SUMMARY: NESTED | FIELD | | METHOD |
DETAIL: FIELD | METHOD |
CIM_ManagedElement CIM_Identity
class CIM_Identity
General Information:
An instance of an Identity represents a
ManagedElement that acts as a security principal within the scope in which it is
defined and authenticated. (Note that the Identity's scope is specified using
the association, CIM_IdentityContext.) ManagedElements with Identities can be
OrganizationalEntities, Services, Systems, etc. The ManagedElement 'behind' an
Identity is described using the AssignedIdentity association.
Within a
given security context, an Identity may be imparted a level of trust, usually
based on its credentials. A trust level is defined using the
CIM_SecuritySensitivity class, and associated with Identity using
CIM_ElementSecuritySensitivity. Whether an Identity is currently authenticated
is evaluated by checking the CurrentlyAuthenticated boolean property. This
property is set and cleared by the security infrastructure, and should only be
readable within the management infrastructure. The conditions which must be
met/authenticated in order for an Identity's CurrentlyAuthenticated Boolean to
be TRUE are defined using a subclass of PolicyCondition -
AuthenticationCondition. The inheritance tree for AuthenticationCondition is
defined in the CIM Policy Model.
Subclasses of Identity may include
specific information related to a given AuthenticationService or authority (such
as a security token or computer hardware port/communication details) that more
specifically determine the authenticity of the Identity. An instance of Identity
may be persisted even though it is not CurrentlyAuthenticated, in order to
maintain static relationships to Roles, associations to accounting information,
and policy data defining authentication requirements. Note however, when an
Identity is not authenticated (CurrentlyAuthenticated = FALSE), then Privileges
or rights SHOULD NOT be authorized. The lifetime, validity, and propagation of
the Identity is dependent on a security infrastructure's
policies.
Product Specific Usage:
For every user in the system
there is an instance of this class.
There are matching instances of
CIM_Account, CIM_Role and CIM_Privilege (a 1:1:1:1 structure).
CIM_Identity
and CIM_Account are associated by CIM_AssignedIdentity, CIM_Identity and
CIM_Role by both CIM_MemberOfCollection and CIM_ConcreteDependency, and CIM_Role
and CIM_Privilege by CIM_MemberOfCollection.
Kerberos users have an
instance of CIM_RemoteIdentity (which inherits from CIM_Identity)
instead.
Qualifiers:
-------------
Version=2.19.0
UMLPackagePath=CIM::User::Identity
Supported Fields Summary | |
---|---|
string
|
ElementName A user-friendly name for the object . . . |
string
|
InstanceID Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class . . . |
Methods Summary | |
---|---|
|
Get(Instance) Gets the representation of the instance |
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an Enumerate operation |
|
Enumerate()
Enumerates the instances of this class |
|
Release(EnumerationContext)
Releases an enumeration context |
Field Detail |
---|
public string ElementName
public string InstanceID
Method Detail |
---|
public Get([OUT]CIM_Identity Instance)
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
public Enumerate()
public Release([IN]String EnumerationContext)
SUMMARY: NESTED | FIELD | METHOD |
DETAIL: FIELD | METHOD |
Copyright © 2006-2022, Intel Corporation. All rights reserved. |