summaryrefslogtreecommitdiffstats
path: root/Schemas/CIM228/DMTF/Policy
diff options
context:
space:
mode:
Diffstat (limited to 'Schemas/CIM228/DMTF/Policy')
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_AcceptCredentialFrom.mof47
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_AccountAuthentication.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_AuthenticationCondition.mof18
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_AuthenticationRule.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_BiometricAuthentication.mof37
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyAction.mof51
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyCondition.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_DocumentAuthentication.mof38
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_ElementInPolicyRoleCollection.mof26
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_FilterOfPacketCondition.mof32
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_KerberosAuthentication.mof17
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_MethodAction.mof118
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_NetworkPacketAction.mof37
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_NetworkingIDAuthentication.mof20
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PacketFilterCondition.mof34
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PhysicalCredentialAuthentication.mof38
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_Policy.mof39
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyAction.mof88
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyAction.mof23
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRepository.mof41
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRule.mof39
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyActionStructure.mof65
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyComponent.mof21
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyCondition.mof85
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyCondition.mof27
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRepository.mof41
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRule.mof26
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionStructure.mof54
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyContainerInPolicyContainer.mof23
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyGroup.mof36
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInPolicyGroup.mof27
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInSystem.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyInSystem.mof33
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRepository.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRepositoryInPolicyRepository.mof31
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollection.mof75
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollectionInSystem.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRule.mof176
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInPolicyGroup.mof28
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInSystem.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleValidityPeriod.mof36
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySet.mof87
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySetAppliesToElement.mof26
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySetComponent.mof41
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySetInRoleCollection.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySetInSystem.mof37
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicySetValidityPeriod.mof48
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PolicyTimePeriodCondition.mof285
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_PublicPrivateKeyAuthentication.mof24
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_QueryCondition.mof79
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_RejectConnectionAction.mof17
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicy.mof22
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicyContainer.mof16
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_SharedSecretAuthentication.mof23
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyAction.mof37
-rw-r--r--Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyCondition.mof37
56 files changed, 2482 insertions, 0 deletions
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_AcceptCredentialFrom.mof b/Schemas/CIM228/DMTF/Policy/CIM_AcceptCredentialFrom.mof
new file mode 100644
index 0000000..3b09ae6
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_AcceptCredentialFrom.mof
@@ -0,0 +1,47 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "This association specifies that a credential management "
+ "service (e.g., CertificateAuthority or Kerberos key "
+ "distribution service) is to be trusted to certify credentials, "
+ "presented at the packet level. The association defines an "
+ "\'approved\' CredentialManagementService that is used for "
+ "validation. \n"
+ "\n"
+ "The use of this class is best explained via an example: \n"
+ "If a CertificateAuthority is specified using this association, "
+ "and a corresponding X509CredentialFilterEntry is also "
+ "associated with a PacketFilterCondition (via the relationship, "
+ "FilterOfPacketCondition), then the credential MUST match the "
+ "FilterEntry data AND be certified by that CA (or one of the "
+ "CredentialManagementServices in its trust hierarchy). "
+ "Otherwise, the X509CredentialFilterEntry is deemed not to "
+ "match. If a credential is certified by a "
+ "CredentialManagementService associated with the "
+ "PacketFilterCondition through the AcceptCredentialFrom "
+ "relationship, but there is no corresponding "
+ "CredentialFilterEntry, then all credentials from the related "
+ "service are considered to match." ),
+ MappingStrings { "IPSP Policy Model.IETF|AcceptCredentialFrom" }]
+class CIM_AcceptCredentialFrom : CIM_Dependency {
+
+ [Override ( "Antecedent" ),
+ Description (
+ "The CredentialManagementService that is issuing the "
+ "credential to be matched in the PacketFilterCondition." ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|AcceptCredentialFrom.Antecedent" }]
+ CIM_CredentialManagementService REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description (
+ "The PacketFilterCondition that associates the "
+ "CredentialManagementService and any "
+ "FilterLists/FilterEntries." ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|AcceptCredentialFrom.Dependent" }]
+ CIM_PacketFilterCondition REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_AccountAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_AccountAuthentication.mof
new file mode 100644
index 0000000..d097a01
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_AccountAuthentication.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines a "
+ "specific identity whose account credentials should be "
+ "authenticated." )]
+class CIM_AccountAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "String defining the account\'s ID which is authenticated." )]
+ string AccountID;
+
+ [Description (
+ "String defining a hostname, URI or other information "
+ "identifying the system where the Account resides." )]
+ string AccountContext;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationCondition.mof
new file mode 100644
index 0000000..aad710a
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationCondition.mof
@@ -0,0 +1,18 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Abstract, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An abstract class whose subclasses describe one of a company\'s "
+ "and/or administrator\'s credential requirements, and/or other "
+ "information that should be authenticated in order to "
+ "establish/trust a CIM_Identity. The PolicyConditions collected "
+ "by an instance of AuthenticationRule describe the various "
+ "requirements under which a CIM_Identity\'s "
+ "CurrentlyAuthenticated Boolean is set to TRUE. Note that the "
+ "CIM_Identities which are authenticated are specified through "
+ "the AuthenticationRule, using the PolicySet AppliesToElement "
+ "association." )]
+class CIM_AuthenticationCondition : CIM_PolicyCondition {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationRule.mof b/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationRule.mof
new file mode 100644
index 0000000..e2e6bc2
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_AuthenticationRule.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class representing a company\'s and/or administrator\'s "
+ "authentication requirements for a CIM_Identity. The "
+ "PolicyConditions collected by an instance of "
+ "AuthenticationRule describe the various requirements under "
+ "which a CIM_Identity\'s CurrentlyAuthenticated Boolean is set "
+ "to TRUE. Note that the CIM_Identities which are authenticated "
+ "are tied to the Rule by the association, PolicySet "
+ "AppliesToElement. \n"
+ "\n"
+ "At this time, there are no actions associated with this "
+ "PolicyRule. This is because the actions are implicit. When the "
+ "conditions of the rule are met, then the "
+ "CurrentlyAuthenticated Boolean properties of the associated "
+ "instances of CIM_Identity are set to TRUE." )]
+class CIM_AuthenticationRule : CIM_PolicyRule {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_BiometricAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_BiometricAuthentication.mof
new file mode 100644
index 0000000..62593db
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_BiometricAuthentication.mof
@@ -0,0 +1,37 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines specific "
+ "biometric data that should be authenticated." )]
+class CIM_BiometricAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "Integer enumeration identifying the biometric data that "
+ "should be authenticated." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7", "8" },
+ Values { "Other", "Facial", "Retina", "Mark", "Finger",
+ "Voice", "DNA-RNA", "EEG" },
+ ModelCorrespondence {
+ "CIM_BiometricAuthentication.OtherBiometric" }]
+ uint16 TypeOfBiometric;
+
+ [Description (
+ "String specifying the biometric when the TypeOfBiometric "
+ "property is set to 1, \"Other\"." ),
+ ModelCorrespondence {
+ "CIM_BiometricAuthentication.TypeOfBiometric" }]
+ string OtherBiometric;
+
+ [Description (
+ "String defining a specific biometric code, which may be "
+ "validated by the security infrastructure. If this "
+ "property is left blank, it is the responsibility of the "
+ "infrastructure to verify the biometric (which MUST be of "
+ "a type specified by the TypeOfBiometric property)." )]
+ string PersonalIdentifier;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyAction.mof
new file mode 100644
index 0000000..9d95e78
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyAction.mof
@@ -0,0 +1,51 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "CompoundPolicyAction is used to represent an expression "
+ "consisting of an ordered sequence of action terms. Each action "
+ "term is represented as a subclass of the PolicyAction class. "
+ "Compound actions are constructed by associating dependent "
+ "action terms together using the PolicyActionInPolicyAction "
+ "aggregation." )]
+class CIM_CompoundPolicyAction : CIM_PolicyAction {
+
+ [Description (
+ "This property gives a policy administrator a way of "
+ "specifying how the ordering of the PolicyActions "
+ "associated with this PolicyRule is to be interpreted. "
+ "Three values are supported: \n"
+ "o mandatory(1): Do the actions in the indicated order, "
+ "or don\'t do them at all. \n"
+ "o recommended(2): Do the actions in the indicated order "
+ "if you can, but if you can\'t do them in this order, do "
+ "them in another order if you can. \n"
+ "o dontCare(3): Do them -- I don\'t care about the order. \n"
+ "The default value is 3 (\"DontCare\")." ),
+ ValueMap { "1", "2", "3" },
+ Values { "Mandatory", "Recommended", "Dont Care" }]
+ uint16 SequencedActions = 3;
+
+ [Description (
+ "ExecutionStrategy defines the strategy to be used in "
+ "executing the sequenced actions aggregated by this "
+ "CompoundPolicyAction. There are three execution "
+ "strategies: \n"
+ "\n"
+ "Do Until Success - execute actions according to "
+ "predefined order, until successful execution of a single "
+ "action. \n"
+ "Do All - execute ALL actions which are part of the "
+ "modeled set, according to their predefined order. "
+ "Continue doing this, even if one or more of the actions "
+ "fails. \n"
+ "Do Until Failure - execute actions according to "
+ "predefined order, until the first failure in execution "
+ "of an action instance. \n"
+ "The default value is 2 (\"Do All\")." ),
+ ValueMap { "1", "2", "3" },
+ Values { "Do Until Success", "Do All", "Do Until Failure" }]
+ uint16 ExecutionStrategy = 2;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyCondition.mof
new file mode 100644
index 0000000..0fa2535
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_CompoundPolicyCondition.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "CompoundPolicyCondition is used to represent compound "
+ "conditions formed by aggregating simpler policy conditions. "
+ "Compound conditions are constructed by associating subordinate "
+ "condition terms together using the "
+ "PolicyConditionInPolicyCondition aggregation." )]
+class CIM_CompoundPolicyCondition : CIM_PolicyCondition {
+
+ [Description (
+ "Indicates whether the list of CompoundPolicyConditions "
+ "associated with this PolicyRule is in disjunctive normal "
+ "form (DNF) or conjunctive normal form (CNF). The default "
+ "value is 1 (\"DNF\")." ),
+ ValueMap { "1", "2" },
+ Values { "DNF", "CNF" }]
+ uint16 ConditionListType;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_DocumentAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_DocumentAuthentication.mof
new file mode 100644
index 0000000..9a14647
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_DocumentAuthentication.mof
@@ -0,0 +1,38 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines the "
+ "specific document that should be authenticated." )]
+class CIM_DocumentAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "Integer enumeration identifying the document that should "
+ "be authenticated." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7" },
+ Values { "Other", "Passport", "Birth Certificate",
+ "Credit Card", "Drivers License", "Membership Card",
+ "Social Security Card" },
+ ModelCorrespondence {
+ "CIM_DocumentAuthentication.OtherDocument" }]
+ uint16 TypeOfDocument;
+
+ [Description (
+ "String specifying the document when the TypeOfDocument "
+ "property is set to 1, \"Other\"." ),
+ ModelCorrespondence {
+ "CIM_DocumentAuthentication.TypeOfDocument" }]
+ string OtherDocument;
+
+ [Description (
+ "String defining a particular document which may be used "
+ "in the authentication process for example, a specific "
+ "driver\'s license or passport number. If left blank, "
+ "then any valid document matching the category specified "
+ "by the TypeOfDocument property, can be accepted." )]
+ string DocumentIdentifier;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_ElementInPolicyRoleCollection.mof b/Schemas/CIM228/DMTF/Policy/CIM_ElementInPolicyRoleCollection.mof
new file mode 100644
index 0000000..e35812d
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_ElementInPolicyRoleCollection.mof
@@ -0,0 +1,26 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An ElementInPolicyRoleCollection aggregates zero or more "
+ "ManagedElement subclass instances into a PolicyRoleCollection "
+ "object, representing a role played by these ManagedElements. "
+ "This Collection indicates that the aggregated PolicySets "
+ "(aggregated by CIM_PolicySetInRoleCollection) MAY BE applied "
+ "to the referenced elements. To indicate that the PolicySets "
+ "ARE being enforced for the element, use the "
+ "PolicySetAppliesToElement association." )]
+class CIM_ElementInPolicyRoleCollection : CIM_MemberOfCollection {
+
+ [Aggregate, Override ( "Collection" ),
+ Description ( "The PolicyRoleCollection." )]
+ CIM_PolicyRoleCollection REF Collection;
+
+ [Override ( "Member" ),
+ Description (
+ "The ManagedElement that plays the role represented by "
+ "the PolicyRoleCollection." )]
+ CIM_ManagedElement REF Member;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_FilterOfPacketCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_FilterOfPacketCondition.mof
new file mode 100644
index 0000000..6ff00d8
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_FilterOfPacketCondition.mof
@@ -0,0 +1,32 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "FilterOfPacketCondition associates a network traffic "
+ "specification (i.e., a FilterList) with a PolicyRule\'s "
+ "PacketFilterCondition." ),
+ MappingStrings { "IPSP Policy Model.IETF|FilterOfSACondition" }]
+class CIM_FilterOfPacketCondition : CIM_Dependency {
+
+ [Override ( "Antecedent" ),
+ Min ( 1 ),
+ Max ( 1 ),
+ Description (
+ "A FilterList describes the traffic selected by the "
+ "PacketFilterCondition. A PacketFilterCondition is "
+ "associated with one and only one FilterList, but that "
+ "filter list may aggregate many filter entries." ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|FilterOfSACondition.Antecedent" }]
+ CIM_FilterList REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description (
+ "The PacketFilterCondition that uses the FilterList as "
+ "part of a PolicyRule." ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|FilterOfSACondition.Dependent" }]
+ CIM_PacketFilterCondition REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_KerberosAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_KerberosAuthentication.mof
new file mode 100644
index 0000000..7dec2e4
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_KerberosAuthentication.mof
@@ -0,0 +1,17 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines a user "
+ "whose Kerberos ticket should be authenticated." )]
+class CIM_KerberosAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "String holding the user name for which the ticket is issued."
+ )]
+ string UserName;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_MethodAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_MethodAction.mof
new file mode 100644
index 0000000..b602ed4
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_MethodAction.mof
@@ -0,0 +1,118 @@
+// Copyright (c) 2009 DMTF. All rights reserved.
+ [Version ( "2.22.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "MethodAction is a PolicyAction that MAY invoke methods as "
+ "defined by a query. If there are no results returned from the "
+ "query, then no methods are called, otherwise each query result "
+ "row defines the method to call and its parameters. The called "
+ "method MAY be either an intrinsic method of a CIM Namespace or "
+ "an extrinsic method of a CIM_ManagedElement. \n"
+ "\n"
+ "In order to correlate between methods called by this "
+ "MethodAction and any other invoked Methods, InstMethodCall "
+ "indications MAY be created for the method calls that result "
+ "from this MethodAction. These indications are named by the "
+ "value in the InstMethodCallName property. These indications "
+ "MUST be produced if that InstMethodCallName value is included "
+ "in the FROM clause of the query of some other MethodAction "
+ "instance within the same PolicyRule. (The details of how this "
+ "is accomplished are implementation dependent.) \n"
+ "\n"
+ "The input parameters to the method are defined by the query "
+ "and MAY be fixed values defined by literals or MAY be defined "
+ "by reference to one or more properties of classes named in the "
+ "FROM clause of the query. The referenced objects MAY be those "
+ "produced by QueryConditions or MethodActions instances "
+ "associated to the same PolicyRule instance." )]
+class CIM_MethodAction : CIM_PolicyAction {
+
+ [Required, Description (
+ "In the context of the associated PolicyRule, "
+ "InstMethodCallName defines a unique name for the "
+ "InstMethodCall instances that result from the methods "
+ "invoked as a result of evaluating the Query string. This "
+ "name MAY be used in subsequent MethodActions of the same "
+ "PolicyRule to identify the set of InstMethodCall "
+ "instances that result from evaluation of this "
+ "MethodAction in the context of its PolicyRule. This "
+ "string is treated as a class name, in a query statement." ),
+ ModelCorrespondence { "CIM_MethodAction.Query" }]
+ string InstMethodCallName;
+
+ [Required, Description (
+ "A query expression that defines the method to invoke and "
+ "its input parameters. These are defined by the first and "
+ "subsequent select-list entries in the Query string\'s "
+ "select-criteria. The FROM clause MAY reference any "
+ "object, including those named by the QueryResultName and "
+ "MethodCallName produced by QueryConditions or "
+ "MethodActions of the same PolicyRule. \n"
+ "Note that both intrinsic and extrinsic methods MAY be "
+ "called. The first select-list entry MUST be an object "
+ "Path to a method. For consistency it SHOULD be called "
+ "MethodName. However, if there is a conflict with "
+ "existing parameter names, it MAY be called something "
+ "else. The remaining select list entries are not "
+ "positional and MUST use the name of the corresponding "
+ "method parameter. \n"
+ "The object path to a method is defined here as a WBEM "
+ "URI, (see DSP0207) dot concatenated with a method name. "
+ "It must have the form: [<wbemURI>, \".\",] <MethodName>. \n"
+ "The named method may be intrinsic or extrinsic. "
+ "Extrinsics may be at class level (i.e. static) or not. \n"
+ "The particular instance of this class that is invoking "
+ "the specified method defines the default namespace, "
+ "class, and key values. If any of these are missing from "
+ "the WBEM URI, these defaults are assumed. \n"
+ "For intrinsic methods (as defined in the \"Specification "
+ "for CIM Operations over HTTP\", see DSP0200), any class "
+ "name or key values specified in the WBEM URI are "
+ "ignored. Similarly, key values are ignored for static "
+ "methods. \n"
+ "Intrinsic methods that take an <instancename>, an "
+ "<objectname>, an <instance>, or a <namedinstance> (as "
+ "defined in DSP0200) as an input parameter are "
+ "preprocessed by the implementation of the MethodAction "
+ "instance. For each of <instancename> or <objectname>, "
+ "the corresponding input parameter name is set to a WBEM "
+ "URI of the instance or class. /n For each of <instance> "
+ "or <namedinstance>, the corresponding input parameter "
+ "must be set to a WBEM URI to the instance or class. "
+ "Properties of that instance are passed as additional "
+ "select list entries with the name of the corresponding "
+ "parameter dot appended with the name of the named "
+ "instance property. \n"
+ "For example: if the call is to ModifyInstance, then "
+ "parameter ModifiedInstance is set to the= <wbemURI> of "
+ "the instance to modify and for each relevant property to "
+ "modify, a parameter is supplied with the name "
+ "ModifiedInstance.<propertyName> and is set to the new "
+ "value for the named property." ),
+ ModelCorrespondence { "CIM_MethodAction.InstMethodCallName",
+ "CIM_MethodAction.QueryLanguage" }]
+ string Query;
+
+ [Required, Description (
+ "The language in which the Query string is expressed./n "
+ "CQL - refers to the \'DMTF:CQL\' language defined by "
+ "DSP0200. \n"
+ "CQL: indicates a CIM Query Language string. \n"
+ "CQLT: indicates a CIM Query Language Template string. "
+ "When used, the identifiers recognized in the "
+ "$identifier$ tokens are \"SELF\" and the property names "
+ "of this class, or one of its subclasses. When used in "
+ "the Query string, $SELF$ will be replaced by a string "
+ "corresponding to a WBEM URI referencing the instance of "
+ "this class that contains the Query template string. "
+ "Tokens of the form $<propertyname>$ will be replaced by "
+ "a string representing the corresponding property value "
+ "of the instance of this class that contains the Query "
+ "string." ),
+ ValueMap { "2", "3", "..", "0x8000.." },
+ Values { "CQL", "CQLT", "DMTF Reserved", "Vendor Reserved" },
+ ModelCorrespondence { "CIM_MethodAction.Query" }]
+ uint16 QueryLanguage = 2;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_NetworkPacketAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_NetworkPacketAction.mof
new file mode 100644
index 0000000..62a4e12
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_NetworkPacketAction.mof
@@ -0,0 +1,37 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "NetworkPacketAction standardizes different processing options "
+ "that can be taken at the network packet level. The specific "
+ "action is defined in the PacketAction enumerated property. "
+ "Note that this property can be used in conjunction with other "
+ "actions aggregated into a Rule, to fully define its effects. "
+ "For example, when aggregated with the SAStaticAction class, "
+ "NetworkPacketAction indicates whether a specific packet will "
+ "be encrypted, bypassed or discarded for the lifetime of the "
+ "Security Association." )]
+class CIM_NetworkPacketAction : CIM_PolicyAction {
+
+ [Description (
+ "A network packet can be processed, bypassed for "
+ "processing (i.e., allowed to continue without further "
+ "processing, such as being forwarded in the clear versus "
+ "being encrypted), or discarded. This enumeration "
+ "indicates how a packet should be handled if a "
+ "PolicyRule\'s PolicyConditions evaluate to TRUE." ),
+ ValueMap { "1", "2", "3", "4" },
+ Values { "Other", "Processed", "Bypassed", "Discarded" },
+ MappingStrings { "IPSP Policy Model.IETF|IPsecBypassAction",
+ "IPSP Policy Model.IETF|IPsecDiscardAction" },
+ ModelCorrespondence { "CIM_NetworkPacketAction.OtherAction" }]
+ uint16 PacketAction;
+
+ [Description (
+ "Description of the action when the value 1 (\"Other\") "
+ "is specified for the property, PacketAction." ),
+ ModelCorrespondence { "CIM_NetworkPacketAction.PacketAction" }]
+ string OtherAction;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_NetworkingIDAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_NetworkingIDAuthentication.mof
new file mode 100644
index 0000000..eb180a0
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_NetworkingIDAuthentication.mof
@@ -0,0 +1,20 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class specifies that a "
+ "networking ID or address should be verified." )]
+class CIM_NetworkingIDAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "A string defining the specific type/subclass of "
+ "CIM_Identity which specifies the networking information. "
+ "For example, CIM_StorageHardwareID would be entered in "
+ "this property to identify that a \'known\' port should "
+ "be observed." )]
+ string NetworkingIdentityClassName;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PacketFilterCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_PacketFilterCondition.mof
new file mode 100644
index 0000000..49aaea7
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PacketFilterCondition.mof
@@ -0,0 +1,34 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PacketFilterCondition specifies packet selection criteria (via "
+ "association to FilterLists) for firewall policies, IPsec "
+ "policies and similar uses. It is used as an anchor point to "
+ "associate various types of filters with policy rules via the "
+ "FilterOfPacketCondition association. By definition, policy "
+ "rules that aggregate PacketFilterCondition are assumed to "
+ "operate against every packet received and/or transmitted from "
+ "an ingress and/or egress point. (Whether policy condition "
+ "evaluation occurs at ingress or egress is specified by the "
+ "Direction property in the associated FilterList.) "
+ "PacketFilterCondition MAY also be used to define the specific "
+ "CredentialManagementService that validates the credentials "
+ "carried in a packet. This is accomplished using the "
+ "association, AcceptCredentialFrom. \n"
+ "\n"
+ "Associated objects (such as FilterListsor Credential "
+ "ManagementServices) represent components of the condition that "
+ "MAY or MAY NOT apply at a given rule evaluation. For example, "
+ "an AcceptCredentialFrom evaluation is only performed when a "
+ "credential is available to be evaluated and compared against "
+ "the list of trusted credential management services. Similarly, "
+ "a PeerIDPayloadFilterEntry MAY only be evaluated when an ID "
+ "payload is available for checking. Condition components that "
+ "do not have applicability at rule evaluation time, MUST be "
+ "evaluated to TRUE." ),
+ MappingStrings { "IPSP Policy Model.IETF|SACondition" }]
+class CIM_PacketFilterCondition : CIM_PolicyCondition {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PhysicalCredentialAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_PhysicalCredentialAuthentication.mof
new file mode 100644
index 0000000..16817de
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PhysicalCredentialAuthentication.mof
@@ -0,0 +1,38 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines the "
+ "specific type of physical credential that should be "
+ "authenticated." )]
+class CIM_PhysicalCredentialAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "Integer enumeration identifying the credential that "
+ "should be authenticated." ),
+ ValueMap { "1", "2", "3", "4" },
+ Values { "Other", "Magnetic Stripe Card", "Smart Card",
+ "Password Generator Card" },
+ ModelCorrespondence {
+ "CIM_PhysicalCredentialAuthentication.OtherCredential" }]
+ uint16 TypeOfCredential;
+
+ [Description (
+ "String specifying the credential when the "
+ "TypeOfCredential property is set to 1, \"Other\"." ),
+ ModelCorrespondence {
+ "CIM_PhysicalCredentialAuthentication.TypeOfCredential" }]
+ string OtherCredential;
+
+ [Description (
+ "String defining a character or binary sequence, which is "
+ "built into the physical credential to identify it. If "
+ "left blank, it is the responsibility of the security "
+ "infrastructure to verify that a valid credential (of the "
+ "specified type) has been used." )]
+ string PhysicalIdentifier;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_Policy.mof b/Schemas/CIM228/DMTF/Policy/CIM_Policy.mof
new file mode 100644
index 0000000..67a78e8
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_Policy.mof
@@ -0,0 +1,39 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Abstract, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An abstract class defining the common properties of the policy "
+ "managed elements derived from CIM_Policy. The subclasses are "
+ "used to create rules and groups of rules that work together to "
+ "form a coherent set of policies within an administrative "
+ "domain or set of domains." )]
+class CIM_Policy : CIM_ManagedElement {
+
+ [Description (
+ "A user-friendly name of this policy-related object." )]
+ string CommonName;
+
+ [Description (
+ "An array of keywords for characterizing / categorizing "
+ "policy objects. Keywords are of one of two types: \n"
+ "- Keywords defined in this and other MOFs, or in DMTF "
+ "white papers. These keywords provide a vendor- "
+ "independent, installation-independent way of "
+ "characterizing policy objects. \n"
+ "- Installation-dependent keywords for characterizing "
+ "policy objects. Examples include \'Engineering\', "
+ "\'Billing\', and \'Review in December 2000\'. \n"
+ "This MOF defines the following keywords: \'UNKNOWN\', "
+ "\'CONFIGURATION\', \'USAGE\', \'SECURITY\', \'SERVICE\', "
+ "\'MOTIVATIONAL\', \'INSTALLATION\', and \'EVENT\'. These "
+ "concepts are self-explanatory and are further discussed "
+ "in the SLA/Policy White Paper. One additional keyword is "
+ "defined: \'POLICY\'. The role of this keyword is to "
+ "identify policy-related instances that may not be "
+ "otherwise identifiable, in some implementations. The "
+ "keyword \'POLICY\' is NOT mutually exclusive of the "
+ "other keywords specified above." )]
+ string PolicyKeywords[];
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyAction.mof
new file mode 100644
index 0000000..b094fc3
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyAction.mof
@@ -0,0 +1,88 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Abstract, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class representing a rule-specific or reusable policy action "
+ "to be performed if the PolicyConditions for a Policy Rule "
+ "evaluate to TRUE. Since all operational details of a "
+ "PolicyAction are provided in subclasses of this object, this "
+ "class is abstract." )]
+class CIM_PolicyAction : CIM_Policy {
+
+ [Key, Description (
+ "The name of the class or the subclass used in the "
+ "creation of the System object in whose scope this "
+ "PolicyAction is defined. \n"
+ "\n"
+ "This property helps to identify the System object in "
+ "whose scope this instance of PolicyAction exists. For a "
+ "rule-specific PolicyAction, this is the System in whose "
+ "context the PolicyRule is defined. For a reusable "
+ "PolicyAction, this is the instance of PolicyRepository "
+ "(which is a subclass of System) that holds the Action. \n"
+ "\n"
+ "Note that this property, and the analogous property "
+ "SystemName, do not represent propagated keys from an "
+ "instance of the class System. Instead, they are "
+ "properties defined in the context of this class, which "
+ "repeat the values from the instance of System to which "
+ "this PolicyAction is related, either directly via the "
+ "PolicyActionInPolicyRepository association or indirectly "
+ "via the PolicyActionInPolicyRule aggregation." ),
+ MaxLen ( 256 )]
+ string SystemCreationClassName;
+
+ [Key, Description (
+ "The name of the System object in whose scope this "
+ "PolicyAction is defined. \n"
+ "\n"
+ "This property completes the identification of the System "
+ "object in whose scope this instance of PolicyAction "
+ "exists. For a rule-specific PolicyAction, this is the "
+ "System in whose context the PolicyRule is defined. For a "
+ "reusable PolicyAction, this is the instance of "
+ "PolicyRepository (which is a subclass of System) that "
+ "holds the Action." ),
+ MaxLen ( 256 )]
+ string SystemName;
+
+ [Key, Description (
+ "For a rule-specific PolicyAction, the CreationClassName "
+ "of the PolicyRule object with which this Action is "
+ "associated. For a reusable PolicyAction, a special "
+ "value, \'NO RULE\', should be used to indicate that this "
+ "Action is reusable and not associated with a single "
+ "PolicyRule." ),
+ MaxLen ( 256 )]
+ string PolicyRuleCreationClassName;
+
+ [Key, Description (
+ "For a rule-specific PolicyAction, the name of the "
+ "PolicyRule object with which this Action is associated. "
+ "For a reusable PolicyAction, a special value, \'NO "
+ "RULE\', should be used to indicate that this Action is "
+ "reusable and not associated with a single PolicyRule." ),
+ MaxLen ( 256 )]
+ string PolicyRuleName;
+
+ [Key, Description (
+ "CreationClassName indicates the name of the class or the "
+ "subclass used in the creation of an instance. When used "
+ "with the other key properties of this class, this "
+ "property allows all instances of this class and its "
+ "subclasses to be uniquely identified." ),
+ MaxLen ( 256 )]
+ string CreationClassName;
+
+ [Key, Description (
+ "A user-friendly name of this PolicyAction." ),
+ MaxLen ( 256 )]
+ string PolicyActionName;
+
+ [Description (
+ "DoActionLogging causes a log message to be generated "
+ "when the action is performed." )]
+ boolean DoActionLogging;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyAction.mof
new file mode 100644
index 0000000..0ff911e
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyAction.mof
@@ -0,0 +1,23 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicyActionInPolicyAction is used to represent the "
+ "compounding of policy actions into a higher-level policy "
+ "action." )]
+class CIM_PolicyActionInPolicyAction : CIM_PolicyActionStructure {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property represents the CompoundPolicyAction that "
+ "contains one or more PolicyActions." )]
+ CIM_CompoundPolicyAction REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property holds the name of a PolicyAction contained "
+ "by one or more CompoundPolicyActions." )]
+ CIM_PolicyAction REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRepository.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRepository.mof
new file mode 100644
index 0000000..8295865
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRepository.mof
@@ -0,0 +1,41 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Deprecated { "CIM_ReusablePolicy" },
+ Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The ReusablePolicy association is a more general relationship "
+ "that incorporates both Conditions and Actions as well as any "
+ "other policy subclass. \n"
+ "\n"
+ "This class represents the hosting of reusable PolicyActions by "
+ "a PolicyRepository. A reusable Policy Action is always related "
+ "to a single PolicyRepository, via this association. \n"
+ "\n"
+ "Note, that an instance of PolicyAction can be either reusable "
+ "or rule-specific. When the Action is rule- specific, it shall "
+ "not be related to any PolicyRepository via the "
+ "PolicyActionInPolicyRepository association." )]
+class CIM_PolicyActionInPolicyRepository : CIM_PolicyInSystem {
+
+ [Deprecated { "CIM_ReusablePolicy.Antecedent" },
+ Override ( "Antecedent" ),
+ Max ( 1 ),
+ Description (
+ "This property represents a PolicyRepository hosting one "
+ "or more PolicyActions. A reusable PolicyAction is always "
+ "related to exactly one PolicyRepository via the "
+ "PolicyActionInPolicyRepository association. The [0..1] "
+ "cardinality for this property covers the two types of "
+ "PolicyActions: 0 for a rule-specific PolicyAction, 1 for "
+ "a reusable one." )]
+ CIM_PolicyRepository REF Antecedent;
+
+ [Deprecated { "CIM_ReusablePolicy.Dependent" },
+ Override ( "Dependent" ),
+ Description (
+ "This property holds the name of a PolicyAction hosted in "
+ "the PolicyRepository." )]
+ CIM_PolicyAction REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRule.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRule.mof
new file mode 100644
index 0000000..fb237f4
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionInPolicyRule.mof
@@ -0,0 +1,39 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A PolicyRule aggregates zero or more instances of the "
+ "PolicyAction class, via the PolicyActionInPolicyRule "
+ "association. A Rule that aggregates zero Actions is not "
+ "valid--it may, however, be in the process of being entered "
+ "into a PolicyRepository or being defined for a System. "
+ "Alternately, the actions of the policy may be explicit in the "
+ "definition of the PolicyRule. Note that a PolicyRule should "
+ "have no effect until it is valid. \n"
+ "\n"
+ "The Actions associated with a PolicyRule may be given a "
+ "required order, a recommended order, or no order at all. For "
+ "Actions represented as separate objects, the "
+ "PolicyActionInPolicyRule aggregation can be used to express an "
+ "order. \n"
+ "\n"
+ "This aggregation does not indicate whether a specified action "
+ "order is required, recommended, or of no significance; the "
+ "property SequencedActions in the aggregating instance of "
+ "PolicyRule provides this indication." )]
+class CIM_PolicyActionInPolicyRule : CIM_PolicyActionStructure {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property represents the PolicyRule that contains "
+ "one or more PolicyActions." )]
+ CIM_PolicyRule REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property holds the name of a PolicyAction contained "
+ "by one or more PolicyRules." )]
+ CIM_PolicyAction REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionStructure.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionStructure.mof
new file mode 100644
index 0000000..2e18733
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyActionStructure.mof
@@ -0,0 +1,65 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Abstract, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicyActions may be aggregated into rules and into compound "
+ "actions. PolicyActionStructure is the abstract aggregation "
+ "class for the structuring of policy actions." )]
+class CIM_PolicyActionStructure : CIM_PolicyComponent {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "PolicyAction instances may be aggregated into either "
+ "PolicyRule instances or CompoundPolicyAction instances." )]
+ CIM_Policy REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "A PolicyAction aggregated by a PolicyRule or CompoundPolicyAction."
+ )]
+ CIM_PolicyAction REF PartComponent;
+
+ [Description (
+ "ActionOrder is an unsigned integer \'n\' that indicates "
+ "the relative position of a PolicyAction in the sequence "
+ "of actions associated with a PolicyRule or "
+ "CompoundPolicyAction. When \'n\' is a positive integer, "
+ "it indicates a place in the sequence of actions to be "
+ "performed, with smaller integers indicating earlier "
+ "positions in the sequence. The special value \'0\' "
+ "indicates \'don\'t care\'. If two or more PolicyActions "
+ "have the same non-zero sequence number, they may be "
+ "performed in any order, but they must all be performed "
+ "at the appropriate place in the overall action sequence. \n"
+ "\n"
+ "A series of examples will make ordering of PolicyActions "
+ "clearer: \n"
+ "o If all actions have the same sequence number, "
+ "regardless of whether it is \'0\' or non-zero, any order "
+ "is acceptable. \n"
+ "o The values: \n"
+ "1:ACTION A \n"
+ "2:ACTION B \n"
+ "1:ACTION C \n"
+ "3:ACTION D \n"
+ "indicate two acceptable orders: A,C,B,D or C,A,B,D, \n"
+ "since A and C can be performed in either order, but only "
+ "at the \'1\' position. \n"
+ "o The values: \n"
+ "0:ACTION A \n"
+ "2:ACTION B \n"
+ "3:ACTION C \n"
+ "3:ACTION D \n"
+ "require that B,C, and D occur either as B,C,D or as "
+ "B,D,C. Action A may appear at any point relative to B, "
+ "C, and D. Thus the complete set of acceptable orders is: "
+ "A,B,C,D; B,A,C,D; B,C,A,D; B,C,D,A; A,B,D,C; B,A,D,C; "
+ "B,D,A,C; B,D,C,A. \n"
+ "\n"
+ "Note that the non-zero sequence numbers need not start "
+ "with \'1\', and they need not be consecutive. All that "
+ "matters is their relative magnitude." )]
+ uint16 ActionOrder;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyComponent.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyComponent.mof
new file mode 100644
index 0000000..4b523f3
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyComponent.mof
@@ -0,0 +1,21 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Abstract, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "CIM_PolicyComponent is a generic association used to establish "
+ "\'part of\' relationships between the subclasses of "
+ "CIM_Policy. For example, the PolicyConditionInPolicyRule "
+ "association defines that PolicyConditions are part of a "
+ "PolicyRule." )]
+class CIM_PolicyComponent : CIM_Component {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description ( "The parent Policy in the association." )]
+ CIM_Policy REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description ( "The child/part Policy in the association." )]
+ CIM_Policy REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyCondition.mof
new file mode 100644
index 0000000..79c82f2
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyCondition.mof
@@ -0,0 +1,85 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Abstract, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class representing a rule-specific or reusable policy "
+ "condition to be evaluated in conjunction with a Policy Rule. "
+ "Since all operational details of a PolicyCondition are "
+ "provided in subclasses of this object, this class is abstract." )]
+class CIM_PolicyCondition : CIM_Policy {
+
+ [Key, Description (
+ "The name of the class or the subclass used in the "
+ "creation of the System object in whose scope this "
+ "PolicyCondition is defined. \n"
+ "\n"
+ "This property helps to identify the System object in "
+ "whose scope this instance of PolicyCondition exists. For "
+ "a rule-specific PolicyCondition, this is the System in "
+ "whose context the PolicyRule is defined. For a reusable "
+ "PolicyCondition, this is the instance of "
+ "PolicyRepository (which is a subclass of System) that "
+ "holds the Condition. \n"
+ "\n"
+ "Note that this property, and the analogous property "
+ "SystemName, do not represent propagated keys from an "
+ "instance of the class System. Instead, they are "
+ "properties defined in the context of this class, which "
+ "repeat the values from the instance of System to which "
+ "this PolicyCondition is related, either directly via the "
+ "PolicyConditionInPolicyRepository association or "
+ "indirectly via the PolicyConditionInPolicyRule "
+ "aggregation." ),
+ MaxLen ( 256 )]
+ string SystemCreationClassName;
+
+ [Key, Description (
+ "The name of the System object in whose scope this "
+ "PolicyCondition is defined. \n"
+ "\n"
+ "This property completes the identification of the System "
+ "object in whose scope this instance of PolicyCondition "
+ "exists. For a rule-specific PolicyCondition, this is the "
+ "System in whose context the PolicyRule is defined. For a "
+ "reusable PolicyCondition, this is the instance of "
+ "PolicyRepository (which is a subclass of System) that "
+ "holds the Condition." ),
+ MaxLen ( 256 )]
+ string SystemName;
+
+ [Key, Description (
+ "For a rule-specific PolicyCondition, the "
+ "CreationClassName of the PolicyRule object with which "
+ "this Condition is associated. For a reusable Policy "
+ "Condition, a special value, \'NO RULE\', should be used "
+ "to indicate that this Condition is reusable and not "
+ "associated with a single PolicyRule." ),
+ MaxLen ( 256 )]
+ string PolicyRuleCreationClassName;
+
+ [Key, Description (
+ "For a rule-specific PolicyCondition, the name of the "
+ "PolicyRule object with which this Condition is "
+ "associated. For a reusable PolicyCondition, a special "
+ "value, \'NO RULE\', should be used to indicate that this "
+ "Condition is reusable and not associated with a single "
+ "PolicyRule." ),
+ MaxLen ( 256 )]
+ string PolicyRuleName;
+
+ [Key, Description (
+ "CreationClassName indicates the name of the class or the "
+ "subclass used in the creation of an instance. When used "
+ "with the other key properties of this class, this "
+ "property allows all instances of this class and its "
+ "subclasses to be uniquely identified." ),
+ MaxLen ( 256 )]
+ string CreationClassName;
+
+ [Key, Description (
+ "A user-friendly name of this PolicyCondition." ),
+ MaxLen ( 256 )]
+ string PolicyConditionName;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyCondition.mof
new file mode 100644
index 0000000..8c41e99
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyCondition.mof
@@ -0,0 +1,27 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A CompoundPolicyCondition aggregates zero or more instances of "
+ "the PolicyCondition class, via the "
+ "PolicyConditionInPolicyCondition association. A "
+ "CompoundPolicyCondition that aggregates zero Conditions is not "
+ "valid; it may, however, be in the process of being defined. "
+ "Note that a CompoundPolicyCondition should have no effect "
+ "until it is valid." )]
+class CIM_PolicyConditionInPolicyCondition : CIM_PolicyConditionStructure {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property represents the CompoundPolicyCondition "
+ "that contains one or more PolicyConditions." )]
+ CIM_CompoundPolicyCondition REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property holds the name of a PolicyCondition "
+ "contained by one or more PolicyRules." )]
+ CIM_PolicyCondition REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRepository.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRepository.mof
new file mode 100644
index 0000000..2c8cdd6
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRepository.mof
@@ -0,0 +1,41 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Deprecated { "CIM_ReusablePolicy" },
+ Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The ReusablePolicy association is a more general relationship "
+ "that incorporates both Conditions and Actions as well as any "
+ "other policy subclass. \n"
+ "\n"
+ "This class represents the hosting of reusable PolicyConditions "
+ "by a PolicyRepository. A reusable Policy Condition is always "
+ "related to a single PolicyRepository, via this association. \n"
+ "\n"
+ "Note, that an instance of PolicyCondition can be either "
+ "reusable or rule-specific. When the Condition is rule- "
+ "specific, it shall not be related to any PolicyRepository via "
+ "the PolicyConditionInPolicyRepository association." )]
+class CIM_PolicyConditionInPolicyRepository : CIM_PolicyInSystem {
+
+ [Deprecated { "CIM_ReusablePolicy.Antecedent" },
+ Override ( "Antecedent" ),
+ Max ( 1 ),
+ Description (
+ "This property identifies a PolicyRepository hosting one "
+ "or more PolicyConditions. A reusable PolicyCondition is "
+ "always related to exactly one PolicyRepository via the "
+ "PolicyConditionInPolicyRepository association. The "
+ "[0..1] cardinality for this property covers the two "
+ "types of PolicyConditions: 0 for a rule-specific "
+ "PolicyCondition, 1 for a reusable one." )]
+ CIM_PolicyRepository REF Antecedent;
+
+ [Deprecated { "CIM_ReusablePolicy.Dependent" },
+ Override ( "Dependent" ),
+ Description (
+ "This property holds the name of a PolicyCondition hosted "
+ "in the PolicyRepository." )]
+ CIM_PolicyCondition REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRule.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRule.mof
new file mode 100644
index 0000000..2472552
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionInPolicyRule.mof
@@ -0,0 +1,26 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A PolicyRule aggregates zero or more instances of the "
+ "PolicyCondition class, via the PolicyConditionInPolicyRule "
+ "association. A Rule that aggregates zero Conditions is not "
+ "valid; it may, however, be in the process of being defined. "
+ "Note that a PolicyRule should have no effect until it is "
+ "valid." )]
+class CIM_PolicyConditionInPolicyRule : CIM_PolicyConditionStructure {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property represents the PolicyRule that contains "
+ "one or more PolicyConditions." )]
+ CIM_PolicyRule REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property holds the name of a PolicyCondition "
+ "contained by one or more PolicyRules." )]
+ CIM_PolicyCondition REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionStructure.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionStructure.mof
new file mode 100644
index 0000000..4daab90
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyConditionStructure.mof
@@ -0,0 +1,54 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Abstract, Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicyConditions may be aggregated into rules and into "
+ "compound conditions. PolicyConditionStructure is the abstract "
+ "aggregation class for the structuring of policy conditions. \n"
+ "\n"
+ "The Conditions aggregated by a PolicyRule or "
+ "CompoundPolicyCondition are grouped into two levels of lists: "
+ "either an ORed set of ANDed sets of conditions (DNF, the "
+ "default) or an ANDed set of ORed sets of conditions (CNF). "
+ "Individual PolicyConditions in these lists may be negated. The "
+ "property ConditionListType specifies which of these two "
+ "grouping schemes applies to a particular PolicyRule or "
+ "CompoundPolicyCondition instance. \n"
+ "\n"
+ "One or more PolicyTimePeriodConditions may be among the "
+ "conditions associated with a PolicyRule or "
+ "CompoundPolicyCondition via the PolicyConditionStructure "
+ "subclass association. In this case, the time periods are "
+ "simply additional Conditions to be evaluated along with any "
+ "others that are specified." )]
+class CIM_PolicyConditionStructure : CIM_PolicyComponent {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property represents the Policy that contains one or "
+ "more PolicyConditions." )]
+ CIM_Policy REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property holds the name of a PolicyCondition "
+ "contained by one or more PolicyRule or "
+ "CompoundPolicyCondition instances." )]
+ CIM_PolicyCondition REF PartComponent;
+
+ [Description (
+ "Unsigned integer indicating the group to which the "
+ "contained PolicyCondition belongs. This integer segments "
+ "the Conditions into the ANDed sets (when the "
+ "ConditionListType is \"DNF\") or, similarly, into the "
+ "ORed sets (when the ConditionListType is \"CNF\")." )]
+ uint16 GroupNumber;
+
+ [Description (
+ "Indication of whether the contained PolicyCondition is "
+ "negated. TRUE indicates that the PolicyCondition IS "
+ "negated, FALSE indicates that it IS NOT negated." )]
+ boolean ConditionNegated;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyContainerInPolicyContainer.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyContainerInPolicyContainer.mof
new file mode 100644
index 0000000..af09fce
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyContainerInPolicyContainer.mof
@@ -0,0 +1,23 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A relationship that aggregates one or more lower-level "
+ "ReusablePolicyContainer instances into a higher-level "
+ "ReusablePolicyContainer." )]
+class CIM_PolicyContainerInPolicyContainer : CIM_SystemComponent {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "A ReusablePolicyContainer that aggregates other "
+ "ReusablePolicyContainers." )]
+ CIM_ReusablePolicyContainer REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "A ReusablePolicyContainer aggregated by another "
+ "ReusablePolicyContainer." )]
+ CIM_ReusablePolicyContainer REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroup.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroup.mof
new file mode 100644
index 0000000..9bcf1c9
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroup.mof
@@ -0,0 +1,36 @@
+// Copyright (c) 2005 DMTF. All rights reserved
+ [Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An aggregation of PolicySet instances (PolicyGroups and/or "
+ "PolicyRules) that have the same decision strategy and inherit "
+ "policy roles. PolicyGroup instances are defined and named "
+ "relative to the CIM_System that provides their context." )]
+class CIM_PolicyGroup : CIM_PolicySet {
+
+ [Key, Description ( "The scoping System\'s CreationClassName." ),
+ MaxLen ( 256 ),
+ Propagated ( "CIM_System.CreationClassName" )]
+ string SystemCreationClassName;
+
+ [Key, Description ( "The scoping System\'s Name." ),
+ MaxLen ( 256 ),
+ Propagated ( "CIM_System.Name" )]
+ string SystemName;
+
+ [Key, Description (
+ "CreationClassName indicates the name of the class or the "
+ "subclass used in the creation of an instance. When used "
+ "with the other key properties of this class, this "
+ "property allows all instances of this class and its "
+ "subclasses to be uniquely identified." ),
+ MaxLen ( 256 )]
+ string CreationClassName;
+
+ [Key, Description (
+ "A user-friendly name of this PolicyGroup." ),
+ MaxLen ( 256 )]
+ string PolicyGroupName;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInPolicyGroup.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInPolicyGroup.mof
new file mode 100644
index 0000000..ee0cbf7
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInPolicyGroup.mof
@@ -0,0 +1,27 @@
+// Copyright (c) 2005 DMTF. All rights reserved
+ [Association, Deprecated { "CIM_PolicySetComponent" },
+ Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetComponent provides a more general mechanism for "
+ "aggregating both PolicyGroups and PolicyRules and doing so "
+ "with the priority value applying only to the aggregated set "
+ "rather than policy wide. \n"
+ "\n"
+ "A relationship that aggregates one or more lower-level "
+ "PolicyGroups into a higher-level Group. A Policy Group may "
+ "aggregate PolicyRules and/or other Policy Groups." )]
+class CIM_PolicyGroupInPolicyGroup : CIM_PolicyComponent {
+
+ [Deprecated { "CIM_PolicySetComponent.GroupComponent" },
+ Aggregate, Override ( "GroupComponent" ),
+ Description ( "A PolicyGroup that aggregates other Groups." )]
+ CIM_PolicyGroup REF GroupComponent;
+
+ [Deprecated { "CIM_PolicySetComponent.PartComponent" },
+ Override ( "PartComponent" ),
+ Description ( "A PolicyGroup aggregated by another Group." )]
+ CIM_PolicyGroup REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInSystem.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInSystem.mof
new file mode 100644
index 0000000..df1c3b5
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyGroupInSystem.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An association that links a PolicyGroup to the System in whose "
+ "scope the Group is defined." )]
+class CIM_PolicyGroupInSystem : CIM_PolicySetInSystem {
+
+ [Override ( "Antecedent" ),
+ Min ( 1 ),
+ Max ( 1 ),
+ Description (
+ "The System in whose scope a PolicyGroup is defined." )]
+ CIM_System REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Weak, Description (
+ "A PolicyGroup named within the scope of a System." )]
+ CIM_PolicyGroup REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyInSystem.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyInSystem.mof
new file mode 100644
index 0000000..a3be71d
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyInSystem.mof
@@ -0,0 +1,33 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Abstract, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "CIM_PolicyInSystem is a generic association used to establish "
+ "dependency relationships between Policies and the Systems that "
+ "host them. These Systems may be ComputerSystems where Policies "
+ "are \'running\' or they may be Policy Repositories where "
+ "Policies are stored. This relationship is similar to the "
+ "concept of CIM_Services being dependent on CIM_Systems as "
+ "defined by the HostedService association. \n"
+ "\n"
+ "Cardinality is Max (1) for the Antecedent/System reference "
+ "since Policies can only be hosted in at most one System "
+ "context. Some subclasses of the association will further "
+ "refine this definition to make the Policies Weak to Systems. "
+ "Other subclasses of PolicyInSystem will define an optional "
+ "hosting relationship. Examples of each of these are the "
+ "PolicyRuleInSystem and PolicyConditionIn PolicyRepository "
+ "associations, respectively." )]
+class CIM_PolicyInSystem : CIM_HostedDependency {
+
+ [Override ( "Antecedent" ),
+ Max ( 1 ),
+ Description ( "The hosting System." )]
+ CIM_System REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description ( "The hosted Policy." )]
+ CIM_Policy REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepository.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepository.mof
new file mode 100644
index 0000000..2b9c304
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepository.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Deprecated { "CIM_ReusablePolicyContainer" },
+ Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The term \'PolicyRepository\' has been confusing to both "
+ "developers and users of the model. The replacement class name "
+ "describes model element properly and is less likely to be "
+ "confused with a data repository. \n"
+ "\n"
+ "A class representing an administratively defined container for "
+ "reusable policy-related information. This class does not "
+ "introduce any additional properties beyond those in its "
+ "superclass AdminDomain. It does, however, participate in a "
+ "number of unique associations. \n"
+ "\n"
+ "An instance of this class uses the NameFormat value "
+ "\"PolicyRepository\"." )]
+class CIM_PolicyRepository : CIM_AdminDomain {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepositoryInPolicyRepository.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepositoryInPolicyRepository.mof
new file mode 100644
index 0000000..afb29bf
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRepositoryInPolicyRepository.mof
@@ -0,0 +1,31 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Deprecated { "CIM_PolicyContainerInPolicyContainer" },
+ Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The term \'PolicyRepository\' has been confusing to both "
+ "developers and users of the model. The replacement class name "
+ "describes model element properly and is less likely to be "
+ "confused with a data repository. ContainedDomain is a general "
+ "purpose mechanism for expressing domain hierarchy. \n"
+ "\n"
+ "A relationship that aggregates one or more lower-level "
+ "PolicyRepositories into a higher-level Repository." )]
+class CIM_PolicyRepositoryInPolicyRepository : CIM_SystemComponent {
+
+ [Deprecated {
+ "CIM_PolicyContainerInPolicyContainer.GroupComponent" },
+ Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "A PolicyRepository that aggregates other Repositories." )]
+ CIM_PolicyRepository REF GroupComponent;
+
+ [Deprecated {
+ "CIM_PolicyContainerInPolicyContainer.PartComponent" },
+ Override ( "PartComponent" ),
+ Description (
+ "A PolicyRepository aggregated by another Repository." )]
+ CIM_PolicyRepository REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollection.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollection.mof
new file mode 100644
index 0000000..36667a5
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollection.mof
@@ -0,0 +1,75 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicyRoleCollection is used to represent a collection of "
+ "ManagedElements that share a common policy role, and the "
+ "PolicySets that CAN BE applied to those elements. (Note that "
+ "the PolicySets that are CURRENTLY applied are indicated via "
+ "instances of the association, PolicySetAppliesToElement.) The "
+ "PolicyRoleCollection always exists in the context of a System, "
+ "specified using the PolicyRoleCollectionInSystem aggregation. "
+ "The value of the PolicyRole property in this class specifies "
+ "the role. It is defined as a free-form string. ManagedElements "
+ "that share the role defined in this collection are aggregated "
+ "into the Collection via the ElementInPolicyRoleCollection "
+ "association." )]
+class CIM_PolicyRoleCollection : CIM_SystemSpecificCollection {
+
+ [Required, Description (
+ "The PolicyRole name for the PolicySets and other "
+ "ManagedElements that are identified and aggregated by "
+ "the Collection. Note that the aggregated PolicySets "
+ "define the rules and groups of rules that may be applied "
+ "to the associated ManagedElements. \n"
+ "\n"
+ "Although not officially designated as \'role "
+ "combinations\', multiple roles may be specified using "
+ "the form: \n"
+ "<RoleName>[&&<RoleName>]* \n"
+ "where the individual role names appear in alphabetical "
+ "order (according to the collating sequence for UCS-2). "
+ "Implementations may treat PolicyRole values that are "
+ "specified as \'role combinations\' as simple strings." )]
+ string PolicyRole;
+
+
+ [Description (
+ "Activates/applies the PolicySets aggregated into this "
+ "Collection to the specified ManagedElement. The "
+ "ManagedElement MUST be a member of the Collection, "
+ "associated via ElementInPolicyRoleCollection. The result "
+ "of this method, if it is successfully executed, is that "
+ "the aggregated PolicySets are deployed and enforced for "
+ "the Element. This is reflected by the instantiation of "
+ "the PolicySetAppliesToElement association between the "
+ "named Element and each PolicySet." ),
+ ValueMap { "0", "1", "2", "3", "4", "..", "0x8000.." },
+ Values { "Success", "Not Supported", "Unknown", "Timeout",
+ "Failed", "DMTF Reserved", "Vendor Specific" }]
+ uint32 ActivatePolicySet(
+ [IN, Description (
+ "The ManagedElement to which the aggregated "
+ "PolicySets of this Collection are applied." )]
+ CIM_ManagedElement REF Element);
+
+ [Description (
+ "Deactivates the aggregated PolicySets for the specified "
+ "ManagedElement. The result of this method, if it is "
+ "successfully executed, is that the aggregated PolicySets "
+ "are NOT enforced for the Element. This is reflected by "
+ "the removal of the PolicySetAppliesToElement association "
+ "between the named Element and each PolicySet. If a "
+ "PolicySet is not currently enforced for the "
+ "ManagedElement, then this method has no effect for that "
+ "Set." ),
+ ValueMap { "0", "1", "2", "3", "4", "..", "0x8000..0xFFFF" },
+ Values { "Success", "Not Supported", "Unknown", "Timeout",
+ "Failed", "DMTF Reserved", "Vendor Specific" }]
+ uint32 DeactivatePolicySet(
+ [IN, Description (
+ "The ManagedElement to which the aggregated "
+ "PolicySets of this Collection MUST NOT apply." )]
+ CIM_ManagedElement REF Element);
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollectionInSystem.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollectionInSystem.mof
new file mode 100644
index 0000000..1007dc5
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRoleCollectionInSystem.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicyRoleCollectionInSystem is an association used to "
+ "establish a relationship between a collection and an \'owning\' "
+ "System such as an AdminDomain or ComputerSystem." )]
+class CIM_PolicyRoleCollectionInSystem : CIM_HostedCollection {
+
+ [Override ( "Antecedent" ),
+ Min ( 1 ),
+ Max ( 1 ),
+ Description (
+ "The parent system responsible for the collection." )]
+ CIM_System REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description ( "The Collection." )]
+ CIM_PolicyRoleCollection REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRule.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRule.mof
new file mode 100644
index 0000000..de55b25
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRule.mof
@@ -0,0 +1,176 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The central class used for representing the \'If Condition "
+ "then Action\' semantics of a policy rule. A PolicyRule "
+ "condition, in the most general sense, is represented as either "
+ "an ORed set of ANDed conditions (Disjunctive Normal Form, or "
+ "DNF) or an ANDed set of ORed conditions (Conjunctive Normal "
+ "Form, or CNF). Individual conditions may either be negated "
+ "(NOT C) or unnegated (C). The actions specified by a "
+ "PolicyRule are to be performed if and only if the PolicyRule "
+ "condition (whether it is represented in DNF or CNF) evaluates "
+ "to TRUE. \n"
+ "\n"
+ "The conditions and actions associated with a PolicyRule are "
+ "modeled, respectively, with subclasses of PolicyCondition and "
+ "PolicyAction. These condition and action objects are tied to "
+ "instances of PolicyRule by the PolicyConditionInPolicyRule and "
+ "PolicyActionInPolicyRule aggregations. \n"
+ "\n"
+ "A PolicyRule may also be associated with one or more policy "
+ "time periods, indicating the schedule according to which the "
+ "policy rule is active and inactive. In this case it is the "
+ "PolicySetValidityPeriod aggregation that provides this "
+ "linkage. \n"
+ "\n"
+ "The PolicyRule class uses the property ConditionListType, to "
+ "indicate whether the conditions for the rule are in DNF "
+ "(disjunctive normal form), CNF (conjunctive normal form) or, "
+ "in the case of a rule with no conditions, as an "
+ "UnconditionalRule. The PolicyConditionInPolicyRule aggregation "
+ "contains two additional properties to complete the "
+ "representation of the Rule\'s conditional expression. The "
+ "first of these properties is an integer to partition the "
+ "referenced PolicyConditions into one or more groups, and the "
+ "second is a Boolean to indicate whether a referenced Condition "
+ "is negated. An example shows how ConditionListType and these "
+ "two additional properties provide a unique representation of a "
+ "set of PolicyConditions in either DNF or CNF. \n"
+ "\n"
+ "Suppose we have a PolicyRule that aggregates five "
+ "PolicyConditions C1 through C5, with the following values in "
+ "the properties of the five PolicyConditionInPolicyRule "
+ "associations: \n"
+ "C1: GroupNumber = 1, ConditionNegated = FALSE \n"
+ "C2: GroupNumber = 1, ConditionNegated = TRUE \n"
+ "C3: GroupNumber = 1, ConditionNegated = FALSE \n"
+ "C4: GroupNumber = 2, ConditionNegated = FALSE \n"
+ "C5: GroupNumber = 2, ConditionNegated = FALSE \n"
+ "\n"
+ "If ConditionListType = DNF, then the overall condition for the "
+ "PolicyRule is: \n"
+ "(C1 AND (NOT C2) AND C3) OR (C4 AND C5) \n"
+ "\n"
+ "On the other hand, if ConditionListType = CNF, then the "
+ "overall condition for the PolicyRule is: \n"
+ "(C1 OR (NOT C2) OR C3) AND (C4 OR C5) \n"
+ "\n"
+ "In both cases, there is an unambiguous specification of the "
+ "overall condition that is tested to determine whether to "
+ "perform the PolicyActions associated with the PolicyRule. \n"
+ "\n"
+ "PolicyRule instances may also be used to aggregate other "
+ "PolicyRules and/or PolicyGroups. When used in this way to "
+ "implement nested rules, the conditions of the aggregating rule "
+ "apply to the subordinate rules as well. However, any side "
+ "effects of condition evaluation or the execution of actions "
+ "MUST NOT affect the result of the evaluation of other "
+ "conditions evaluated by the rule engine in the same evaluation "
+ "pass. That is, an implementation of a rule engine MAY evaluate "
+ "all conditions in any order before applying the priority and "
+ "determining which actions are to be executed." )]
+class CIM_PolicyRule : CIM_PolicySet {
+
+ [Key, Description ( "The scoping System\'s CreationClassName." ),
+ MaxLen ( 256 ),
+ Propagated ( "CIM_System.CreationClassName" )]
+ string SystemCreationClassName;
+
+ [Key, Description ( "The scoping System\'s Name." ),
+ MaxLen ( 256 ),
+ Propagated ( "CIM_System.Name" )]
+ string SystemName;
+
+ [Key, Description (
+ "CreationClassName indicates the name of the class or the "
+ "subclass used in the creation of an instance. When used "
+ "with the other key properties of this class, this "
+ "property allows all instances of this class and its "
+ "subclasses to be uniquely identified." ),
+ MaxLen ( 256 )]
+ string CreationClassName;
+
+ [Key, Description ( "A user-friendly name of this PolicyRule." ),
+ MaxLen ( 256 )]
+ string PolicyRuleName;
+
+ [Description (
+ "Indicates whether the list of PolicyConditions "
+ "associated with this PolicyRule is in disjunctive normal "
+ "form (DNF), conjunctive normal form (CNF), or has no "
+ "conditions (i.e., is an UnconditionalRule) and is "
+ "automatically evaluated to \"True.\" The default value "
+ "is 1 (\"DNF\")." ),
+ ValueMap { "0", "1", "2" },
+ Values { "Unconditional Rule", "DNF", "CNF" }]
+ uint16 ConditionListType = 1;
+
+ [Description (
+ "A free-form string that can be used to provide "
+ "guidelines on how this PolicyRule should be used." )]
+ string RuleUsage;
+
+ [Deprecated { "CIM_PolicySetComponent.Priority" },
+ Description (
+ "PolicyRule.Priority is deprecated and replaced by "
+ "providing the priority for a rule (and a group) in the "
+ "context of the aggregating PolicySet instead of the "
+ "priority being used for all aggregating PolicySet "
+ "instances. Thus, the assignment of priority values is "
+ "much simpler. \n"
+ "\n"
+ "A non-negative integer for prioritizing this Policy Rule "
+ "relative to other Rules. A larger value indicates a "
+ "higher priority. The default value is 0." )]
+ uint16 Priority = 0;
+
+ [Deprecated { "No Value" },
+ Description (
+ "A flag indicating that the evaluation of the Policy "
+ "Conditions and execution of PolicyActions (if the "
+ "Conditions evaluate to TRUE) is required. The evaluation "
+ "of a PolicyRule MUST be attempted if the Mandatory "
+ "property value is TRUE. If the Mandatory property is "
+ "FALSE, then the evaluation of the Rule is \'best effort\' "
+ "and MAY be ignored." )]
+ boolean Mandatory;
+
+ [Description (
+ "This property gives a policy administrator a way of "
+ "specifying how the ordering of the PolicyActions "
+ "associated with this PolicyRule is to be interpreted. "
+ "Three values are supported: \n"
+ "o mandatory(1): Do the actions in the indicated order, "
+ "or don\'t do them at all. \n"
+ "o recommended(2): Do the actions in the indicated order "
+ "if you can, but if you can\'t do them in this order, do "
+ "them in another order if you can. \n"
+ "o dontCare(3): Do them -- I don\'t care about the order. \n"
+ "The default value is 3 (\"DontCare\")." ),
+ ValueMap { "1", "2", "3" },
+ Values { "Mandatory", "Recommended", "Dont Care" }]
+ uint16 SequencedActions = 3;
+
+ [Description (
+ "ExecutionStrategy defines the strategy to be used in "
+ "executing the sequenced actions aggregated by this "
+ "PolicyRule. There are three execution strategies: \n"
+ "\n"
+ "Do Until Success - execute actions according to "
+ "predefined order, until successful execution of a single "
+ "action. \n"
+ "Do All - execute ALL actions which are part of the "
+ "modeled set, according to their predefined order. "
+ "Continue doing this, even if one or more of the actions "
+ "fails. \n"
+ "Do Until Failure - execute actions according to "
+ "predefined order, until the first failure in execution "
+ "of an action instance." ),
+ ValueMap { "1", "2", "3" },
+ Values { "Do Until Success", "Do All", "Do Until Failure" }]
+ uint16 ExecutionStrategy;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInPolicyGroup.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInPolicyGroup.mof
new file mode 100644
index 0000000..71d7ca8
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInPolicyGroup.mof
@@ -0,0 +1,28 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Deprecated { "CIM_PolicySetComponent" },
+ Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetComponent provides a more general mechanism for "
+ "aggregating both PolicyGroups and PolicyRules and doing so "
+ "with the priority value applying only to the aggregated set "
+ "rather than policy wide. \n"
+ "\n"
+ "A relationship that aggregates one or more PolicyRules into a "
+ "PolicyGroup. A PolicyGroup may aggregate PolicyRules and/or "
+ "other PolicyGroups." )]
+class CIM_PolicyRuleInPolicyGroup : CIM_PolicyComponent {
+
+ [Deprecated { "CIM_PolicySetComponent.GroupComponent" },
+ Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "A PolicyGroup that aggregates one or more PolicyRules." )]
+ CIM_PolicyGroup REF GroupComponent;
+
+ [Deprecated { "CIM_PolicySetComponent.PartComponent" },
+ Override ( "PartComponent" ),
+ Description ( "A PolicyRule aggregated by a PolicyGroup." )]
+ CIM_PolicyRule REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInSystem.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInSystem.mof
new file mode 100644
index 0000000..e4e2d93
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleInSystem.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "An association that links a PolicyRule to the System in whose "
+ "scope the Rule is defined." )]
+class CIM_PolicyRuleInSystem : CIM_PolicySetInSystem {
+
+ [Override ( "Antecedent" ),
+ Min ( 1 ),
+ Max ( 1 ),
+ Description (
+ "The System in whose scope a PolicyRule is defined." )]
+ CIM_System REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Weak, Description (
+ "A PolicyRule named within the scope of a System." )]
+ CIM_PolicyRule REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleValidityPeriod.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleValidityPeriod.mof
new file mode 100644
index 0000000..be6cc42
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyRuleValidityPeriod.mof
@@ -0,0 +1,36 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Deprecated { "CIM_PolicySetValidityPeriod" },
+ Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The PolicyRuleValidityPeriod aggregation represents scheduled "
+ "activation and deactivation of a PolicyRule. If a PolicyRule "
+ "is associated with multiple policy time periods via this "
+ "association, then the Rule is active if at least one of the "
+ "time periods indicates that it is active. (In other words, the "
+ "PolicyTimePeriodConditions are ORed to determine whether the "
+ "Rule is active.) A Time Period may be aggregated by multiple "
+ "PolicyRules. A Rule that does not point to a "
+ "PolicyTimePeriodCondition via this association is, from the "
+ "point of view of scheduling, always active. It may, however, "
+ "be inactive for other reasons. For example, the Rule\'s "
+ "Enabled property may be set to \"disabled\" (value=2)." )]
+class CIM_PolicyRuleValidityPeriod : CIM_PolicyComponent {
+
+ [Deprecated { "CIM_PolicySetValidityPeriod.GroupComponent" },
+ Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property contains the name of a PolicyRule that "
+ "contains one or more PolicyTimePeriodConditions." )]
+ CIM_PolicyRule REF GroupComponent;
+
+ [Deprecated { "CIM_PolicySetValidityPeriod.PartComponent" },
+ Override ( "PartComponent" ),
+ Description (
+ "This property contains the name of a "
+ "PolicyTimePeriodCondition defining the valid time "
+ "periods for one or more PolicyRules." )]
+ CIM_PolicyTimePeriodCondition REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySet.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySet.mof
new file mode 100644
index 0000000..eded1c1
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySet.mof
@@ -0,0 +1,87 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Abstract, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySet is an abstract class that represents a set of "
+ "policies that form a coherent set. The set of contained "
+ "policies has a common decision strategy and a common set of "
+ "policy roles (defined via the PolicySetInRole Collection "
+ "association). Subclasses include PolicyGroup and PolicyRule." )]
+class CIM_PolicySet : CIM_Policy {
+
+ [Description (
+ "PolicyDecisionStrategy defines the evaluation method "
+ "used for policies contained in the PolicySet. There are "
+ "two values currently defined: \n"
+ "- \'First Matching\' (1) executes the actions of the "
+ "first rule whose conditions evaluate to TRUE. The "
+ "concept of \'first\' is determined by examining the "
+ "priority of the rule within the policy set (i.e., by "
+ "examining the property, PolicySetComponent.Priority). "
+ "Note that this ordering property MUST be maintained when "
+ "processing the PolicyDecisionStrategy. \n"
+ "- \'All\' (2) executes the actions of ALL rules whose "
+ "conditions evaluate to TRUE, in the set. As noted above, "
+ "the order of processing of the rules is defined by the "
+ "property, PolicySetComponent.Priority (and within a "
+ "rule, the ordering of the actions is defined by the "
+ "property, PolicyActionStructure.ActionOrder). Note that "
+ "when this strategy is defined, processing MUST be "
+ "completed of ALL rules whose conditions evaluate to "
+ "TRUE, regardless of errors in the execution of the rule "
+ "actions." ),
+ ValueMap { "1", "2" },
+ Values { "First Matching", "All" }]
+ uint16 PolicyDecisionStrategy;
+
+ [Deprecated { "CIM_PolicySetInRoleCollection" },
+ Description (
+ "The PolicyRoles property represents the roles associated "
+ "with a PolicySet. All contained PolicySet instances "
+ "inherit the values of the PolicyRoles of the aggregating "
+ "PolicySet but the values are not copied. A contained "
+ "PolicySet instance may, however, add additional "
+ "PolicyRoles to those it inherits from its aggregating "
+ "PolicySet(s). Each value in PolicyRoles multi-valued "
+ "property represents a role for which the PolicySet "
+ "applies, i.e., the PolicySet should be used by any "
+ "enforcement point that assumes any of the listed "
+ "PolicyRoles values. \n"
+ "\n"
+ "Although not officially designated as \'role "
+ "combinations\', multiple roles may be specified using "
+ "the form: \n"
+ "<RoleName>[&&<RoleName>]* \n"
+ "where the individual role names appear in alphabetical "
+ "order (according to the collating sequence for UCS-2). "
+ "Implementations may treat PolicyRoles values that are "
+ "specified as \'role combinations\' as simple strings. \n"
+ "\n"
+ "This property is deprecated in lieu of the use of an "
+ "association, CIM_PolicySetInRoleCollection. The latter "
+ "is a more explicit and less error-prone approach to "
+ "modeling that a PolicySet has one or more PolicyRoles." )]
+ string PolicyRoles[];
+
+ [Description (
+ "Indicates whether this PolicySet is administratively "
+ "enabled, administratively disabled, or enabled for "
+ "debug. The \"EnabledForDebug\" property value is "
+ "deprecated and, when it or any value not understood by "
+ "the receiver is specified, the receiving enforcement "
+ "point treats the PolicySet as \"Disabled\". To determine "
+ "if a PolicySet is \"Enabled\", the containment hierarchy "
+ "specified by the PolicySetComponent aggregation is "
+ "examined and the Enabled property values of the "
+ "hierarchy are ANDed together. Thus, for example, "
+ "everything aggregated by a PolicyGroup may be disabled "
+ "by setting the Enabled property in the PolicyGroup "
+ "instance to \"Disabled\" without changing the Enabled "
+ "property values of any of the aggregated instances. The "
+ "default value is 1 (\"Enabled\")." ),
+ ValueMap { "1", "2", "3" },
+ Values { "Enabled", "Disabled", "Enabled For Debug" }]
+ uint16 Enabled = 1;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySetAppliesToElement.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetAppliesToElement.mof
new file mode 100644
index 0000000..2955417
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetAppliesToElement.mof
@@ -0,0 +1,26 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetAppliesToElement makes explicit which PolicySets "
+ "(i.e., policy rules and groups of rules) ARE CURRENTLY applied "
+ "to a particular Element. This association indicates that the "
+ "PolicySets that are appropriate for a ManagedElement "
+ "(specified using the PolicyRoleCollection aggregation) have "
+ "actually been deployed in the policy management "
+ "infrastructure. Note that if the named Element refers to a "
+ "Collection, then the PolicySet is assumed to be applied to all "
+ "the members of the Collection." )]
+class CIM_PolicySetAppliesToElement {
+
+ [Key, Description (
+ "The PolicyRules and/or groups of rules that are "
+ "currently applied to an Element." )]
+ CIM_PolicySet REF PolicySet;
+
+ [Key, Description (
+ "The ManagedElement to which the PolicySet applies." )]
+ CIM_ManagedElement REF ManagedElement;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySetComponent.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetComponent.mof
new file mode 100644
index 0000000..eff0a77
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetComponent.mof
@@ -0,0 +1,41 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetComponent is a concrete aggregation that collects "
+ "instances of the subclasses of PolicySet (i.e., PolicyGroups "
+ "and PolicyRules). Instances are collected in sets that use the "
+ "same decision strategy. They are prioritized relative to each "
+ "other, within the set, using the Priority property of this "
+ "aggregation. \n"
+ "\n"
+ "Together, the PolicySet.PolicyDecisionStrategy and PolicySet "
+ "Component.Priority properties determine the processing for the "
+ "groups and rules contained in a PolicySet. A larger priority "
+ "value represents a higher priority. Note that the Priority "
+ "property MUST have a unique value when compared with others "
+ "defined for the same aggregating PolicySet. Thus, the "
+ "evaluation of rules within a set is deterministically "
+ "specified." )]
+class CIM_PolicySetComponent : CIM_PolicyComponent {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "A PolicySet that aggregates other PolicySet instances." )]
+ CIM_PolicySet REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description ( "A PolicySet aggregated into a PolicySet." )]
+ CIM_PolicySet REF PartComponent;
+
+ [Description (
+ "A non-negative integer for prioritizing this PolicySet "
+ "component relative to other elements of the same "
+ "PolicySet. A larger value indicates a higher priority. "
+ "The Priority property MUST have a unique value when "
+ "compared with others defined for the same aggregating "
+ "PolicySet." )]
+ uint16 Priority;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInRoleCollection.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInRoleCollection.mof
new file mode 100644
index 0000000..c0aec87
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInRoleCollection.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetInRoleCollection aggregates zero or more PolicyRules "
+ "and PolicyGroups (i.e., the subclasses of PolicySet) into a "
+ "PolicyRoleCollection object, representing a role "
+ "supported/enforced by the PolicySet." )]
+class CIM_PolicySetInRoleCollection : CIM_MemberOfCollection {
+
+ [Aggregate, Override ( "Collection" ),
+ Description ( "The PolicyRoleCollection." )]
+ CIM_PolicyRoleCollection REF Collection;
+
+ [Override ( "Member" ),
+ Description (
+ "The PolicySet that supports/enforces the PolicyRole for "
+ "the elements in the PolicyRoleCollection." )]
+ CIM_PolicySet REF Member;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInSystem.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInSystem.mof
new file mode 100644
index 0000000..2d6ab58
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetInSystem.mof
@@ -0,0 +1,37 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Abstract, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "PolicySetInSystem is an abstract association class that "
+ "represents a relationship between a System and a PolicySet "
+ "used in the administrative scope of that system (e.g., "
+ "AdminDomain, ComputerSystem). The Priority property is used to "
+ "assign a relative priority to a PolicySet within the "
+ "administrative scope in contexts where it is not a component "
+ "of another PolicySet." )]
+class CIM_PolicySetInSystem : CIM_PolicyInSystem {
+
+ [Override ( "Antecedent" ),
+ Min ( 1 ),
+ Max ( 1 ),
+ Description (
+ "The System in whose scope a PolicySet is defined." )]
+ CIM_System REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description (
+ "A PolicySet named within the scope of a System." )]
+ CIM_PolicySet REF Dependent;
+
+ [Description (
+ "The Priority property is used to specify the relative "
+ "priority of the referenced PolicySet when there are more "
+ "than one PolicySet instances applied to a managed "
+ "resource that are not PolicySetComponents and, "
+ "therefore, have no other relative priority defined. The "
+ "priority is a non-negative integer; a larger value "
+ "indicates a higher priority." )]
+ uint16 Priority;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicySetValidityPeriod.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetValidityPeriod.mof
new file mode 100644
index 0000000..7f0e180
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicySetValidityPeriod.mof
@@ -0,0 +1,48 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Aggregation, Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The PolicySetValidityPeriod aggregation represents scheduled "
+ "activation and deactivation of a PolicySet. A PolicySet is "
+ "considered \"active\" if it is both \"Enabled\" and in a valid "
+ "time period. \n"
+ "\n"
+ "If a PolicySet is associated with multiple policy time periods "
+ "via this association, then the Set is in a valid time period "
+ "if at least one of the time periods evaluates to TRUE. If a "
+ "PolicySet is contained in another PolicySet via the "
+ "PolicySetComponent aggregation (e.g., a PolicyRule in a "
+ "PolicyGroup), then the contained PolicySet (e.g., PolicyRule) "
+ "is in a valid period if at least one of the aggregate\'s "
+ "PolicyTimePeriodCondition instances evaluates to TRUE and at "
+ "least one of its own PolicyTimePeriodCondition instances also "
+ "evalutes to TRUE. (In other words, the "
+ "PolicyTimePeriodConditions are ORed to determine whether the "
+ "PolicySet is in a valid time period and then ANDed with the "
+ "ORed PolicyTimePeriodConditions of each of PolicySet instances "
+ "in the PolicySetComponent hierarchy to determine if the "
+ "PolicySet is in a valid time period and, if also \"Enabled\", "
+ "therefore, active, i.e., the hierachy ANDs the ORed "
+ "PolicyTimePeriodConditions of the elements of the hierarchy. \n"
+ "\n"
+ "A Time Period may be aggregated by multiple PolicySets. A Set "
+ "that does not point to a PolicyTimePeriodCondition via this "
+ "association, from the point of view of scheduling, is always "
+ "in a valid time period." )]
+class CIM_PolicySetValidityPeriod : CIM_PolicyComponent {
+
+ [Aggregate, Override ( "GroupComponent" ),
+ Description (
+ "This property contains the name of a PolicySet that "
+ "contains one or more PolicyTimePeriodConditions." )]
+ CIM_PolicySet REF GroupComponent;
+
+ [Override ( "PartComponent" ),
+ Description (
+ "This property contains the name of a "
+ "PolicyTimePeriodCondition defining the valid time "
+ "periods for one or more PolicySets." )]
+ CIM_PolicyTimePeriodCondition REF PartComponent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PolicyTimePeriodCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_PolicyTimePeriodCondition.mof
new file mode 100644
index 0000000..86ebafb
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PolicyTimePeriodCondition.mof
@@ -0,0 +1,285 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.7.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "This class provides a means of representing the time periods "
+ "during which a PolicySet is valid, i.e., active. At all times "
+ "that fall outside these time periods, the PolicySet has no "
+ "effect. A PolicySet is treated as valid at ALL times, if it "
+ "does not specify a PolicyTimePeriodCondition. \n"
+ "\n"
+ "In some cases a Policy Consumer may need to perform certain "
+ "setup / cleanup actions when a PolicySet becomes active / "
+ "inactive. For example, sessions that were established while a "
+ "PolicySet was active might need to be taken down when the "
+ "PolicySet becomes inactive. In other cases, however, such "
+ "sessions might be left up. In this case, the effect of "
+ "deactivating the PolicySet would just be to prevent the "
+ "establishment of new sessions. \n"
+ "\n"
+ "Setup / cleanup behaviors on validity period transitions are "
+ "not currently addressed by the Policy Model, and must be "
+ "specified in \'guideline\' documents or via subclasses of "
+ "CIM_PolicySet, CIM_PolicyTimePeriod Condition or other "
+ "concrete subclasses of CIM_Policy. If such behaviors need to "
+ "be under the control of the policy administrator, then a "
+ "mechanism to allow this control must also be specified in the "
+ "subclasses. \n"
+ "\n"
+ "PolicyTimePeriodCondition is defined as a subclass of "
+ "PolicyCondition. This is to allow the inclusion of time-based "
+ "criteria in the AND/OR condition definitions for a PolicyRule. \n"
+ "\n"
+ "Instances of this class may have up to five properties "
+ "identifying time periods at different levels. The values of "
+ "all the properties present in an instance are ANDed together "
+ "to determine the validity period(s) for the instance. For "
+ "example, an instance with an overall validity range of January "
+ "1, 2000 through December 31, 2000; a month mask that selects "
+ "March and April; a day-of-the-week mask that selects Fridays; "
+ "and a time of day range of 0800 through 1600 would be "
+ "represented using the following time periods: \n"
+ "Friday, March 5, 2000, from 0800 through 1600; \n"
+ "Friday, March 12, 2000, from 0800 through 1600; \n"
+ "Friday, March 19, 2000, from 0800 through 1600; \n"
+ "Friday, March 26, 2000, from 0800 through 1600; \n"
+ "Friday, April 2, 2000, from 0800 through 1600; \n"
+ "Friday, April 9, 2000, from 0800 through 1600; \n"
+ "Friday, April 16, 2000, from 0800 through 1600; \n"
+ "Friday, April 23, 2000, from 0800 through 1600; \n"
+ "Friday, April 30, 2000, from 0800 through 1600. \n"
+ "\n"
+ "Properties not present in an instance of "
+ "PolicyTimePeriodCondition are implicitly treated as having "
+ "their value \'always enabled\'. Thus, in the example above, "
+ "the day-of-the-month mask is not present, and so the validity "
+ "period for the instance implicitly includes a day-of-the-month "
+ "mask that selects all days of the month. If this \'missing "
+ "property\' rule is applied to its fullest, we see that there "
+ "is a second way to indicate that a PolicySet is always "
+ "enabled: associate with it an instance of "
+ "PolicyTimePeriodCondition whose only properties with specific "
+ "values are its key properties." )]
+class CIM_PolicyTimePeriodCondition : CIM_PolicyCondition {
+
+ [Description (
+ "This property identifies an overall range of calendar "
+ "dates and times over which a PolicySet is valid. It is "
+ "formatted as a string representing a start date and "
+ "time, in which the character \'T\' indicates the "
+ "beginning of the time portion, followed by the solidus "
+ "character \'/\', followed by a similar string "
+ "representing an end date and time. The first date "
+ "indicates the beginning of the range, while the second "
+ "date indicates the end. Thus, the second date and time "
+ "must be later than the first. Date/times are expressed "
+ "as substrings of the form yyyymmddThhmmss. For example: \n"
+ "20000101T080000/20000131T120000 defines \n"
+ "January 1, 2000, 0800 through January 31, 2000, noon \n"
+ "\n"
+ "There are also two special cases in which one of the "
+ "date/time strings is replaced with a special string "
+ "defined in RFC 2445. \n"
+ "o If the first date/time is replaced with the string "
+ "\'THISANDPRIOR\', then the property indicates that a "
+ "PolicySet is valid [from now] until the date/time that "
+ "appears after the \'/\'. \n"
+ "o If the second date/time is replaced with the string "
+ "\'THISANDFUTURE\', then the property indicates that a "
+ "PolicySet becomes valid on the date/time that appears "
+ "before the \'/\', and remains valid from that point on." ),
+ ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.MonthOfYearMask",
+ "CIM_PolicyTimePeriodCondition.DayOfMonthMask",
+ "CIM_PolicyTimePeriodCondition.DayOfWeekMask",
+ "CIM_PolicyTimePeriodCondition.TimeOfDayMask",
+ "CIM_PolicyTimePeriodCondition.LocalOrUtcTime" }]
+ string TimePeriod;
+
+ [Description (
+ "The purpose of this property is to refine the valid time "
+ "period that is defined by the TimePeriod property, by "
+ "explicitly specifying in which months the PolicySet is "
+ "valid. These properties work together, with the "
+ "TimePeriod used to specify the overall time period in "
+ "which the PolicySet is valid, and the MonthOfYearMask "
+ "used to pick out the months during which the PolicySet "
+ "is valid. \n"
+ "\n"
+ "This property is formatted as an octet string, "
+ "structured as follows: \n"
+ "o a 4-octet length field, indicating the length of the "
+ "entire octet string; this field is always set to "
+ "0x00000006 for this property; \n"
+ "o a 2-octet field consisting of 12 bits identifying the "
+ "12 months of the year, beginning with January and ending "
+ "with December, followed by 4 bits that are always set to "
+ "\'0\'. For each month, the value \'1\' indicates that "
+ "the policy is valid for that month, and the value \'0\' "
+ "indicates that it is not valid. \n"
+ "\n"
+ "The value 0x000000060830, for example, indicates that a "
+ "PolicySet is valid only in the months May, November, and "
+ "December. \n"
+ "\n"
+ "If a value for this property is not provided, then the "
+ "PolicySet is treated as valid for all twelve months, and "
+ "only restricted by its TimePeriod property value and the "
+ "other Mask properties." ),
+ OctetString, ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.TimePeriod",
+ "CIM_PolicyTimePeriodCondition.LocalOrUtcTime" }]
+ uint8 MonthOfYearMask[];
+
+ [Description (
+ "The purpose of this property is to refine the valid time "
+ "period that is defined by the TimePeriod property, by "
+ "explicitly specifying in which days of the month the "
+ "PolicySet is valid. These properties work together, with "
+ "the TimePeriod used to specify the overall time period "
+ "in which the PolicySet is valid, and the DayOfMonthMask "
+ "used to pick out the days of the month during which the "
+ "PolicySet is valid. \n"
+ "\n"
+ "This property is formatted as an octet string, "
+ "structured as follows: \n"
+ "o a 4-octet length field, indicating the length of the "
+ "entire octet string; this field is always set to "
+ "0x0000000C for this property; \n"
+ "o an 8-octet field consisting of 31 bits identifying the "
+ "days of the month counting from the beginning, followed "
+ "by 31 more bits identifying the days of the month "
+ "counting from the end, followed by 2 bits that are "
+ "always set to \'0\'. For each day, the value \'1\' "
+ "indicates that the PolicySet is valid for that day, and "
+ "the value \'0\' indicates that it is not valid. \n"
+ "\n"
+ "The value 0x0000000C8000000100000000, for example, "
+ "indicates that a PolicySet is valid on the first and "
+ "last days of the month. \n"
+ "\n"
+ "For months with fewer than 31 days, the digits "
+ "corresponding to days that the months do not have "
+ "(counting in both directions) are ignored. \n"
+ "\n"
+ "If a value for this property is not provided, then the "
+ "PolicySet is treated as valid for all days of the month, "
+ "and only restricted by its TimePeriod property value and "
+ "the other Mask properties." ),
+ OctetString, ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.TimePeriod",
+ "CIM_PolicyTimePeriodCondition.LocalOrUtcTime" }]
+ uint8 DayOfMonthMask[];
+
+ [Description (
+ "The purpose of this property is to refine the valid time "
+ "period that is defined by the TimePeriod property, by "
+ "explicitly specifying in which days of the week the "
+ "PolicySet is valid. These properties work together, with "
+ "the TimePeriod used to specify the overall time period "
+ "in which the PolicySet is valid, and the DayOfWeekMask "
+ "used to pick out the days of the week during which the "
+ "PolicySet is valid. \n"
+ "\n"
+ "This property is formatted as an octet string, "
+ "structured as follows: \n"
+ "o a 4-octet length field, indicating the length of the "
+ "entire octet string; this field is always set to "
+ "0x00000005 for this property; \n"
+ "o a 1-octet field consisting of 7 bits identifying the 7 "
+ "days of the week, beginning with Sunday and ending with "
+ "Saturday, followed by 1 bit that is always set to \'0\'. "
+ "For each day of the week, the value \'1\' indicates that "
+ "the PolicySet is valid for that day, and the value \'0\' "
+ "indicates that it is not valid. \n"
+ "\n"
+ "The value 0x000000057C, for example, indicates that a "
+ "PolicySet is valid Monday through Friday. \n"
+ "\n"
+ "If a value for this property is not provided, then the "
+ "PolicySet is treated as valid for all days of the week, "
+ "and only restricted by its TimePeriod property value and "
+ "the other Mask properties." ),
+ OctetString, ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.TimePeriod",
+ "CIM_PolicyTimePeriodCondition.LocalOrUtcTime" }]
+ uint8 DayOfWeekMask[];
+
+ [Description (
+ "The purpose of this property is to refine the valid time "
+ "period that is defined by the TimePeriod property, by "
+ "explicitly specifying a range of times in a day during "
+ "which the PolicySet is valid. These properties work "
+ "together, with the TimePeriod used to specify the "
+ "overall time period in which the PolicySet is valid, and "
+ "the TimeOfDayMask used to pick out the range of time "
+ "periods in a given day of during which the PolicySet is "
+ "valid. \n"
+ "\n"
+ "This property is formatted in the style of RFC 2445: a "
+ "time string beginning with the character \'T\', followed "
+ "by the solidus character \'/\', followed by a second "
+ "time string. The first time indicates the beginning of "
+ "the range, while the second time indicates the end. "
+ "Times are expressed as substrings of the form \'Thhmmss\'. \n"
+ "\n"
+ "The second substring always identifies a later time than "
+ "the first substring. To allow for ranges that span "
+ "midnight, however, the value of the second string may be "
+ "smaller than the value of the first substring. Thus, "
+ "\'T080000/T210000\' identifies the range from 0800 until "
+ "2100, while \'T210000/T080000\' identifies the range "
+ "from 2100 until 0800 of the following day. \n"
+ "\n"
+ "When a range spans midnight, it by definition includes "
+ "parts of two successive days. When one of these days is "
+ "also selected by either the MonthOfYearMask, "
+ "DayOfMonthMask, and/or DayOfWeekMask, but the other day "
+ "is not, then the PolicySet is active only during the "
+ "portion of the range that falls on the selected day. For "
+ "example, if the range extends from 2100 until 0800, and "
+ "the day of week mask selects Monday and Tuesday, then "
+ "the PolicySet is active during the following three "
+ "intervals: \n"
+ "From midnight Sunday until 0800 Monday; \n"
+ "From 2100 Monday until 0800 Tuesday; \n"
+ "From 2100 Tuesday until 23:59:59 Tuesday. \n"
+ "\n"
+ "If a value for this property is not provided, then the "
+ "PolicySet is treated as valid for all hours of the day, "
+ "and only restricted by its TimePeriod property value and "
+ "the other Mask properties." ),
+ ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.TimePeriod",
+ "CIM_PolicyTimePeriodCondition.LocalOrUtcTime" }]
+ string TimeOfDayMask;
+
+ [Description (
+ "This property indicates whether the times represented in "
+ "the TimePeriod property and in the various Mask "
+ "properties represent local times or UTC times. There is "
+ "no provision for mixing of local times and UTC times: "
+ "the value of this property applies to all of the other "
+ "time-related properties. TimePeriods are synchronized "
+ "worldwide by using the enumeration value \'UTCTime\'. If "
+ "the goal is to synchronize worldwide on a particular "
+ "local time (such as 0300 - 0500 in New York), then if "
+ "the TimePeriod property spans a Daylight Savings Time "
+ "transition in New York, it will be necessary to create "
+ "multiple instances of PolicyTimePeriodCondition, one "
+ "based on the offset UTC-0500 for the part of each year "
+ "when standard time is used in New York, and one based on "
+ "the offset UTC-0400 for the part of each year when "
+ "Daylight Savings Time is used there." ),
+ ValueMap { "1", "2" },
+ Values { "Local Time", "UTC Time" },
+ ModelCorrespondence {
+ "CIM_PolicyTimePeriodCondition.TimePeriod",
+ "CIM_PolicyTimePeriodCondition.MonthOfYearMask",
+ "CIM_PolicyTimePeriodCondition.DayOfMonthMask",
+ "CIM_PolicyTimePeriodCondition.DayOfWeekMask",
+ "CIM_PolicyTimePeriodCondition.TimeOfDayMask" }]
+ uint16 LocalOrUtcTime;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_PublicPrivateKeyAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_PublicPrivateKeyAuthentication.mof
new file mode 100644
index 0000000..ce06f55
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_PublicPrivateKeyAuthentication.mof
@@ -0,0 +1,24 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines the "
+ "specific public/private key pair that should be authenticated." )]
+class CIM_PublicPrivateKeyAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "Boolean indicating whether the key pair is self-issued "
+ "(TRUE) or issued by a Certificate Authority (FALSE)." )]
+ boolean SelfIssuedKey;
+
+ [Description (
+ "String holding the user\'s (distinguished) name." )]
+ string DistinguishedName;
+
+ [Description ( "String holding the public key data." )]
+ string PublicKey;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_QueryCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_QueryCondition.mof
new file mode 100644
index 0000000..761c5c2
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_QueryCondition.mof
@@ -0,0 +1,79 @@
+// Copyright (c) 2009 DMTF. All rights reserved.
