Return to
User_AccessControl.mof
CVS log
Up to [Pegasus] / pegasus / Schemas / CIMPrelim291
|
Return to
User_AccessControl.mof
CVS log
|
Up to [Pegasus] / pegasus / Schemas / CIMPrelim291
|
|
File: [Pegasus] / pegasus / Schemas / CIMPrelim291 / Attic / User_AccessControl.mof
(download)
Revision: 1.2, Tue Jan 17 20:13:15 2006 UTC (18 years, 4 months ago) by kumpf Branch: MAIN CVS Tags: TASK-PEP362_RestfulService-merged_out_from_trunk, TASK-PEP348_SCMO-merged_out_from_trunk, TASK-PEP317_pullop-merged_out_from_trunk, TASK-PEP317_pullop-merged_in_to_trunk, TASK-PEP311_WSMan-root, TASK-PEP311_WSMan-branch, HPUX_TEST, HEAD Changes since 1.1: +4 -4 lines FILE REMOVED BUG#: 4664 TITLE: CIMPrelim291 schema is obsolete DESCRIPTION: Removing the obsolete schema. |
// ===================================================================
// Title: User AccessControl
// $State: dead $
// $Date: 2006/01/17 20:13:15 $
// $Source: /cvs/MSB/pegasus/Schemas/CIMPrelim291/Attic/User_AccessControl.mof,v $
// $Revision: 1.2 $
// ===================================================================
//#pragma inLine ("Includes/copyright.inc")
// Copyright 1998-2005 Distributed Management Task Force, Inc. (DMTF).
// All rights reserved.
// DMTF is a not-for-profit association of industry members dedicated
// to promoting enterprise and systems management and interoperability.
// DMTF specifications and documents may be reproduced for uses
// consistent with this purpose by members and non-members,
// provided that correct attribution is given.
// As DMTF specifications may be revised from time to time,
// the particular version and release date should always be noted.
//
// Implementation of certain elements of this standard or proposed
// standard may be subject to third party patent rights, including
// provisional patent rights (herein "patent rights"). DMTF makes
// no representations to users of the standard as to the existence
// of such rights, and is not responsible to recognize, disclose, or
// identify any or all such third party patent right, owners or
// claimants, nor for any incomplete or inaccurate identification or
// disclosure of such rights, owners or claimants. DMTF shall have no
// liability to any party, in any manner or circumstance, under any
// legal theory whatsoever, for failure to recognize, disclose, or
// identify any such third party patent rights, or for such party's
// reliance on the standard or incorporation thereof in its product,
// protocols or testing procedures. DMTF shall have no liability to
// any party implementing such standard, whether such implementation
// is foreseeable or not, nor to any patent owner or claimant, and shall
// have no liability or responsibility for costs or losses incurred if
// a standard is withdrawn or modified after publication, and shall be
// indemnified and held harmless by any party implementing the
// standard from any and all claims of infringement by a patent owner
// for such implementations.
//
// For information about patents held by third-parties which have
// notified the DMTF that, in their opinion, such patent may relate to
// or impact implementations of DMTF standards, visit
// http://www.dmtf.org/about/policies/disclosures.php.
//#pragma inLine
// ===================================================================
// Description: The User Model extends the management concepts that
// are related to users and security.
// This file defines the concepts and classes for
// access control.
//
// The object classes below are listed in an order that
// avoids forward references. Required objects, defined
// by other working groups, are omitted.
// ===================================================================
// Change Log for v2.8 Final
// CR1219 - Changes to AccessControlInfo.Description accepted for
// Final,
// as well as deprecations of AccessControlInformation,
// HostedACI,
// AuthorizedUse, AuthorizationSubject, and
// AuthorizationTarget
// CR1229 - Addition of the ArrayType qualifier to AccessControl
// Information's AccessType, AccessQualifier and Permission
// properties
// CR1235 - Updated the deprecation and Description of
// AccessControlInformation.Permission / Updated the other
// deprecations in AccessControlInformation such that they all
// referenced AuthorizedPrivilege / Accepted the subclassing
// change for HostedACI
//
// Change Log for v2.8 Preliminary (Company Review)
// CR1128 - Changed subclassing of HostedACI from Dependency to
// HostedDependency.
