Class CIM_AccessControlInformation
extends CIM_LogicalElement

CIM_AccessControlInformation provides, through its properties and its associations, the specification of the access rights granted to a set of subject users to a set of target resources. The AccessControlInformation class is weak to the system (e.g., Computer System or Administrative Domain) for which the access controls apply. This class is deprecated in lieu of two others: AuthorizedPrivilege (defining specific access details) and SecuritySensitivity (defining individual security levels). The reasons for this are: 1. More specific access details are defined in Privilege (the superclass of AuthorizedPrivilege); and, 2. SecuritySensitivity allows security levels to be applied to other elements than access control information.

Class Hierarchy

CIM_ManagedElement
   |
   +--CIM_ManagedSystemElement
   |
   +--CIM_LogicalElement
   |
   +--CIM_AccessControlInformation

Direct Known Subclasses

None.

Class Qualifiers

NameData TypeValueScopeFlavors
DeprecatedstringCIM_AuthorizedPrivilege, CIM_SecuritySensitivityTOSUBCLASS= falseNone
DescriptionstringCIM_AccessControlInformation provides, through its properties and its associations, the specification of the access rights granted to a set of subject users to a set of target resources. The AccessControlInformation class is weak to the system (e.g., Computer System or Administrative Domain) for which the access controls apply. This class is deprecated in lieu of two others: AuthorizedPrivilege (defining specific access details) and SecuritySensitivity (defining individual security levels). The reasons for this are: 1. More specific access details are defined in Privilege (the superclass of AuthorizedPrivilege); and, 2. SecuritySensitivity allows security levels to be applied to other elements than access control information.None TRANSLATABLE= true
Versionstring2.8.0TOSUBCLASS= falseTRANSLATABLE= true