+ [Version ( "2.22.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "QueryCondition defines the criteria for generating a set of "
+ "query results that are accessible to other QueryConditions or "
+ "MethodActions of the same PolicyRule. If there are no results "
+ "returned from the query, then the Condition evaluates to "
+ "false; otherwise, true. \n"
+ "\n"
+ "QueryConditions are assumed to be constantly evaluated "
+ "whenever precursor PolicyConditions are met. Actual "
+ "implementations may evaluate conditions dynamically, via "
+ "polling, or via other means. \n"
+ "\n"
+ "QueryCondition instances are viewed as clients of query. The "
+ "QueryCondition implementation takes the query results and "
+ "makes them available by the name specified in QueryResultName "
+ "to the FROM clause in the Query property of other "
+ "QueryConditions or MethodActions. (The details of how this is "
+ "accomplished are implementation dependent.) These results are "
+ "not available via CIM Operations, do not create lifecycle "
+ "indications, and do not persist beyond a single evaluation of "
+ "the associated PolicyRule." )]
+class CIM_QueryCondition : CIM_PolicyCondition {
+
+ [Required, Description (
+ "In the context of the associated PolicyRule, "
+ "QueryResultName defines a unique alias for the query "
+ "results that MAY be used in subsequent QueryConditions "
+ "or MethodActions of the same PolicyRule. This string is "
+ "treated as a class name, in a query statement." ),
+ ModelCorrespondence { "CIM_QueryCondition.Query",
+ "CIM_MethodAction.Query" }]
+ string QueryResultName;
+
+ [Required, Description (
+ "A query expression that MAY be evaluated and that "
+ "defines the query results that MAY be generated. Note "
+ "that the query\'s FROM clause MAY reference any class, "
+ "including those named by the QueryResultName of other "
+ "QueryCondition instances associated to the same "
+ "PolicyRule." ),
+ ModelCorrespondence { "CIM_QueryCondition.QueryLanguage",
+ "CIM_QueryCondition.QueryResultName" }]
+ string Query;
+
+ [Required, Description (
+ "The language in which the Query string is expressed./n "
+ "CQL - refers to the \'DMTF:CQL\' language defined by "
+ "DSP0200. \n"
+ "CQL: indicates a CIM Query Language string. \n"
+ "CQLT: indicates a CIM Query Language Template string. "
+ "When used, the identifiers recognized in the "
+ "$identifier$ tokens are \"SELF\" and the property names "
+ "of this class, or one of its subclasses. When used in "
+ "the Query string, $SELF$ will be replaced by a string "
+ "corresponding to a WBEM URI referencing the instance of "
+ "this class that contains the Query template string. "
+ "Tokens of the form $<propertyname>$ will be replaced by "
+ "a string representing the corresponding property value "
+ "of the instance of this class that contains the Query "
+ "string." ),
+ ValueMap { "2", "3", "..", "0x8000.." },
+ Values { "CQL", "CQLT", "DMTF Reserved", "Vendor Reserved" },
+ ModelCorrespondence { "CIM_QueryCondition.Query" }]
+ uint16 QueryLanguage = 2;
+
+ [Required, Description (
+ "If Trigger = true, and with the exception of any "
+ "PolicyTimePeriodConditions, PolicyConditions of this "
+ "Policy are not evaluated until this \'triggering\' "
+ "condition query is true. There MUST be no more than one "
+ "QueryCondition with Trigger = true associated with a "
+ "particular Policy." )]
+ boolean Trigger = false;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_RejectConnectionAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_RejectConnectionAction.mof
new file mode 100644
index 0000000..c477189
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_RejectConnectionAction.mof
@@ -0,0 +1,17 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "RejectConnectionAction is used to cause a connection or its "
+ "negotiation to be terminated. For example, it can be used in "
+ "conjunction with an address filter on UDP port 500 to reduce "
+ "Denial of Service vulnerability. As another example, it can be "
+ "specified as a low priority rule to explicitly define the "
+ "default action for IKE key exchange negotiations - i.e., if "
+ "the higher priority rules are not satisfied, then reject the "
+ "connection negotiation." ),
+ MappingStrings { "IPSP Policy Model.IETF|IKERejectAction" }]
+class CIM_RejectConnectionAction : CIM_PolicyAction {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicy.mof b/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicy.mof
new file mode 100644
index 0000000..be13b36
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicy.mof
@@ -0,0 +1,22 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Association, Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "The ReusablePolicy association provides for the reuse of any "
+ "subclass of Policy in a ReusablePolicyContainer." )]
+class CIM_ReusablePolicy : CIM_PolicyInSystem {
+
+ [Override ( "Antecedent" ),
+ Max ( 1 ),
+ Description (
+ "This property identifies a ReusablePolicyContainer that "
+ "provides the administrative scope for the reuse of the "
+ "referenced policy element." )]
+ CIM_ReusablePolicyContainer REF Antecedent;
+
+ [Override ( "Dependent" ),
+ Description ( "A reusable policy element." )]
+ CIM_Policy REF Dependent;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicyContainer.mof b/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicyContainer.mof
new file mode 100644
index 0000000..9d22f31
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_ReusablePolicyContainer.mof
@@ -0,0 +1,16 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class representing an administratively defined container for "
+ "reusable policy-related information. This class does not "
+ "introduce any additional properties beyond those in its "
+ "superclass AdminDomain. It does, however, participate in a "
+ "unique association for containing policy elements. \n"
+ "\n"
+ "An instance of this class uses the NameFormat value "
+ "\"ReusablePolicyContainer\"." )]
+class CIM_ReusablePolicyContainer : CIM_AdminDomain {
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_SharedSecretAuthentication.mof b/Schemas/CIM228/DMTF/Policy/CIM_SharedSecretAuthentication.mof
new file mode 100644
index 0000000..195bf2c
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_SharedSecretAuthentication.mof
@@ -0,0 +1,23 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class describing a company\'s and/or administrator\'s "
+ "credential requirements that should be authenticated in order "
+ "to establish/trust a CIM_Identity. This class defines a "
+ "specific identity whose shared secret should be authenticated." )]
+class CIM_SharedSecretAuthentication : CIM_AuthenticationCondition {
+
+ [Description (
+ "String defining the principal\'s ID whose secret is authenticated."
+ )]
+ string IDOfPrincipal;
+
+ [Description (
+ "String defining a hostname, URI or service/application "
+ "name. It defines the specific system or service which "
+ "provides the context for the shared secret." )]
+ string ContextOfSecret;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyAction.mof b/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyAction.mof
new file mode 100644
index 0000000..1557d51
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyAction.mof
@@ -0,0 +1,37 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class that provides a general extension mechanism for "
+ "representing PolicyActions that have not been modeled with "
+ "specific properties. Instead, the two properties ActionData "
+ "and ActionEncoding are used to define the content and format "
+ "of the Action, as explained below. \n"
+ "\n"
+ "As its name suggests, VendorPolicyAction is intended for "
+ "vendor-specific extensions to the Policy Core Information "
+ "Model. Standardized extensions are not expected to use this "
+ "class." )]
+class CIM_VendorPolicyAction : CIM_PolicyAction {
+
+ [Description (
+ "This property provides a general extension mechanism for "
+ "representing PolicyActions that have not been modeled "
+ "with specific properties. The format of the octet "
+ "strings in the array is left unspecified in this "
+ "definition. It is determined by the OID value stored in "
+ "the property ActionEncoding. Since ActionEncoding is "
+ "single-valued, all the values of ActionData share the "
+ "same format and semantics." ),
+ OctetString, ModelCorrespondence {
+ "CIM_VendorPolicyAction.ActionEncoding" }]
+ string ActionData[];
+
+ [Description (
+ "An OID encoded as a string, identifying the format and "
+ "semantics for this instance\'s ActionData property." ),
+ ModelCorrespondence { "CIM_VendorPolicyAction.ActionData" }]
+ string ActionEncoding;
+
+
+};
diff --git a/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyCondition.mof b/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyCondition.mof
new file mode 100644
index 0000000..7045b4d
--- /dev/null
+++ b/Schemas/CIM228/DMTF/Policy/CIM_VendorPolicyCondition.mof
@@ -0,0 +1,37 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.6.0" ),
+ UMLPackagePath ( "CIM::Policy" ),
+ Description (
+ "A class that provides a general extension mechanism for "
+ "representing PolicyConditions that have not been modeled with "
+ "specific properties. Instead, the two properties Constraint "
+ "and ConstraintEncoding are used to define the content and "
+ "format of the Condition, as explained below. \n"
+ "\n"
+ "As its name suggests, VendorPolicyCondition is intended for "
+ "vendor-specific extensions to the Policy Core Information "
+ "Model. Standardized extensions are not expected to use this "
+ "class." )]
+class CIM_VendorPolicyCondition : CIM_PolicyCondition {
+
+ [Description (
+ "This property provides a general extension mechanism for "
+ "representing PolicyConditions that have not been modeled "
+ "with specific properties. The format of the octet "
+ "strings in the array is left unspecified in this "
+ "definition. It is determined by the OID value stored in "
+ "the property ConstraintEncoding. Since "
+ "ConstraintEncoding is single-valued, all the values of "
+ "Constraint share the same format and semantics." ),
+ OctetString, ModelCorrespondence {
+ "CIM_VendorPolicyCondition.ConstraintEncoding" }]
+ string Constraint[];
+
+ [Description (
+ "An OID encoded as a string, identifying the format and "
+ "semantics for this instance\'s Constraint property." ),
+ ModelCorrespondence { "CIM_VendorPolicyCondition.Constraint" }]
+ string ConstraintEncoding;
+
+
+};