//
// Change Log for v2.8 Preliminary
// CR1011 - Deprecated AccessControlInformation, HostedACI,
// AuthorizedUse, AuthorizationTarget, AuthorizationSubject
//
// Change Log for v2.7 - None
// ===================================================================
#pragma Locale ("en_US")
// ==================================================================
// AccessControlInformation
// ==================================================================
[Deprecated { "CIM_AuthorizedPrivilege", "CIM_SecuritySensitivity" },
Version ( "2.8.0" ), Description (
"CIM_AccessControlInformation provides, through its properties "
"and its associations, the specification of the access rights "
"granted to a set of subject users to a set of target "
"resources. The AccessControlInformation class is weak to the "
"system (e.g., Computer System or Administrative Domain) for "
"which the access controls apply. \n"
"\n"
"This class is deprecated in lieu of two others: "
"AuthorizedPrivilege (defining specific access details) and "
"SecuritySensitivity (defining individual security levels). The "
"reasons for this are: 1. More specific access details are "
"defined in Privilege (the superclass of AuthorizedPrivilege); "
"and, 2. SecuritySensitivity allows security levels to be "
"applied to other elements than access control information.")]
class CIM_AccessControlInformation : CIM_LogicalElement {
[Deprecated { "No value" }, Key,
Propagated ( "CIM_System.CreationClassName" ), Description (
"Hosting system creation class name."),
MaxLen ( 256 )]
string SystemCreationClassName;
[Deprecated { "No value" }, Key, Propagated ( "CIM_System.Name" ),
Description (
"Hosting system name."),
MaxLen ( 256 )]
string SystemName;
[Deprecated { "No value" }, Key, Description (
"CreationClassName indicates the name of the class or the "
"subclass used in the creation of an instance. When used "
"with the other key properties of this class, this property "
"allows all instances of this class and its subclasses to be "
"uniquely identified."),
MaxLen ( 256 )]
string CreationClassName;
[Deprecated { "CIM_AuthorizedPrivilege.InstanceID" }, Key,
Override ( "Name" ), Description (
"The Name property defines the unique label, in the context "
"of the hosting system, by which the "
"AccessControlInformation is known."),
MaxLen ( 256 )]
string Name;
[Deprecated { "CIM_SecuritySensitivity.SecurityLevel" },
Description (
"The SecurityClassification property specifies a named level "
"of security associated with the AccessControlInformation, "
"e.g., 'Confidential', 'Top Secret', etc.")]
string SecurityClassification;
[Deprecated { "CIM_AuthorizedPrivilege.Activities" },
Description (
"The AccessType property is an array of string values that "
"specifies the type of access for which the corresponding "
"permission applies. For example, it can be used to specify "
"a generic access such as 'Read-only', 'Read/Write', etc. "
"for file or record access control or it can be used to "
"specifiy an entry point name for service access control."),
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AccessControlInformation.AccessQualifier",
"CIM_AccessControlInformation.Permission" }]
string AccessType[];
[Deprecated { "CIM_AuthorizedPrivilege.ActivityQualifiers" },
Description (
"The AccessQualifier property is an array of string values "
"may be used to further qualify the type of access for which "
"the corresponding permission applies. For example, it may "
"be used to specify a set of parameters that are permitted "
"or denied in conjunction with the corresponding AccessType "
"entry point name."),
ArrayType ( "Indexed" ),
ModelCorrespondence { "CIM_AccessControlInformation.AccessType",
"CIM_AccessControlInformation.Permission" }]
string AccessQualifier[];
[Deprecated { "CIM_AuthorizedPrivilege" }, Description (
"The Permission property is an array of string values "
"indicating the permission that applies to the corresponding "
"AccessType and AccessQualifier array values. The values may "
"be extended in subclasses to provide more specific access "
"controls. \n"
"\n"
"This property is deprecated in lieu of the general "
"AuthorizedPrivilege class. This is because the Permissions, "
"'Access' and 'Deny', are addressed by the PrivilegeGranted "
"property, while 'Manage' maps to specific activities with "
"their corresponding qualifiers and formats."),
ValueMap { "Unknown", "Allow", "Deny", "Manage" },
ArrayType ( "Indexed" ),
ModelCorrespondence { "CIM_AccessControlInformation.AccessType",
"CIM_AccessControlInformation.AccessQualifier" }]
string Permission[];
};
// ==================================================================
// HostedACI
// ==================================================================
[Association, Deprecated { "No value" }, Version ( "2.8.0" ),
Description (
"CIM_HostedACI is an association used to provide the namespace "
"scoping of AccessControlInformation. Since the referenced "
"class, AccessControlInformation, is deprecated, this Weak "
"association is similarly deprecated. Also, although "
"Privileges/access control can be defined in the context of a "
"System, this is not a mandatory association nor does it "
"provide any additional semantics for the Privilege. Therefore, "
"HostedACI is deprecated with no replacement association.")]