Local Class Properties

NameData TypeQualifiers
NameData TypeValueScopeFlavors
Captionstring
DescriptionstringThe Caption property is a short textual description (one- line string) of the object.None TRANSLATABLE= true
MaxLenuint3264None None
CreationClassNamestring
DeprecatedstringNo valueTOSUBCLASS= falseNone
DescriptionstringCreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified.None TRANSLATABLE= true
KeybooleantrueNone OVERRIDABLE= false
MaxLenuint32256None None
Descriptionstring
DescriptionstringThe Description property provides a textual description of the object.None TRANSLATABLE= true
ElementNamestring
DescriptionstringA user-friendly name for the object. This property allows each instance to define a user-friendly name IN ADDITION TO its key properties/identity data, and description information. Note that ManagedSystemElement's Name property is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information MAY be present in both the Name and ElementName properties.None TRANSLATABLE= true
InstallDatedatetime
DescriptionstringA datetime value indicating when the object was installed. A lack of a value does not indicate that the object is not installed.None TRANSLATABLE= true
MappingStringsstringMIF.DMTF|ComponentID|001.5None None
Namestring
DeprecatedstringCIM_AuthorizedPrivilege.InstanceIDTOSUBCLASS= falseNone
DescriptionstringThe Name property defines the unique label, in the context of the hosting system, by which the AccessControlInformation is known.None TRANSLATABLE= true
KeybooleantrueNone OVERRIDABLE= false
MaxLenuint32256None None
OverridestringNameNone OVERRIDABLE= false
SecurityClassificationstring
DeprecatedstringCIM_SecuritySensitivity.SecurityLevelTOSUBCLASS= falseNone
DescriptionstringThe SecurityClassification property specifies a named level of security associated with the AccessControlInformation, e.g., 'Confidential', 'Top Secret', etc.None TRANSLATABLE= true
Statusstring
DeprecatedstringCIM_ManagedSystemElement.OperationalStatusTOSUBCLASS= falseNone
DescriptionstringA string indicating the current status of the object. Various operational and non-operational statuses are defined. This property is deprecated in lieu of OperationalStatus, which includes the same semantics in its enumeration. This change is made for 3 reasons: 1) Status is more correctly defined as an array. This overcomes the limitation of describing status via a single value, when it is really a multi-valued property (for example, an element may be OK AND Stopped. 2) A MaxLen of 10 is too restrictive and leads to unclear enumerated values. And, 3) The change to a uint16 data type was discussed when CIM V2.0 was defined. However, existing V1.0 implementations used the string property and did not want to modify their code. Therefore, Status was grandfathered into the Schema. Use of the Deprecated qualifier allows the maintenance of the existing property, but also permits an improved definition using OperationalStatus.None TRANSLATABLE= true
MaxLenuint3210None None
ValueMapstringOK, Error, Degraded, Unknown, Pred Fail, Starting, Stopping, Service, Stressed, NonRecover, No Contact, Lost Comm, StoppedNone None
SystemCreationClassNamestring
DeprecatedstringNo valueTOSUBCLASS= falseNone
DescriptionstringHosting system creation class name.None TRANSLATABLE= true
KeybooleantrueNone OVERRIDABLE= false
MaxLenuint32256None None
PropagatedstringCIM_System.CreationClassNameNone OVERRIDABLE= false
SystemNamestring
DeprecatedstringNo valueTOSUBCLASS= falseNone
DescriptionstringHosting system name.None TRANSLATABLE= true
KeybooleantrueNone OVERRIDABLE= false
MaxLenuint32256None None
PropagatedstringCIM_System.NameNone OVERRIDABLE= false
AccessQualifierstring[]
ArrayTypestringIndexedNone OVERRIDABLE= false
DeprecatedstringCIM_AuthorizedPrivilege.ActivityQualifiersTOSUBCLASS= falseNone
DescriptionstringThe AccessQualifier property is an array of string values may be used to further qualify the type of access for which the corresponding permission applies. For example, it may be used to specify a set of parameters that are permitted or denied in conjunction with the corresponding AccessType entry point name.None TRANSLATABLE= true
ModelCorrespondencestringCIM_AccessControlInformation.AccessType, CIM_AccessControlInformation.PermissionNone None
AccessTypestring[]
ArrayTypestringIndexedNone OVERRIDABLE= false
DeprecatedstringCIM_AuthorizedPrivilege.ActivitiesTOSUBCLASS= falseNone
DescriptionstringThe AccessType property is an array of string values that specifies the type of access for which the corresponding permission applies. For example, it can be used to specify a generic access such as 'Read-only', 'Read/Write', etc. for file or record access control or it can be used to specifiy an entry point name for service access control.None TRANSLATABLE= true
ModelCorrespondencestringCIM_AccessControlInformation.AccessQualifier, CIM_AccessControlInformation.PermissionNone None
OperationalStatusuint16[]
ArrayTypestringIndexedNone OVERRIDABLE= false
DescriptionstringIndicates the current status(es) of the element. Various health and operational statuses are defined. Many of the enumeration's values are self- explanatory. However, a few are not and are described in more detail. "Stressed" indicates that the element is functioning, but needs attention. Examples of "Stressed" states are overload, overheated, etc. "Predictive Failure" indicates that an element is functioning nominally but predicting a failure in the near future. "In Service" describes an element being configured, maintained, cleaned, or otherwise administered. "No Contact" indicates that the monitoring system has knowledge of this element, but has never been able to establish communications with it. "Lost Communication" indicates that the ManagedSystem Element is known to exist and has been contacted successfully in the past, but is currently unreachable. "Stopped" and "Aborted" are similar, although the former implies a clean and orderly stop, while the latter implies an abrupt stop where the element's state and configuration may need to be updated. "Dormant" indicates that the element is inactive or quiesced. "Supporting Entity in Error" describes that this element may be "OK" but that another element, on which it is dependent, is in error. An example is a network service or endpoint that cannot function due to lower layer networking problems. "Completed" indicates the element has completed its operation. This value should be combined with either OK, Error, or Degraded so that a client can till if the complete operation passed (Completed with OK), and failure (Completed with Error). Completed with Degraded would imply the operation finished, but did not complete OK or report an error. "Power Mode" indicates the element has additional power model information contained in the Associated PowerManagementService association. OperationalStatus replaces the Status property on ManagedSystemElement to provide a consistent approach to enumerations, to address implementation needs for an array property, and to provide a migration path from today's environment to the future. This change was not made earlier since it required the DEPRECATED qualifier. Due to the widespread use of the existing Status property in management applications, it is strongly RECOMMENDED that providers/instrumentation provide BOTH the Status and OperationalStatus properties. Further, the first value of OperationalStatus SHOULD contain the primary status for the element. When instrumented, Status (since it is single-valued) SHOULD also provide the primary status of the element.None TRANSLATABLE= true
ModelCorrespondencestringCIM_ManagedSystemElement.StatusDescriptionsNone None
ValueMapstring0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, .., 0x8000..None None
ValuesstringUnknown, Other, OK, Degraded, Stressed, Predictive Failure, Error, Non-Recoverable Error, Starting, Stopping, Stopped, In Service, No Contact, Lost Communication, Aborted, Dormant, Supporting Entity in Error, Completed, Power Mode, DMTF Reserved, Vendor ReservedNone TRANSLATABLE= true
Permissionstring[]
ArrayTypestringIndexedNone OVERRIDABLE= false
DeprecatedstringCIM_AuthorizedPrivilegeTOSUBCLASS= falseNone
DescriptionstringThe Permission property is an array of string values indicating the permission that applies to the corresponding AccessType and AccessQualifier array values. The values may be extended in subclasses to provide more specific access controls. This property is deprecated in lieu of the general AuthorizedPrivilege class. This is because the Permissions, 'Access' and 'Deny', are addressed by the PrivilegeGranted property, while 'Manage' maps to specific activities with their corresponding qualifiers and formats.None TRANSLATABLE= true
ModelCorrespondencestringCIM_AccessControlInformation.AccessType, CIM_AccessControlInformation.AccessQualifierNone None
ValueMapstringUnknown, Allow, Deny, ManageNone None
StatusDescriptionsstring[]
ArrayTypestringIndexedNone OVERRIDABLE= false
DescriptionstringStrings describing the various OperationalStatus array values. For example, if "Stopping" is the value assigned to OperationalStatus, then this property may contain an explanation as to why an object is being stopped. Note that entries in this array are correlated with those at the same array index in OperationalStatus.None TRANSLATABLE= true
ModelCorrespondencestringCIM_ManagedSystemElement.OperationalStatusNone None