Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

4/8/2010

The DeviceEncryptionConfiguration Service Provider protects sensitive data by using encryption.

The DeviceEncryption Configuration Service Provider can be managed over both the OMA DM protocol and the OMA Client Provisioning protocol.

Note:
Access to this Configuration Service Provider is determined by security roles. Because OEMs and mobile operators can selectively disallow access, ask them about the availability of this Configuration Service Provider. For more information about roles, see Security Rolesand Default Roles for Configuration Service Providers.

The following image shows the DeviceEncryption Configuration Service Provider object in tree format as used by OMA DM.

The following image shows the DeviceEncryption Configuration Service Provider object in tree format as used by OMA Client Provisioning.

Characteristics

DeviceEncryption

The root node for local device encryption.

Data type	node
Access Type	Get
Scope	Permanent
Occurs	One

EncryptList

In the root node, this node contains a list of files that will be encrypted in addition to the system's default list.

In the System node, this node contains a list of files that are in the system's EncryptList.

Data type	bool
Access Type	Get, Add, Delete
Scope	Dynamic
Occurs	ZeroOrOne

DoNotEncryptList

In the root node, this node contains a list of files that will not be encrypted.

In the System node, this node contains a list of files that are in the system's DoNotEncryptList.

Data type	bool
Access Type	Get, Add, Delete
Scope	Dynamic
Occurs	ZeroOrOne

System

The root node for the system EncryptList and DoNotEncryptList.

Data type	bool
Access Type	Get, Add, Delete
Scope	Dynamic
Occurs	ZeroOrOne

Parameters

EnableLocal

This parameter turns local device encryption on. If the value is false, local device encryption is turned off.

Permissions	Read/write
Default Value	false

Path

The value of this parameter is the file/directory path string.

All paths should begin with a backslash (\).

Special formatting is supported to specify a set of files:

…	All subdirectories
*	All files
*.ext	All files with a specific filename extension.

The following table includes some examples.

Example	Path specification
Single file	\myfile.txt
All files in a specific directory	\mydir\*
All files in a specific directory and its subdirectories	\mydir\...\*
All files with a specific extension in a directory	\mydir\*.wmv
All files with a specific extension in a directory and its subdirectories	\mydir\...\*.wmv
All files with a specific extension, independent of location	\...\*.wmv

Permissions

Read/write

Microsoft Custom Elements

The following table shows the Microsoft custom elements that this Configuration Service Provider supports for OMA Client Provisioning.

Elements	Available
parm-query	Yes
noparm	Yes
nocharacteristic	Yes
characteristic-query	Yes

Use these elements to build standard OMA Client Provisioning configuration XML. For information about specific elements, see MSPROV DTD Elements. For general examples of how to use the Microsoft custom elements, see OMA Client Provisioning XML File Examples.

For information about OMA Client Provisioning, see OMA Client Provisioning Files.

Characteristics

Parameters

Microsoft Custom Elements

See Also

Concepts

Other Resources