Security Policies and Roles
4/8/2010
The following table explains how security policies and security roles are used to manage access permissions on Windows Mobile powered devices.
| Settings | Description of usage |
|---|---|
Security Policies |
Used to configure security settings that are enforced through security roles and security certificates. Security policies enforce security requirements for all Over The Air (OTA) data messages that a mobile device receives, including push messages. Security policies use security roles for determining whether a message has the necessary permissions to be accepted, and if it is accepted, a what level of access. For more information about the security policies that are used for Device Management, see Security Policy Settings. |
Security Roles |
Used to allow or to restrict access to device resources. The security role is based on both the message origin, and on how the message is signed. You can assign multiple security roles to a message in the security policy XML document by combining the decimal values of the security roles that you want to assign. For example, to assign both the SECROLE_OPERATOR and SECROLE_OPERATOR_TPS security roles, which have decimal values of 4 and 128, respectively, use the decimal value 132. |
Reference
- Security Policies
Provides in depth background material on Windows Mobile security policies.
- Security Roles
Contains a breakdown of all of the Windows Mobile security roles, their decimal values, and descriptions that explain how to use them.