Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
4/8/2010

The DeviceEncryptionConfiguration Service Provider protects sensitive data by using encryption.

The DeviceEncryption Configuration Service Provider can be managed over both the OMA DM protocol and the OMA Client Provisioning protocol.

Note:
Access to this Configuration Service Provider is determined by security roles. Because OEMs and mobile operators can selectively disallow access, ask them about the availability of this Configuration Service Provider. For more information about roles, see Security Rolesand Default Roles for Configuration Service Providers.

The following image shows the DeviceEncryption Configuration Service Provider object in tree format as used by OMA DM.

The following image shows the DeviceEncryption Configuration Service Provider object in tree format as used by OMA Client Provisioning.

Characteristics

DeviceEncryption

The root node for local device encryption.

Data type

node

Access Type

Get

Scope

Permanent

Occurs

One

EncryptList

In the root node, this node contains a list of files that will be encrypted in addition to the system's default list.

In the System node, this node contains a list of files that are in the system's EncryptList.

Data type

bool

Access Type

Get, Add, Delete

Scope

Dynamic

Occurs

ZeroOrOne

DoNotEncryptList

In the root node, this node contains a list of files that will not be encrypted.

In the System node, this node contains a list of files that are in the system's DoNotEncryptList.

Data type

bool

Access Type

Get, Add, Delete

Scope

Dynamic

Occurs

ZeroOrOne

System

The root node for the system EncryptList and DoNotEncryptList.

Data type

bool

Access Type

Get, Add, Delete

Scope

Dynamic

Occurs

ZeroOrOne

Parameters

EnableLocal

This parameter turns local device encryption on. If the value is false, local device encryption is turned off.

Permissions

Read/write

Default Value

false

Path

The value of this parameter is the file/directory path string.

All paths should begin with a backslash (\).

Special formatting is supported to specify a set of files:

All subdirectories

*

All files

*.ext

All files with a specific filename extension.

The following table includes some examples.

Example Path specification

Single file

\myfile.txt

All files in a specific directory

\mydir\*

All files in a specific directory and its subdirectories

\mydir\...\*

All files with a specific extension in a directory

\mydir\*.wmv

All files with a specific extension in a directory and its subdirectories

\mydir\...\*.wmv

All files with a specific extension, independent of location

\...\*.wmv

Permissions

Read/write

Microsoft Custom Elements

The following table shows the Microsoft custom elements that this Configuration Service Provider supports for OMA Client Provisioning.

Elements Available

parm-query

Yes

noparm

Yes

nocharacteristic

Yes

characteristic-query

Yes

Use these elements to build standard OMA Client Provisioning configuration XML. For information about specific elements, see MSPROV DTD Elements. For general examples of how to use the Microsoft custom elements, see OMA Client Provisioning XML File Examples.

For information about OMA Client Provisioning, see OMA Client Provisioning Files.

See Also