HP Model 755/125cL HP-UX DMI 2.0 Developer's Guide: HP-UX/HP 9000 Computers, - Page 31

Security Token Handling

Page 31 highlights

Modified Definition (tabular) Component Interface Concepts Group-Level Security Start Group Name = "System Memory Group" Class = "HP|System Memory Group|001" ID = 2 Key = 2 Start Attribute Name = "Total Physical Memory" ID = 1 Storage = Specific Access = Read-Write Type = int64 Value = 0 End Attribute Start Attribute Name = "Security Token" ID = 2 Type = "OctetString" Access = Read-Only Value = "" End Attribute End Group Securing an existing tabular group is much like securing a scalar group. First, add a new Security Token attribute to the group definition. Next, augment the existing keylist definition to include this new attribute. The Security Token then becomes one of the attributes comprising a unique row. This means that it is required for any get or set command on the table. Additionally, DmiAddRow() and DmiDeleteRow() calls require a valid keylist. Thus, they also require the Security Token. Security Token Handling Alternatively, HP provides a library with a security token-generating procedure and a security token validation procedure. Management applications can use these procedures to secure access to protected attribute values. Additionally, HP provides a library to management application writers that wish to retrieve protected attributes from HP's implementation of the Unix Standards Group Definition (Unix MIF). This library contains the security token-generating procedure. These two procedures are: • GenerateToken() • ValidateToken() For detailed information, see the generateToken(3X) and validateToken(3X) manpages. Chapter 3 31

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134

Chapter 3
31
Component Interface Concepts
Group-Level Security
Modified
Definition
(tabular)
Start Group
Name = "System Memory Group"
Class = "HP|System Memory Group|001"
ID = 2
Key = 2
Start Attribute
Name = "Total Physical Memory"
ID = 1
Storage = Specific
Access = Read-Write
Type = int64
Value = 0
End Attribute
Start Attribute
Name = "Security Token"
ID = 2
Type = "OctetString"
Access = Read-Only
Value = ""
End Attribute
End Group
Securing an existing tabular group is much like securing a scalar
group. First, add a new Security Token attribute to the group definition.
Next, augment the existing keylist definition to include this new
attribute. The Security Token then becomes one of the attributes
comprising a unique row. This means that it is required for any get or
set command on the table. Additionally, DmiAddRow() and
DmiDeleteRow() calls require a valid keylist. Thus, they also require
the Security Token.
Security Token Handling
Alternatively, HP provides a library with a security token-generating
procedure and a security token validation procedure. Management
applications can use these procedures to secure access to protected
attribute values.
Additionally, HP provides a library to management application writers
that wish to retrieve protected attributes from HP's implementation of
the Unix Standards Group Definition (Unix MIF). This library contains
the security token-generating procedure.
These two procedures are:
GenerateToken()
ValidateToken()
For detailed information, see the generateToken(3X) and
validateToken(3X) manpages.