(file) Return to User28_SharedSecret.mof CVS log (file) (dir) Up to [Pegasus] / pegasus / Schemas / CIMPrelim28
File: [Pegasus] / pegasus / Schemas / CIMPrelim28 / Attic / User28_SharedSecret.mof (download)
Revision: 1.1, Tue Sep 2 17:59:16 2003 UTC (20 years, 10 months ago) by tony
Branch: MAIN
CVS Tags: test, pegasus25BeforeLicenseUpdate, local, TEST, SLPPERFINST-root, SLPPERFINST-branch, RELEASE_2_4_FC_CANDIDATE_1, RELEASE_2_4_3, RELEASE_2_4_2, RELEASE_2_4_1-BETA3, RELEASE_2_4_1-BETA2, RELEASE_2_4_1-BETA1, RELEASE_2_4_1, RELEASE_2_4_0-RC3, RELEASE_2_4_0-RC2, RELEASE_2_4_0, RELEASE_2_4-root, RELEASE_2_4-branch, RELEASE_2_3_2-testfreeze, RELEASE_2_3_2-root, RELEASE_2_3_2-releasesnapshot, RELEASE_2_3_2-branch-freeze, RELEASE_2_3_2-branch, RELEASE_2_3_1-root, RELEASE_2_3_1-branch, RELEASE_2_3_0-root, RELEASE_2_3_0-msg-freeze, RELEASE_2_3_0-branch, PRE_LICENSE_UPDATE_2003, POST_LICENSE_UPDATE_2003, PEP217_PRE_BRANCH, PEP217_POST_BRANCH, PEP217_BRANCH, PEP213_SIZE_OPTIMIZATIONS, MONITOR_CONSOLIDATION_2_5_BRANCH, IBM_241_April1405, CQL_2_5_BRANCH, CHUNKTESTDONE_PEP140 
PEP 73 - Add CIMPrelim28 schema

// ===================================================================
// Title:       User-Security Shared Secret 2.8
// Filename:    User28_SharedSecret.mof
// Version:     2.8
// Status:      Preliminary
// Date:        05/29/2003
// ===================================================================
// Copyright 2000-2003 Distributed Management Task Force, Inc. (DMTF).
// All rights reserved.
// DMTF is a not-for-profit association of industry members dedicated
// to promoting enterprise and systems management and interoperability.
// DMTF specifications and documents may be reproduced for uses
// consistent with this purpose by members and non-members,
// provided that correct attribution is given.
// As DMTF specifications may be revised from time to time,
// the particular version and release date should always be noted.
// 
// Implementation of certain elements of this standard or proposed
// standard may be subject to third party patent rights, including
// provisional patent rights (herein "patent rights"). DMTF makes
// no representations to users of the standard as to the existence
// of such rights, and is not responsible to recognize, disclose, or
// identify any or all such third party patent right, owners or
// claimants, nor for any incomplete or inaccurate identification or
// disclosure of such rights, owners or claimants. DMTF shall have no
// liability to any party, in any manner or circumstance, under any
// legal theory whatsoever, for failure to recognize, disclose, or
// identify any such third party patent rights, or for such party's
// reliance on the standard or incorporation thereof in its product,
// protocols or testing procedures. DMTF shall have no liability to
// any party implementing such standard, whether such implementation
// is foreseeable or not, nor to any patent owner or claimant, and shall
// have no liability or responsibility for costs or losses incurred if
// a standard is withdrawn or modified after publication, and shall be
// indemnified and held harmless by any party implementing the
// standard from any and all claims of infringement by a patent owner
// for such implementations.
// 
// For information about patents held by third-parties which have
// notified the DMTF that, in their opinion, such patent may relate to
// or impact implementations of DMTF standards, visit
// http://www.dmtf.org/about/policies/disclosures.php.
// ===================================================================
// Description: The User Model extends the management concepts that
//              are related to users and security.
//              This file defines the concepts and classes related to
//              shared secret security services and credentials.
// 
//              The object classes below are listed in an order that
//              avoids forward references. Required objects, defined
//              by other working groups, are omitted.
// ===================================================================
// Change Log for v2.8 - None
// 
// Change Log for v2.7 - None
// ===================================================================

