Filter
Top Products
White Paper
Z500a
24 June 2004
for more challenging tasks such remote problem solving
and correction. In addition, DM may be one of the tools
used for remote firmware updates.
DM Tree
The settings that can be configured via OMA DM must
be specified in a DM tree which is a data structure with
which the DM client communicates settings to the host
device. The tree is made up of nodes (sometimes called
management objects) that can be modified by the client.
In the future, it will be possible to include nodes that
support the installation and removal of software
applications in devices with open operating systems. The
DM tree for the Z500a includes, among other things, the
settings that are necessary for WAP. These settings
should be customized in the factory but can be updated
by the service provider. This could prove to be extremely
useful for infrastructure modifications including the
modifications needed when service providers merge or
increase capacity. A standardized way of dealing with
these changes allows for a more efficient transition for a
variety of devices from multiple vendors.
Nodes
Nodes are entities that can be manipulated by the client
as commanded via the OMA DM protocol. The protocol
supports nodes as simple as integers and more complex
than GPRS data accounts. An interior node in the tree
can have a large number of child nodes. The number is
only limited by the amount of memory available. Each
note has a unique URI. In addition, nodes have an
associated Access Control List (ACL) that is a list of
servers that are given permission to manipulate the node.
The servers are identified by a unique DM-specific name
rather than an IP address or certificate. Note that a node
is not required to have a unique ACL. Rules exist for
applying the ACL of a parent node to child nodes. With
appropriate security devices can be protected.
Security
A powerful tool like OMA DM requires powerful
security mechanisms. OMA DM uses Message Digest 5
(MD5) authentication. Either the client or the server may
challenge for authentication. Integrity is handled with a
Hashed Message Authentication Code (HMAC). User of
the HMAC is optional. There are two aspects of
confidentiality for OMA DM. Confidentiality of
information during transport is handled by the transport
protocol. TLS and HTTPS could be utilized. The other
aspect of confidentiality is confidentiality between DM
servers. This is handled by the ACL mentioned
previously. Nodes in the DM tree cannot be modified by
servers not included in the ACL.