1 karl 1.1 // ===================================================================
2 // Title: User-Security Privilege
3 // $State: Preliminary $
4 // $Date: 2004/07/07 15:34:03 $
5 // $Source: /home/dmtf2/dotorg/var/cvs/repositories/dev/Schema/MOF/User_Privilege.mof,v $
6 // $Revision: 1.5 $
7 // ===================================================================
8 //#pragma inLine ("Includes/copyright.inc")
9 // Copyright 1998-2004 Distributed Management Task Force, Inc. (DMTF).
10 // All rights reserved.
11 // DMTF is a not-for-profit association of industry members dedicated
12 // to promoting enterprise and systems management and interoperability.
13 // DMTF specifications and documents may be reproduced for uses
14 // consistent with this purpose by members and non-members,
15 // provided that correct attribution is given.
16 // As DMTF specifications may be revised from time to time,
17 // the particular version and release date should always be noted.
18 //
19 // Implementation of certain elements of this standard or proposed
20 // standard may be subject to third party patent rights, including
21 // provisional patent rights (herein "patent rights"). DMTF makes
22 karl 1.1 // no representations to users of the standard as to the existence
23 // of such rights, and is not responsible to recognize, disclose, or
24 // identify any or all such third party patent right, owners or
25 // claimants, nor for any incomplete or inaccurate identification or
26 // disclosure of such rights, owners or claimants. DMTF shall have no
27 // liability to any party, in any manner or circumstance, under any
28 // legal theory whatsoever, for failure to recognize, disclose, or
29 // identify any such third party patent rights, or for such party's
30 // reliance on the standard or incorporation thereof in its product,
31 // protocols or testing procedures. DMTF shall have no liability to
32 // any party implementing such standard, whether such implementation
33 // is foreseeable or not, nor to any patent owner or claimant, and shall
34 // have no liability or responsibility for costs or losses incurred if
35 // a standard is withdrawn or modified after publication, and shall be
36 // indemnified and held harmless by any party implementing the
37 // standard from any and all claims of infringement by a patent owner
38 // for such implementations.
39 //
40 // For information about patents held by third-parties which have
41 // notified the DMTF that, in their opinion, such patent may relate to
42 // or impact implementations of DMTF standards, visit
43 karl 1.1 // http://www.dmtf.org/about/policies/disclosures.php.
44 //#pragma inLine
45 // ===================================================================
46 // Description: The User Model extends the management concepts that
47 // are related to users and security.
48 // This file defines the concepts and classes related to
49 // Privileges
50 //
51 // The object classes below are listed in an order that
52 // avoids forward references. Required objects, defined
53 // by other working groups, are omitted.
54 // ===================================================================
55 // Change Log for v2.9 Preliminary -
56 // CR1342 - Added Privilege.RepresentsAuthorizationRights
57 // Added SCSI Commands to Privilege.QualifierFormats
58 // CR1142 - Addition of Packets to Privilege.QualifierFormats
59 //
60 // Change Log for v2.8 Final -
61 // CR1219 - Created subclass of Privilege, AuthorizedPrivilege,
62 // moved AuthorizedSubject/Target associations to Authorized
63 // Privilege, and promoted Privilege-related classes from
64 karl 1.1 // Experimental to Final
65 // CR1221 - Also promoted Privilege-related classes to Final
66 // CR1229 - Added ArrayType ("Indexed") qualifier to
67 // Privilege.Activites
68 // CR1235 - Corrected copyright
69 //
70 // Change Log for v2.8 Preliminary -
71 // CR1011 - Created this file.
72 // CR1082 - Fixed Value/ValueMap defintions for properties in Privilege
73 // ===================================================================
74
75 #pragma Locale ("en_US")
76
77
78 // ==================================================================
79 // Privilege
80 // ==================================================================
81 [Version ( "2.8.1000" ), Description (
82 "Privilege is the base class for all types of activities which "
83 "are granted or denied by a Role or an Identity. Whether an "
84 "individual Privilege is granted or denied is defined using the "
85 karl 1.1 "PrivilegeGranted boolean. Any Privileges not specifically "
86 "granted are assumed to be denied. An explicit deny (Privilege "
87 "Granted = FALSE) takes precedence over any granted Privileges. "
88 "\n\n"
89 "The association of subjects (Roles and Identities) to "
90 "Privileges is accomplished using policy or explicitly via the "
91 "associations on a subclass. The entities that are protected "
92 "(targets) can be similarly defined. \n"
93 "\n"
94 "Note that Privileges may be inherited through hierarchical "
95 "Roles, or may overlap. For example, a Privilege denying any "
96 "instance Writes in a particular CIM Server Namespace would "
97 "overlap with a Privilege defining specific access rights at an "
98 "instance level within that Namespace. In this example, the "
99 "AuthorizedSubjects are either Identities or Roles, and the "
100 "AuthorizedTargets are a Namespace in the former case, and a "
101 "particular instance in the latter.")]
102 class CIM_Privilege : CIM_ManagedElement {
103
104 [Key, Description (
105 "Within the scope of the instantiating Namespace, InstanceID "
106 karl 1.1 "opaquely and uniquely identifies an instance of this class. "
107 "In order to ensure uniqueness within the NameSpace, the "
108 "value of InstanceID SHOULD be constructed using the "
109 "following 'preferred' algorithm: \n"
110 "<OrgID>:<LocalID> \n"
111 "Where <OrgID> and <LocalID> are separated by a colon ':', "
112 "and where <OrgID> MUST include a copyrighted, trademarked "
113 "or otherwise unique name that is owned by the business "
114 "entity creating/defining the InstanceID, or is a registered "
115 "ID that is assigned to the business entity by a recognized "
116 "global authority. (This is similar to the <Schema "
117 "Name>_<Class Name> structure of Schema class names.) In "
118 "addition, to ensure uniqueness <OrgID> MUST NOT contain a "
119 "colon (':'). When using this algorithm, the first colon to "
120 "appear in InstanceID MUST appear between <OrgID> and "
121 "<LocalID>. \n"
122 "<LocalID> is chosen by the business entity and SHOULD not "
123 "be re-used to identify different underlying (real-world) "
124 "elements. If the above 'preferred' algorithm is not used, "
125 "the defining entity MUST assure that the resultant "
126 "InstanceID is not re-used across any InstanceIDs produced "
127 karl 1.1 "by this or other providers for this instance's NameSpace. "
128 "For DMTF defined instances, the 'preferred' algorithm MUST "
129 "be used with the <OrgID> set to 'CIM'.")]
130 string InstanceID;
131
132 [Description (
133 "Boolean indicating whether the Privilege is granted (TRUE) "
134 "or denied (FALSE). The default is to grant permission.")]
135 boolean PrivilegeGranted = TRUE;
136
137 [Description (
138 "An enumeration indicating the activities that are granted "
139 "or denied. These activities apply to all entities specified "
140 "in the ActivityQualifiers array. The values in the "
141 "enumeration are straightforward except for one, "
142 "4=\"Detect\". This value indicates that the existence or "
143 "presence of an entity may be determined, but not "
144 "necessarily specific data (which requires the Read "
145 "privilege to be true). This activity is exemplified by "
146 "'hidden files'- if you list the contents of a directory, "
147 "you will not see hidden files. However, if you know a "
148 karl 1.1 "specific file name, or know how to expose hidden files, "
149 "then they can be 'detected'. Another example is the ability "
150 "to define search privileges in directory implementations."),
151 ValueMap { "1", "2", "3", "4", "5", "6", "7", "..", "16000.." },
152 Values { "Other", "Create", "Delete", "Detect", "Read", "Write",
153 "Execute", "DMTF Reserved", "Vendor Reserved" },
154 ArrayType ( "Indexed" ),
155 ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }]
156 uint16 Activities[];
157
158 [Description (
159 "The ActivityQualifiers property is an array of string "
160 "values used to further qualify and specify the privileges "
161 "granted or denied. For example, it is used to specify a set "
162 "of files for which 'Read'/'Write' access is permitted or "
163 "denied. Or, it defines a class' methods that may be "
164 "'Executed'. Details on the semantics of the individual "
165 "entries in ActivityQualifiers are provided by corresponding "
166 "entries in the QualifierFormats array."),
167 ArrayType ( "Indexed" ),
168 ModelCorrespondence { "CIM_Privilege.Activities",
169 karl 1.1 "CIM_Privilege.QualifierFormats" }]
170 string ActivityQualifiers[];
171
172 [Description (
173 "Defines the semantics of corresponding entries in the "
174 "ActivityQualifiers array. An example of each of these "
175 "'formats' and their use follows: \n"
176 "- 2=Class Name. Example: If the authorization target is a "
177 "CIM Service or a Namespace, then the ActivityQualifiers "
178 "entries can define a list of classes that the authorized "
179 "subject is able to create or delete. \n"
180 "- 3=<Class.>Property. Example: If the authorization target "
181 "is a CIM Service, Namespace or Collection of instances, "
182 "then the ActivityQualifiers entries can define the class "
183 "properties that may or may not be accessed. In this case, "
184 "the class names are specified with the property names to "
185 "avoid ambiguity - since a CIM Service, Namespace or "
186 "Collection could manage multiple classes. On the other "
187 "hand, if the authorization target is an individual "
188 "instance, then there is no possible ambiguity and the class "
189 "name may be omitted. To specify ALL properties, the "
190 karl 1.1 "wildcard string \"*\" should be used. \n"
191 "- 4=<Class.>Method. This example is very similar to the "
192 "Property one, above. And, as above, the string \"*\" may be "
193 "specified to select ALL methods. \n"
194 "- 5=Object Reference. Example: If the authorization target "
195 "is a CIM Service or Namespace, then the ActivityQualifiers "
196 "entries can define a list of object references (as strings) "