class CIM_HostedACI : CIM_HostedDependency {
[Deprecated { "No value" }, Override ( "Antecedent" ), Min ( 1 ),
Max ( 1 ), Description (
"The hosting system.")]
CIM_System REF Antecedent;
[Deprecated { "No value" }, Override ( "Dependent" ), Weak,
Description (
"The hosted AccessControlInformation.")]
CIM_AccessControlInformation REF Dependent;
};
// ==================================================================
// AuthorizedUse
// ==================================================================
[Association, Deprecated { "No value" }, Version ( "2.8.0" ),
Description (
"CIM_AuthorizedUse is an association used to provide an "
"AuthorizationService with the AccessControlInformation it "
"needs to do its job. This association is deprecated with no "
"proposed replacement, since authorization processing will be "
"handled via policy or static checking of Privileges.")]
class CIM_AuthorizedUse : CIM_Dependency {
[Deprecated { "No value" }, Override ( "Antecedent" ),
Description (
"Access Control Information.")]
CIM_AccessControlInformation REF Antecedent;
[Deprecated { "No value" }, Override ( "Dependent" ),
Description (
"AuthorizationService that uses an ACI.")]
CIM_AuthorizationService REF Dependent;
};
// ==================================================================
// AuthorizationSubject
// ==================================================================
[Association, Deprecated { "CIM_AuthorizedSubject" },
Version ( "2.8.0" ), Description (
"CIM_AuthorizationSubject is an association used to apply "
"authorization decisions to specific subjects (i.e., users). "
"This association is deprecated in lieu of a semantically "
"equivalent one, AuthorizedSubject, since one of the referenced "
"classes (AccessControlInformation) has been deprecated.")]
class CIM_AuthorizationSubject : CIM_Dependency {
[Deprecated { "CIM_AuthorizedSubject.Privilege" },
Override ( "Antecedent" ), Description (
"AccessControlInformation that applies to a subject set.")]
CIM_AccessControlInformation REF Antecedent;
[Deprecated { "CIM_AuthorizedSubject.PrivilegedElement" },
Override ( "Dependent" ), Description (
"The subject set may be specified as a collection or as a "
"set of associations to ManagedElements that represent "
"users.")]
CIM_ManagedElement REF Dependent;
};
// ==================================================================
// AuthorizationTarget
// ==================================================================
[Association, Deprecated { "CIM_AuthorizedTarget" },
Version ( "2.8.0" ), Description (
"CIM_AuthorizationTarget is an association used to apply "
"authorization decisions to specific target resources. The "
"target resources may be aggregated into a collection or may be "
"represented as a set of associations to ManagedElements. This "
"association is deprecated in lieu of a semantically equivalent "
"one, AuthorizedTarget, since one of the referenced classes "
"(AccessControlInformation) has been deprecated.")]
class CIM_AuthorizationTarget : CIM_Dependency {
[Deprecated { "CIM_AuthorizedTarget.Privilege" },
Override ( "Antecedent" ), Description (
"AccessControlInformation that applies to the target set.")]
CIM_AccessControlInformation REF Antecedent;
[Deprecated { "CIM_AuthorizedTarget.TargetElement" },
Override ( "Dependent" ), Description (
"The target set of resources may be specified as a "
"collection or as a set of associations to ManagedElements "
"that represent target resources.")]
CIM_ManagedElement REF Dependent;
};
// ===================================================================
// end of file
// ===================================================================
| No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |