1 karl 1.1 // ===================================================================
2 // Title: User-Security General Credentials
3 // $State: Preliminary $
4 // $Date: 2004/06/25 17:56:15 $
5 // $Source: /home/dmtf2/dotorg/var/cvs/repositories/dev/Schema/MOF/User_Credential.mof,v $
6 // $Revision: 1.2 $
7 // ===================================================================
8 //#pragma inLine ("Includes/copyright.inc")
9 // Copyright 1998-2004 Distributed Management Task Force, Inc. (DMTF).
10 // All rights reserved.
11 // DMTF is a not-for-profit association of industry members dedicated
12 // to promoting enterprise and systems management and interoperability.
13 // DMTF specifications and documents may be reproduced for uses
14 // consistent with this purpose by members and non-members,
15 // provided that correct attribution is given.
16 // As DMTF specifications may be revised from time to time,
17 // the particular version and release date should always be noted.
18 //
19 // Implementation of certain elements of this standard or proposed
20 // standard may be subject to third party patent rights, including
21 // provisional patent rights (herein "patent rights"). DMTF makes
22 karl 1.1 // no representations to users of the standard as to the existence
23 // of such rights, and is not responsible to recognize, disclose, or
24 // identify any or all such third party patent right, owners or
25 // claimants, nor for any incomplete or inaccurate identification or
26 // disclosure of such rights, owners or claimants. DMTF shall have no
27 // liability to any party, in any manner or circumstance, under any
28 // legal theory whatsoever, for failure to recognize, disclose, or
29 // identify any such third party patent rights, or for such party's
30 // reliance on the standard or incorporation thereof in its product,
31 // protocols or testing procedures. DMTF shall have no liability to
32 // any party implementing such standard, whether such implementation
33 // is foreseeable or not, nor to any patent owner or claimant, and shall
34 // have no liability or responsibility for costs or losses incurred if
35 // a standard is withdrawn or modified after publication, and shall be
36 // indemnified and held harmless by any party implementing the
37 // standard from any and all claims of infringement by a patent owner
38 // for such implementations.
39 //
40 // For information about patents held by third-parties which have
41 // notified the DMTF that, in their opinion, such patent may relate to
42 // or impact implementations of DMTF standards, visit
43 karl 1.1 // http://www.dmtf.org/about/policies/disclosures.php.
44 //#pragma inLine
45 // ===================================================================
46 // Description: The User Model extends the management concepts that
47 // are related to users and security.
48 // This file defines the generic concepts of a
49 // credential.
50 //
51 // The object classes below are listed in an order that
52 // avoids forward references. Required objects, defined
53 // by other working groups, are omitted.
54 // ===================================================================
55 // Change Log for v2.9 Preliminary
56 // CR1222 - Define a CredentialContext association
57 // Change Log for v2.8 Final
58 // CR1218 - Accepted all changes for CIM V2.8 Prelim, except removed
59 // BiometricCredential from the Final release and into
60 // CIM V2.9 Preliminary.
61 //
62 // Change Log for v2.8 Preliminary
63 // CR1011 - Added BiometricCredential, updated Credential.Description.
64 karl 1.1 // CR1014 - Removed Min (1) from ManagedCredential.Antecedent
65 //
66 // Change Log for v2.7
67 // CR784 - Promoted 2 properties, Issued and Expired, from
68 // CIM_KerberosTicket to CIM_Credential
69 // CR980 - Removed Experimental qualifier from 2 properties in
70 // Credential
71 // ===================================================================
72
73 #pragma Locale ("en_US")
74
75
76 // ==================================================================
77 // Credential
78 // ==================================================================
79 [Abstract, Version ( "2.8.0" ), Description (
80 "Subclasses of CIM_Credential define materials, information or "
81 "other data which are used to establish identity. Generally, "
82 "there may be some shared information, or credential material "
83 "which is used to identify and authenticate an entity in the "
84 "process of gaining access to, or permission to use, resources. "
85 karl 1.1 "Such credential material may be used to authenticate an "
86 "entity's identity initially, as done by a "
87 "CIM_AuthenticationService, and additionally on an ongoing "
88 "basis (for example, during the course of a connection or other "
89 "security association), as proof that each received message or "
90 "communication came from a valid 'user' of that credential "
91 "material.")]
92 class CIM_Credential : CIM_ManagedElement {
93
94 [Description (
95 "The date and time when the credential was issued. Use a "
96 "value of all 0s if this information is not applicable.")]
97 datetime Issued;
98
99 [Description (
100 "The date and time when the credential expires (and is not "
101 "appropriate for use for authentication/ authorization). Use "
102 "a value of all 9s if this information is not applicable. "
103 "Note that this property does not define how the expiration "
104 "is set - but that there IS an expiration. The property may "
105 "be set to either a specific date/time or an interval "
106 karl 1.1 "(calculated from the Issued datetime). For example, for "
107 "Certificate Authority-signed public key, the expiration is "
108 "determined by the CA. Another example is a voice mail "
109 "password that expires 60 days after it is set/issued.")]
110 datetime Expires;
111 };
112
113
114 // ===================================================================
115 // ManagedCredential
116 // ===================================================================
117 [Association, Version ( "2.8.0" ), Description (
118 "This relationship associates a CredentialManagementService "
119 "with the Credential it manages.")]
120 class CIM_ManagedCredential : CIM_Dependency {
121
122 [Override ( "Antecedent" ), Max ( 1 ), Description (
123 "The credential management service.")]
124 CIM_CredentialManagementService REF Antecedent;
125
126 [Override ( "Dependent" ), Description (
127 karl 1.1 "The managed credential.")]
128 CIM_Credential REF Dependent;
129 };
130
131 // ==================================================================
132 // CredentialContext
133 // ==================================================================
134 [Association, Experimental, Version ( "2.8.1000" ), Description (
135 "This relationship defines the context (for example, a System "
136 "Service) of a Credential. Without it, only the "
137 "ManagedCredential association exists to establish the "
138 "'context' of a Credential. ManagedCredential is an association "
139 "from a Credential to a CredentialManagementService. However, "
140 "it is not necessarily true that a CredentialManagementService "
141 "provides unique context for the credential. It may "
142 "authenticate credentials for multiple contexts (for example, "
143 "multiple systems or services), or a credential may be "
144 "authenticated by multiple services. It is necessary to "
145 "separately define the 'context' of the Credential, via this "
146 "association.")]
147 class CIM_CredentialContext {
148 karl 1.1
149 [Key, Description (
150 "A Credential whose context is defined.")]
151 CIM_Credential REF ElementInContext;
152
153 [Key, Description (
154 "The ManagedElement that provides context or scope for the "
155 "Credential.")]
156 CIM_ManagedElement REF ElementProvidingContext;
157 };
158
159 // ===================================================================
160 // end of file
161 // ===================================================================
|