Security policy group provides APIs to control security functionality.
Required Header
#include <dpm/security.h>
Overview
Security policy group provides APIs to control security functionality such as device encryption and screen lock. Any API which requires privileges is only available for the registered device admin client which is enrolled to the device by enrollment process.
Enumeration Type Documentation
Enumeration for device wipe type.
- Since :
- 3.0
- Enumerator:
DPM_SECURITY_WIPE_INTERNAL_STORAGE |
Wipe internal memory
|
DPM_SECURITY_WIPE_EXTERNAL_STORAGE |
Wipe external memory
|
Function Documentation
Checks the external storage encryption state.
An administrator can use this API to check whether external storage encryption is enabled.
- Since :
- 3.0
- Parameters:
-
[in] | handle | Device policy manager handle |
[out] | is_encrypted | true if external storage is encrypted or being encrypted, else false |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()
-
dpm_security_set_external_storage_encryption()
Checks the internal storage encryption state.
An administrator can use this API to check whether internal storage encryption is enabled.
- Since :
- 3.0
- Parameters:
-
[in] | handle | Device policy manager handle |
[out] | is_encrypted | true if internal storage is encrypted or being encrypted, else false. |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()
-
dpm_security_set_internal_storage_encryption()
Locks device screen immediately.
- Warning:
- This is not for use by third-party applications.
An administrator can use this API to lock the device screen immediately
- Since :
- 3.0
- Privilege Level:
- partner
- Privilege:
- http://tizen.org/privilege/dpm.lock
- Parameters:
-
[in] | handle | Device policy manager handle |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()
Encrypts or decrypts external storage.
- Warning:
- This is not for use by third-party applications.
An administrator can use this API to enable external SD card encryption. Before calling this API, administrator must ensure that the device password is set to alphanumeric quality. The administrator can set an alphanumeric password by using dpm_set_password_quality() API
- Since :
- 3.0
- Privilege Level:
- partner
- Privilege:
- http://tizen.org/privilege/dpm.security
- Parameters:
-
[in] | handle | Device policy manager handle |
[in] | encrypt | true if encryption is required, false if decryption is required |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()
-
dpm_security_is_external_storage_encrypted()
Encrypts or decrypts internal storage.
- Warning:
- This is not for use by third-party applications.
An administrator can use this API to enable full device encryption, which includes device memory and internal SD card. Before calling this API, administrator must ensure that the device password is set to alphanumeric quality. The administrator can set an alphanumeric password by using dpm_set_password_quality() API
- Since :
- 3.0
- Privilege Level:
- partner
- Privilege:
- http://tizen.org/privilege/dpm.security
- Parameters:
-
[in] | handle | Device policy manager handle |
[in] | encrypt | true if encryption is required, false if decryption is required |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()
-
dpm_security_is_internal_storage_encrypted()
Wipes external memory, internal memory, or both selectively.
- Warning:
- This is not for use by third-party applications.
Device Admin can use this API to wipe both SD card data and application data. Calling this API may require rebooting the device.
- Since :
- 3.0
- Privilege Level:
- partner
- Privilege:
- http://tizen.org/privilege/dpm.wipe
- Parameters:
-
[in] | handle | Device policy manager handle |
[in] | type | The target storage for wipe |
- Returns:
- DPM_ERROR_NONE on success, otherwise a negative value
- Return values:
-
- Precondition:
- The handle must be created by dpm_manager_create().
- See also:
- dpm_manager_create()