#pragma Locale ("en_US")


// ==================================================================
// SharedSecretService
// ==================================================================
   [Version ("2.6.0"), Description (
       "CIM_SharedSecretService is a service which ascertains whether "
       "messages received are from the Principal with whom a secret is "
       "shared.  Examples include a login service that proves identity "
       "on the basis of knowledge of the shared secret, or a transport "
       "integrity service (like Kerberos provides) that includes a "
       "message authenticity code that proves each message in the "
       "messsage stream came from someone who knows the shared secret "
       "session key.") ]
class CIM_SharedSecretService : CIM_LocalCredentialManagementService {

      [Description (
          "The Algorithm used to convey the shared secret, such as "
          "HMAC-MD5,or PLAINTEXT."), 
       MaxLen (256) ]
   string Algorithm;

      [Description (
          "The Protocol supported by the SharedSecretService.") ]
   string Protocol;
};


// ==================================================================
// SharedSecret
// ==================================================================
   [Version ("2.6.0"), Description (
       "CIM_SharedSecret is the secret shared between a Users Access "
       "and a particular SharedSecret security service.  Secrets may "
       "be in the form of a password used for initial authentication, "
       "or as with a session key, used as part of a message "
       "authentication code to verify that a message originated by the "
       "pricinpal with whom the secret is shared.  It is important to "
       "note that SharedSecret is not just the password, but rather is "
       "the password used with a particular security service.") ]
class CIM_SharedSecret : CIM_Credential {

      [Key,
       Propagated ("CIM_SharedSecretService.SystemCreationClassName"), 
       Description (
          "The scoping System's CCN."), 
       MaxLen (256) ]
   string SystemCreationClassName;

      [Key, Propagated ("CIM_SharedSecretService.SystemName"), 
       Description (
          "The scoping System's Name."), 
       MaxLen (256) ]
   string SystemName;

      [Key, Propagated ( "CIM_SharedSecretService.CreationClassName"), 
       Description (
          "The scoping Service's CCN."), 
       MaxLen (256) ]
   string ServiceCreationClassName;

      [Key, Propagated ("CIM_SharedSecretService.Name"), Description (
          "The scoping Service's Name."), 
       MaxLen (256) ]
   string ServiceName;

      [Key, Description (
          "RemoteID is the name by which the user is known at the "
          "remote secret key authentication service."), 
       MaxLen (256) ]
   string RemoteID;

      [Description (
          "The secret known by the Users Access.") ]
   string Secret;

      [Description (
          "The transformation algorithm, if any, used to protect "
          "passwords before use in the protocol.  For instance, "
          "Kerberos doesn't store passwords as the shared secret, but "
          "rather, a hash of the password.") ]
   string Algorithm;

      [Description (
          "The protocol with which the SharedSecret is used.") ]
   string Protocol;
};


// ===================================================================
// SharedSecretIsShared
// ===================================================================
   [Association, Version ("2.6.0"), Description (
       "This relationship associates a SharedSecretService with the "
       "SecretKey it verifies.") ]
class CIM_SharedSecretIsShared : CIM_ManagedCredential {

      [Override ("Antecedent"), Min (1), Max (1), Description (
          "The credential management service.") ]
   CIM_SharedSecretService REF Antecedent;

      [Override ("Dependent"), Weak, Description (
          "The managed credential.") ]
   CIM_SharedSecret REF Dependent;
};


// ==================================================================
// NamedSharedIKESecret
// ==================================================================
   [Version ("2.6.0"), Description (
       "CIM_NamedSharedIKESecret indirectly represents a shared secret "
       "credential.  The local identity, IKEIdentity, and the remote "
       "peer identity share the secret that is named by the "
       "SharedSecretName.  The SharedSecretName is used "
       "SharedSecretService to reference the secret.") ]
class CIM_NamedSharedIKESecret : CIM_Credential {

      [Key,
       Propagated ("CIM_SharedSecretService.SystemCreationClassName"), 
       Description (
          "The scoping System's CCN."), 
       MaxLen (256) ]
   string SystemCreationClassName;

      [Key, Propagated ("CIM_SharedSecretService.SystemName"), 
       Description (
          "The scoping System's Name."), 
       MaxLen (256) ]
   string SystemName;

      [Key, Propagated ("CIM_SharedSecretService.CreationClassName"), 
       Description (
          "The scoping Service's CCN."), 
       MaxLen (256) ]
   string ServiceCreationClassName;

      [Key, Propagated ("CIM_SharedSecretService.Name"), Description (
          "The scoping Service's Name."), 
       MaxLen (256) ]
   string ServiceName;

      [Key, Description (
          "The local Identity with whom the direct trust relationship "
          "exists."), 
       MaxLen (256), 
       ModelCorrespondence { 
          "CIM_NamedSharedIKESecret.LocalIdentityType"} ]
   string LocalIdentity;

      [Key, Description (
          "LocalIdentityType is used to describe the type of the "
          "LocalIdentity."), 
       ValueMap {"1", "2", "3", "4", "5", "6", "7", "8", "9", "10",
          "11"}, 
       Values {"IPV4_ADDR", "FQDN", "USER_FQDN", "IPV4_ADDR_SUBNET",
          "IPV6_ADDR", "IPV6_ADDR_SUBNET", "IPV4_ADDR_RANGE",
          "IPV6_ADDR_RANGE", "DER_ASN1_DN", "DER_ASN1_GN", "KEY_ID"}, 
       ModelCorrespondence { "CIM_NamedSharedIKESecret.LocalIdentity"} ]
   uint16 LocalIdentityType;

      [Key, Description (
          "The peer identity with whom the direct trust relationship "
          "exists."), 
       MaxLen (256), 
       ModelCorrespondence { 
          "CIM_NamedSharedIKESecret.PeerIdentityType"} ]
   string PeerIdentity;

      [Key, Description (
          "PeerIdentityType is used to describe the type of the "
          "PeerIdentity."), 
       ValueMap {"1", "2", "3", "4", "5", "6", "7", "8", "9", "10",
          "11"}, 
       Values {"IPV4_ADDR", "FQDN", "USER_FQDN", "IPV4_ADDR_SUBNET",
          "IPV6_ADDR", "IPV6_ADDR_SUBNET", "IPV4_ADDR_RANGE",
          "IPV6_ADDR_RANGE", "DER_ASN1_DN", "DER_ASN1_GN", "KEY_ID"}, 
       ModelCorrespondence { "CIM_NamedSharedIKESecret.PeerIdentity"} ]
   uint16 PeerIdentityType;

      [Description (
          "SharedSecretName is an indirect reference to a shared "
          "secret.  The SecretService does not expose the actual "
          "secret but rather provides access to the secret via a "
          "name.") ]
   string SharedSecretName;
};


// ==================================================================
// IKESecretIsNamed
// ==================================================================
   [Association, Version ("2.6.0"), Description (
       "CIM_IKESecretIsNamed association provides the relationship "
       "between a SharedSecretService and a NamedSharedIKESecret.") ]
class CIM_IKESecretIsNamed : CIM_ManagedCredential {

      [Override ("Antecedent"), Min (1), Max (1), Description (
          "The SharedSecretService that manages a "
          "NamedSharedIKESecret.") ]
   CIM_SharedSecretService REF Antecedent;

      [Override ("Dependent"), Weak, Description (
          "The managed NamedSharedIKESecret.") ]
   CIM_NamedSharedIKESecret  REF Dependent;
};


// ===================================================================
// end of file
// ===================================================================
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2