version and release date should always be noted.
17 //
18 // Implementation of certain elements of this standard or proposed
19 // standard may be subject to third party patent rights, including
20 // provisional patent rights (herein "patent rights"). DMTF makes
21 // no representations to users of the standard as to the existence
22 tony 1.1 // of such rights, and is not responsible to recognize, disclose, or
23 // identify any or all such third party patent right, owners or
24 // claimants, nor for any incomplete or inaccurate identification or
25 // disclosure of such rights, owners or claimants. DMTF shall have no
26 // liability to any party, in any manner or circumstance, under any
27 // legal theory whatsoever, for failure to recognize, disclose, or
28 // identify any such third party patent rights, or for such party's
29 // reliance on the standard or incorporation thereof in its product,
30 // protocols or testing procedures. DMTF shall have no liability to
31 // any party implementing such standard, whether such implementation
32 // is foreseeable or not, nor to any patent owner or claimant, and shall
33 // have no liability or responsibility for costs or losses incurred if
34 // a standard is withdrawn or modified after publication, and shall be
35 // indemnified and held harmless by any party implementing the
36 // standard from any and all claims of infringement by a patent owner
37 // for such implementations.
38 //
39 // For information about patents held by third-parties which have
40 // notified the DMTF that, in their opinion, such patent may relate to
41 // or impact implementations of DMTF standards, visit
42 // http://www.dmtf.org/about/policies/disclosures.php.
43 tony 1.1 // ===================================================================
44 // Description: The User Model extends the management concepts that
45 // are related to users and security.
46 // This file defines the concepts and classes related to
47 // hardware World Wide Names used as credentials
48 // for accessing Storage services and credentials.
49 //
50 // The object classes below are listed in an order that
51 // avoids forward references. Required objects, defined
52 // by other working groups, are omitted.
53 // ===================================================================
54 // Change Log for v2.8 Preliminary (Company Review)
55 // CR1102 - Fix PrivilegeManagementService for application to
56 // Storage LUN Masking.
57 //
58 // Change Log for v2.8 Preliminary -
59 // CR1017 - Created this file.
60 // ===================================================================
61
62 #pragma Locale ("en_US")
63
64 tony 1.1 // ==================================================================
65 // PrivilegeManagementService
66 // ==================================================================
67 [Experimental, Version ("2.7.1000"), Description (
68 "The PrivilegeManagementService is responsible for creating, "
69 "deleting, and associating Privilege instances. References to "
70 "'subject' and 'target' define the entities that are associated "
71 "with a Privilege instance via the relationships, "
72 "AuthorizedSubject and AuthorizedTarget, respectively. When "
73 "created, a Privilege instance is related to this "
74 "(PrivilegeManagement)Service via the association, "
75 "ConcreteDependency.") ]
76 class CIM_PrivilegeManagementService: CIM_AuthorizationService {
77
78 [Description (
79 "When this method is called, a provider identifies an "
80 "appropriate existing Privilege or creates a new instance of "
81 "Privilege to satisfy the parameters of the request. The "
82 "Privilege is linked to the ManagedElements that are its "
83 "subject and target via the AuthorizedSubject and "
84 "AuthorizedTarget associations, respectively. When created, "
85 tony 1.1 "the Privilege instance is associated to this "
86 "PrivilegeManagementService via ConcreteDependency.\n"
87 "Note that the method's input parameters, Activities, "
88 "ActivityQualifiers and QualifierFormats, are mutually "
89 "indexed. Values for these parameters MAY be supplied with "
90 "the method invocation or MAY be obtained via reference to "
91 "an existing Privilege. One of these two approaches MUST be "
92 "taken to specify the values of the Privilege's properties. "
93 "Also note that Subject and Target references MAY be "
94 "supplied.\n"
95 "The successful completion of the method SHALL create any "
96 "necessary AuthorizedSubject, AuthorizedTarget and Privilege "
97 "instances. Returning references to the AuthorizedSubject "
98 "and AuthorizedTarget instances is NOT REQUIRED since they "
99 "can be construed using the Privilege output parameter and "
100 "intrinsic methods."),
101 ValueMap {"0", "1", "2", "3", "4", "5", "6..15999", "16000",
102 "16001", "16002", "16003", "16004", "16005..31999",
103 "32000..65535"},
104 Values {"Success", "Not Supported", "Unknown", "Timeout",
105 "Failed", "Invalid Parameter", "DMTF Reserved",
106 tony 1.1 "Unsupported Subject", "Unsupported Privilege",
