What is OMA DM?

The Open Mobile Alliance (OMA) is a standards body responsible for developing and ratifying open standards for the mobile phone industry. OMA-DM is the device management protocol developed by the body for the remote management of mobile phones and PDAs.

The OMA currently manages a number of standards including:

In this post I shall look at the OMA-CP, OMA-DS and OMA-DM protocols.


OMA-CP

The Client Provisioning protocol enables the remote configuration of device settings via SMS message. Such settings might include:

Once configured with these settings, the device will then be able to connect to the Internet and initiate a session with the DS server to synchronise contact and calendar information (using the SyncML data synchronisation protocol), and to the Device Management server to perform more detailed configuration. Bookmarks sent to the device may be to web sites where application installer packages and certificates could be downloaded.
This is where the real power of the solution comes into play: a device can be configured with the required Internet connection details via SMS, requiring only a live SIM card. Once connected to the Internet virtually any aspect of the device's functionality can be configured via OMA-DM:

OMA-DM OMA-DM

OMA-DM OMA-DM


OMA-DM

The device management protocol uses an HTTPS data session rather than SMS message delivery, but a data connection can be requested from the device by sending it a 'wake-up' SMS message. This connection request can be visible to the end user, or can be entirely 'silent' requiring no user interaction at all. Visible requests can also be 'PIN protected' so that the user is required to enter a password (which will need to be provided to the user by some other method, most likely verbal).
Once the session is initiated, the DM server sends XML-based setting template files to the device. These XML templates essentially list every element of the device's functionality and can enable or disable them, or configure specific settings. The client device will then send responses to the OMA-DM server indicating whether the XML was processed successfully or not.
The OMA-DM protocol also provides for the delivery of files to the remote device over the data channel, be they applications, certificates, documents, patches, etc.
Basic inventory information can also be gathered from devices and saved on the OMA-DM server and reported on: including such details as hardware specification, files stored in memory, processes running, applications installed, etc.
Devices can be customised with themes and logos.

In order to support OMA-CP or OMA-DM functionality, the mobile device must have a capable client installed. Thankfully, this is included in the Symbian operating as standard, both series 40 and 60 as well as UIQ and also in the Windows Mobile 6.1 platform.
There are several commercial OMA-DM server products available, including Sybase Afaria, FromDistance Mobile Device Manager, Excitor DME and Perlego. Read the Device Management section for more details. As the OMA-DM protocol is an open standard, it is possible to build your own solution should you wish, and there are open-source projects which can be downloaded free of charge, such as Funambol (www.funambol.com). The Microsoft System Center Mobile Device Manager product also leverages OMA-DM functionality.

In order to be able to send SMS provisioning messages to client devices, the OMA-DM server will need access to an SMS gateway, or will need a mobile device connected to it through which it can send the SMS messages.


DDF Files

DDF Files are Device Description Framework documents that describe the precise XML tags supported by devices, and typically relate to a specific service or application. for example, there is a specific DDF file detailing how to define Nokia Mail For Exchange settings on the Symbian S60v3 platform.
DDF files are available free of charge from most developer web sites, including the Nokia Forum web site for Nokia devices, and the MSDN web site for Windows Mobile.
These documents allow the administrator to construct the required XML document that can be sent to the device in order to automatically provision settings. This information is available to all, but is quite technical in nature: what the commercially available applications do is to create the templates for you, so that all you need to enter are the variables for, in this example, your email environment.
As well as DDF files, there is a wealth of sample XML template files available on these developer web sites as well as a number of tools to help you create XML documents, such as the Nokia Configuration Tool (http://blog.brightpointuk.co.uk/nokia-enterprise-configuration-tool)

It is not only device manufacturers that can use OMA-DM XML-based templates to configure devices: third party software developers can use OMA-DM to provision their applications directly from the OMA-DM server. Companies such as PointSec and F-Secure already have DDF documents available and their products have been incorporated into most commercially available OMA-DM solutions.


TARM

Another feature of OMA-DM is the ability to define and enforce security policies on client devices: having configured devices with the required settings for email, VoIP etc, those settings can then be locked down so that they cannot be changed by the user. Settings controlling device lock and password strength can also be enforced.
This feature is referred to as TARM: Terminal Administration Rights Model, and requires that a 'trust relationship' be established between the client device and the OMA-DM server: the client device must therefore be able to trust the SSL certificate used to secure the HTTPS connection with the OMA-DM server. If the certificate used is not a 'root-trusted' one, the root certificate used by the CA that issued the certificate to the OMA-DM server must be installed on the client.
On Nokia handsets, an additional icon is displayed on the screen when the device is in TARM mode.

OMA Device Management is a very powerful tool indeed, and thanks to its adoption by major manufacturers and the 'open' nature of the standard, it looks to be here for a long time to come.

If you want to find out more information, useful references include:

Forum Nokia - http://www.forum.nokia.com/Resources_and_Information/Documentation/Devic...
Microsoft Developer Network - http://msdn.microsoft.com/en-us/library/bb737404.aspx
IBM - http://www.ibm.com/developerworks/wireless/library/wi-oma/


Summary

Below is a quick summary of the features on the Nokia E and N-series range of handsets that can be configured via OMA-DM:

Settings Management

Security and asset management

Application Management

Device Customisation

Application Settings Management

Connectivity