General Provisioning Architecture

Windows Mobile 6.5

The most common method of provisioning a device after deployment is OTA. The following figure shows the overall architecture of OTA provisioning. The actual path traveled will depend on the protocol used. The following sections explain this in more detail:

  • OMA Client Provisioning
  • OMA Device Management,MSDN.10).gifSecurity Note:
    For OMA Client Provisioning, configuration data is not encrypted when sent over the air (OTA). Be aware of this potential security risk when sending sensitive configuration data, such as passwords. OMA DM sessions are encrypted.

The following table shows the differences between how OMA Client Provisioning and OMA DM handle various features in Windows Mobile devices:

Feature OMA Client Provisioning OMA DM


WAP-based Push over binary Short Message Service (SMS)

HTTPr Secure Sockets Layer (SSL).

DM session

One way push. There is no response channel, so you cannot get execution results or perform a remote query.

Two way communication allows a request-response exchange.

Message format

WAP Client Provisioning XML



wbxml (tokenization)


DM commands


Windows Mobile extends the commands with update, delete, query-local usage.

Add, replace, get, exec, delete, and response

Managed settings

Data connectivity, WAP gateway, and application access information

Windows Mobile extends with other custom settings.

DMAcc, DMS, DevInfo, DevDetail

No restriction, extendable DM tree. Windows Mobile extends with custom settings.


Data integrity and server authentication by using a OMA Client Provisioning standard, PIN signed message. There is no built-in encryption. For information about security roles, see Security Roles.

Mutual authentication at the application and transport level. Encryption and data integrity check relies on SSL transport.

Access control


Windows Mobile extends with role-based access control.

Supports Windows Mobile role-base access control

For examples of OMA DM continuous provisioning, see Provisioning Using OMA Device Management.

Community Additions