107 "Unsupported Target", "Authorization Error",
108 "NULL not supported", "Method Reserved", "Vendor Specific"} ]
109 uint32 AssignAccess (
110
111 [IN, OUT(false), Description (
112 "The Subject parameter is a reference to a "
113 "ManagedElement instance that SHALL be associated "
114 "via AuthorizedSubject to the Privilege. This "
115 "parameter MAY NOT be supplied when an "
116 "existing Privilege is referenced by the "
117 "Privilege parameter. Note that a Subject "
118 "reference MUST be provided when creating a "
119 "new instance of Privilege." ) ]
120 CIM_ManagedElement REF Subject,
121
122 [IN, OUT(false), Description (
123 "The PrivilegesGranted flag in the new/existing "
124 "Privilege." ),
125 ModelCorrespondence{"CIM_Privilege.PrivilegeGranted"} ]
126 boolean PrivilegeGranted,
127 tony 1.1
128 [IN, OUT(false), Description (
129 "The activities granted in the new/existing Privilege." ),
130 ArrayType ("Indexed"),
131 Values {"1", "2", "3", "4", "5", "6", "7", "8..15999",
132 "16000..65535"},
133 ValueMap {"Other", "Create", "Delete", "Detect", "Read",
134 "Write", "Execute", "DMTF Reserved", "Vendor Reserved"},
135 ModelCorrespondence{"CIM_Privilege.Activities"} ]
136 uint16 Activities[],
137
138 [IN, OUT(false), Description (
139 "The activity qualifiers set in the new/existing "
140 "Privilege." ),
141 ArrayType ("Indexed"),
142 ModelCorrespondence{"CIM_Privilege.ActivityQualifers"} ]
143 string ActivityQualifiers[],
144
145 [IN, OUT(false), Description (
146 "The qualifier formats set in the new/existing "
147 "Privilege." ),
148 tony 1.1 ArrayType ("Indexed"),
149 Values {"2", "3", "4", "5", "6", "7", "8", "9",
150 "10..15999", "16000..65535"},
151 ValueMap {"Class Name", "<Class.>Property",
152 "<Class.>Method", "Object Reference", "Namespace",
153 "URL", "Directory/File Name",
154 "Command Line Instruction", "DMTF Reserved",
155 "Vendor Reserved"},
156 ModelCorrespondence{"CIM_Privilege.QualifierFormats"} ]
157 uint16 QualifierFormats[],
158
159 [IN, OUT(false), Description (
160 "The Target parameter is a reference to a ManagedElement "
161 "that SHALL be associated via AuthorizedTarget to the "
162 "Privilege. This parameter MAY NOT be supplied when an "
163 "existing Privilege is referenced by the "
164 "Privilege parameter. Note that a Target "
165 "reference MUST be provided when creating a "
166 "new instance of Privilege." ) ]
167 CIM_ManagedElement REF Target,
168
169 tony 1.1 [IN, OUT, Description (
170 "Reference to the Privilege used or created."
171 "If a reference is not provided, an implementation "
172 "MAY create a new instance of Privilege, or MAY "
173 "reuse an existing one. The Privilege that is "
174 "created or reused is returned in this parameter. "
175 "If a reference is input, "
176 "it serves as the definition of the Privilege, "
177 "replacing the method's input parameters, "
178 "PrivilegeGranted, Activities[], "
179 "ActivityQualifiers[] and QualifierFormats[]. Also, "
180 "the existing Privilege defines the relevant 'subject' "
181 "and 'target' ManagedElements, when one or the other "
182 "of the Subject/Target input parameters is not specified. "
183 "An implementation MAY use the supplied reference purely "
184 "as a template and MAY return a reference to a different "
185 "Privilege instance.")]
186 CIM_Privilege REF Privilege );
187
188 [Description (
189 "This method revokes a specific privilege or all privileges "
190 tony 1.1 "for a particular target, subject, or subject/target pair. "
191 "If a Privilege instance is left with no AuthorizedTarget "
192 "associations, it SHOULD be deleted. The successful "
193 "completion of the method SHALL remove the directly or "
194 "indirectly requested AuthorizedSubject, AuthorizedTarget "
195 "and Privilege instances."),
196 ValueMap {"0", "1", "2", "3", "4", "5", "6..15999", "16000",
197 "16001", "16002", "16003", "16004..32767", "32768..65535"},
198 Values {"Success", "Not Supported", "Unknown", "Timeout",
199 "Failed", "Invalid Parameter", "DMTF Reserved",
200 "Unsupported Privilege", "Unsupported Target",
201 "Authorization Error", "Null parameter not supported",
202 "Method Reserved", "Vendor Specific"} ]
203 uint32 RemoveAccess (
204 [IN, OUT(false), Description (
205 "The Subject parameter is a reference to a ManagedElement "
206 "instance (associated via AuthorizedSubject) for which "
207 "privileges are to be revoked.") ]
208 CIM_ManagedElement REF Subject,
209
210 [IN, OUT(false), Description (
211 tony 1.1 "A reference to the Privilege to be revoked."),
212 ArrayType ("Indexed") ]
213 CIM_Privilege REF Privilege,
214
215 [IN, OUT(false), Description (
216 "The Target parameter is a reference to a ManagedElement "
217 "(associated via AuthorizedTarget) which will no longer "
218 "be protected via the Privilege."),
219 ArrayType ("Indexed") ]
220 CIM_ManagedElement REF Target );
221 };
222
223
224 // ===================================================================
225 // end of file
226 // ===================================================================
|