Tizen Native API  4.0
Security policy group

Security policy group provides APIs to control security functionality.

Required Header

#include <dpm/security.h>

Overview

Security policy group provides APIs to control security functionality such as device encryption and screen lock. Any API which requires privileges is only available for the registered device admin client which is enrolled to the device by enrollment process.

Functions

int dpm_security_lockout_screen (device_policy_manager_h handle)
 Locks device screen immediately.
int dpm_security_set_internal_storage_encryption (device_policy_manager_h handle, int encrypt)
 Encrypts or decrypts internal storage.
int dpm_security_is_internal_storage_encrypted (device_policy_manager_h handle, int *is_encrypted)
 Checks the internal storage encryption state.
int dpm_security_set_external_storage_encryption (device_policy_manager_h handle, int encrypt)
 Encrypts or decrypts external storage.
int dpm_security_is_external_storage_encrypted (device_policy_manager_h handle, int *is_encrypted)
 Checks the external storage encryption state.
int dpm_security_wipe_data (device_policy_manager_h handle, dpm_security_wipe_type_e type)
 Wipes external memory, internal memory, or both selectively.

Enumeration Type Documentation

Enumeration for device wipe type.

Since :
3.0
Enumerator:
DPM_SECURITY_WIPE_INTERNAL_STORAGE 

Wipe internal memory

DPM_SECURITY_WIPE_EXTERNAL_STORAGE 

Wipe external memory


Function Documentation

int dpm_security_is_external_storage_encrypted ( device_policy_manager_h  handle,
int *  is_encrypted 
)

Checks the external storage encryption state.

An administrator can use this API to check whether external storage encryption is enabled.

Since :
3.0
Parameters:
[in]handleDevice policy manager handle
[out]is_encryptedtrue if external storage is encrypted or being encrypted, else false
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_TIMED_OUTTime out
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()
dpm_security_set_external_storage_encryption()
int dpm_security_is_internal_storage_encrypted ( device_policy_manager_h  handle,
int *  is_encrypted 
)

Checks the internal storage encryption state.

An administrator can use this API to check whether internal storage encryption is enabled.

Since :
3.0
Parameters:
[in]handleDevice policy manager handle
[out]is_encryptedtrue if internal storage is encrypted or being encrypted, else false.
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_TIMED_OUTTime out
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()
dpm_security_set_internal_storage_encryption()

Locks device screen immediately.

Warning:
This is not for use by third-party applications.

An administrator can use this API to lock the device screen immediately

Since :
3.0
Privilege Level:
partner
Privilege:
http://tizen.org/privilege/dpm.lock
Parameters:
[in]handleDevice policy manager handle
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_PERMISSION_DENIEDThe application does not have the privilege to call this API
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()

Encrypts or decrypts external storage.

Warning:
This is not for use by third-party applications.

An administrator can use this API to enable external SD card encryption. Before calling this API, administrator must ensure that the device password is set to alphanumeric quality. The administrator can set an alphanumeric password by using dpm_set_password_quality() API

Since :
3.0
Privilege Level:
partner
Privilege:
http://tizen.org/privilege/dpm.security
Parameters:
[in]handleDevice policy manager handle
[in]encrypttrue if encryption is required, false if decryption is required
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_PERMISSION_DENIEDThe application does not have the privilege to call this API
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()
dpm_security_is_external_storage_encrypted()

Encrypts or decrypts internal storage.

Warning:
This is not for use by third-party applications.

An administrator can use this API to enable full device encryption, which includes device memory and internal SD card. Before calling this API, administrator must ensure that the device password is set to alphanumeric quality. The administrator can set an alphanumeric password by using dpm_set_password_quality() API

Since :
3.0
Privilege Level:
partner
Privilege:
http://tizen.org/privilege/dpm.security
Parameters:
[in]handleDevice policy manager handle
[in]encrypttrue if encryption is required, false if decryption is required
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_PERMISSION_DENIEDThe application does not have the privilege to call this API
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()
dpm_security_is_internal_storage_encrypted()

Wipes external memory, internal memory, or both selectively.

Warning:
This is not for use by third-party applications.

Device Admin can use this API to wipe both SD card data and application data. Calling this API may require rebooting the device.

Since :
3.0
Privilege Level:
partner
Privilege:
http://tizen.org/privilege/dpm.wipe
Parameters:
[in]handleDevice policy manager handle
[in]typeThe target storage for wipe
Returns:
DPM_ERROR_NONE on success, otherwise a negative value
Return values:
DPM_ERROR_NONESuccessful
DPM_ERROR_INVALID_PARAMETERInvalid parameter
DPM_ERROR_PERMISSION_DENIEDThe application does not have the privilege to call this API
Precondition:
The handle must be created by dpm_manager_create().
See also:
dpm_manager_create()