Device Policy Management

Mobile nativeWearable native

Dependencies

  • Tizen 3.0 and Higher for Mobile
  • Tizen 3.0 and Higher for Wearable

Content

Related Info

The Device Policy Management (DPM) framework supports enterprise applications by providing IT administrators means to create security-aware applications. They are useful in situations where IT administrators require rich control over employee devices.

DPM consists of a device policy client library and a device policy manager. The device policy manager manages all device policies and provides interfaces for the device policy client library. The device policy client library contains the device administration functions the client application can call. Internally, the device policy client library communicates with the device policy manager using a built-in remote method invocation engine.

The main features of the Device Policy Manager API include:

  • Checking restrictions

    You can check the restriction states of the device, such as camera, microphone, Wi-Fi, Bluetooth, and USB, using the getter functions of the Restriction policy group API (in mobile and wearable applications).

    You can also check the external and internal storage encryption state using the Security policy group API (in mobile and wearable applications) and get the name of the created zone and the zone state using the Zone policy group API (in mobile and wearable applications).

The following figure illustrates the DPM framework process.

Figure: DPM framework process

DPM framework process

Prerequisites

To use the functions and data types of the Device Policy Manager API (in mobile and wearable applications), include the <dpm/device-policy-manager.h> header file in your application:

#include <dpm/device-policy-manager.h>

Managing Device Policies

To manage device policies:

  1. Create a DPM handle:

    device_policy_manager_h dpm;
    
    /* Create a DPM handle */
    dpm = dpm_manager_create();
    
  2. Add a policy change callback to the device policy manager:
    int callback_id;
    
    /* Create the policy change callback function */
    void
    on_policy_changed(const char* name, const char* value, void* data)
    {
        int state = strcmp(value, "allowed") ? 0 : 1;
    
        if (strcmp(name, "camera") == 0) {
            if (state)
                /* Using the camera is allowed */
            else
                /* Using the camera is not allowed */
        } 
    }
    
    /* Add the policy change callback to the device policy manager */
    int
    dpm_init()
    {
        int ret = dpm_add_policy_changed_cb(dpm, "camera", on_policy_changed, user_data, &callback_id);
        if (ret < 0)
            /* Error handling */	
    }
    
  3. Check the device restriction state:
    #include <dpm/restriction.h>
    
    int state;
    
    /* Check the restriction state of the camera */
    if (dpm_restriction_get_camera_state(dpm, &state) == DPM_ERROR_NONE) {
        /* state: 0: using the camera is not allowed */
        /* state: 1: using the camera is allowed */
    }
    
  4. When no longer needed, remove the policy change callback from the device policy manager and destroy the DPM handle:
    void
    dpm_finalize()
    {
        /* Remove the policy change callback from the device policy manager */
        dpm_remove_policy_changed_cb(dpm, callback_id);
        /* Destroy the DPM handle */
        dpm_manager_destroy(dpm);
    }