197 "that the authorized subject can access. \n"
198 "- 6=Namespace. Example: If the authorization target is a "
199 "CIM Service, then the ActivityQualifiers entries can define "
200 "a list of Namespaces that the authorized subject is able to "
201 "access. \n"
202 "- 7=URL. Example: An authorization target may not be "
203 "defined, but a Privilege could be used to deny access to "
204 "specific URLs by individual Identities or for specific "
205 "Roles, such as the 'under 17' Role. \n"
206 "- 8=Directory/File Name. Example: If the authorization "
207 "target is a FileSystem, then the ActivityQualifiers entries "
208 "can define a list of directories and files whose access is "
209 "protected. \n"
210 "- 9=Command Line Instruction. Example: If the authorization "
211 karl 1.1 "target is a ComputerSystem or Service, then the "
212 "ActivityQualifiers entries can define a list of command "
213 "line instructions that may or may not be 'Executed' by the "
214 "authorized subjects. \n"
215 "= 10=Packets. Example: The transmission of packets is "
216 "permitted or denied by the Privilege for the target (a "
217 "ComputerSystem, ProtocolEndpoint, Pipe, or other "
218 "ManagedSystemElement)."),
219 ValueMap { "2", "3", "4", "5", "6", "7", "8", "9", "10", "..",
220 "16000.." },
221 Values { "Class Name", "<Class.>Property", "<Class.>Method",
222 "Object Reference", "Namespace", "URL",
223 "Directory/File Name", "Command Line Instruction", "Packets",
224 "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ),
225 ModelCorrespondence { "CIM_Privilege.ActivityQualifiers" }]
226 uint16 QualifierFormats[];
227
228 [Experimental, Description (
229 "The RepresentsAuthorizationRights flag indicates whether "
230 "the rights defined by this instance should be interpreted "
231 "as rights of Subjects to access Targets or as rights of "
232 karl 1.1 "Subjects to change those rights on/for Targets.")]
233 boolean RepresentsAuthorizationRights = False;
234 };
235
236
237 // ==================================================================
238 // AuthorizedPrivilege
239 // ==================================================================
240 [Version ( "2.8.0" ), Description (
241 "Privilege is the base class for all types of activities which "
242 "are granted or denied to a Role or an Identity. "
243 "AuthorizedPrivilege is a subclass defining static renderings "
244 "of authorization policy rules. The association of Roles and "
245 "Identities to AuthorizedPrivilege is accomplished using the "
246 "AuthorizedSubject relationship. The entities that are "
247 "protected are defined using the AuthorizedTarget relationship. "
248 "\n\n"
249 "Note that this class and its AuthorizedSubject/Target "
250 "associations provide a short-hand, static mechanism to "
251 "represent authorization policies.")]
252 class CIM_AuthorizedPrivilege : CIM_Privilege {
253 karl 1.1 };
254
255
256 // ==================================================================
257 // AuthorizedSubject
258 // ==================================================================
259 [Association, Version ( "2.8.0" ), Description (
260 "CIM_AuthorizedSubject is an association used to tie specific "
261 "AuthorizedPrivileges to specific subjects (i.e., Identities, "
262 "Roles or Collections of these). At this time, only Identities "
263 "and Roles (or Collections of Identities and Roles) should be "
264 "associated to AuthorizedPrivileges using this relationship. "
265 "Note that any Privileges not explicitly granted to a subject, "
266 "SHOULD be denied.")]
267 class CIM_AuthorizedSubject {
268
269 [Key, Description (
270 "The AuthorizedPrivilege either granted or denied to an "
271 "Identity, Role or Collection. Whether the privilege is "
272 "granted or denied is defined by the inherited property, "
273 "CIM_Privilege.PrivilegeGranted.")]
274 karl 1.1 CIM_AuthorizedPrivilege REF Privilege;
275
276 [Key, Description (
277 "The Subject for which AuthorizedPrivileges are granted or "
278 "denied. Whether the privilege is granted or denied is "
279 "defined by the property, CIM_Privilege.PrivilegeGranted.")]
280 CIM_ManagedElement REF PrivilegedElement;
281 };
282
283
284 // ==================================================================
285 // AuthorizedTarget
286 // ==================================================================
287 [Association, Version ( "2.8.0" ), Description (
288 "CIM_AuthorizedTarget is an association used to tie an "
289 "Identity's or Role's AuthorizedPrivileges to specific target "
290 "resources.")]
291 class CIM_AuthorizedTarget {
292
293 [Key, Description (
294 "The AuthorizedPrivilege affecting the target resource.")]
295 karl 1.1 CIM_AuthorizedPrivilege REF Privilege;
296
297 [Key, Description (
298 "The target set of resources to which the "
299 "AuthorizedPrivilege applies.")]
300 CIM_ManagedElement REF TargetElement;
301 };
302
303
304 // ===================================================================
305 // end of file
306 // ===================================================================
|