HP Model 755/125cL HP-UX DMI 2.0 Developer's Guide: HP-UX/HP 9000 Computers, - Page 30

Component Interface Concepts Group-Level Security Original Definition (scalar) Group-Level Security HP provides a group-level security mechanism for its implementation of DMI 2.0. In order to use this security feature, the management application and the component instrumentation developers must agree to not ship the security libraries separately. Furthermore, executables using this security feature statically link to the security libraries. Intel recommends this type of security and it must be enforced by the component instrumentation developer. The following sections describe how to implement group-level security. The description is derived from the paper DMI 2.0 Security Token Proposal written by Brodi Beartusk and John Keith of Intel Corporation. Modifying Groups to Use Security Tokens Component instrumentation supporting this group requires that management applications provide the Security Token attribute when making a call. This attribute is passed on as the keylist for the operation. Applications not in possession of the Security Token can not access any attributes in the group. Component instrumentation denies access to applications that request the first row of the group. In order to secure a scalar group, you must first convert it to a tabular group by adding a Security Token attribute to the group definition, then specify this attribute as the key attribute for the group. The following example shows how to redefine the scalar System Memory Group as a tabular group with a Security Token. Start Group Name = "System Memory Group" Class = "HP|System Memory Group|001" ID = 2 Start Attribute Name = "Total Physical Memory" ID = 1 Type = int64 Access = Read-Write Storage = Specific Value = 0 End Attribute End Group 30 Chapter 3