OMA-TS-LWM2M_LockWipe-V1_0_2-20210119-A

Lightweight M2M – Lock and Wipe Object (LwM2M Object – LockWipe)

Approved Version: 1.0.2 - 2021-01-19

Open Mobile Alliance

main: 25 Jan 2021 15:51:00 rev: 6513d68

Use of this document is subject to all of the terms and conditions of the Use Agreement located at https://www.omaspecworks.org/about/policies-and-terms-of-use/.

Unless this document is clearly designated as an approved specification, this document is a work in process, is not an approved Open Mobile Alliance™ specification, and is subject to revision or removal without notice.

You may use this document or any part of the document for internal or educational purposes only, provided you do not modify, edit or take out of context the information in this document in any manner. Information contained in this document may be used, at your sole risk, for any purposes. You may not use this document in any other manner without the prior written permission of the Open Mobile Alliance. The Open Mobile Alliance authorizes you to copy this document, provided that you retain all copyright and other proprietary notices contained in the original materials on any copies of the materials and that you comply strictly with these terms. This copyright permission does not constitute an endorsement of the products or services. The Open Mobile Alliance assumes no responsibility for errors or omissions in this document.

Each Open Mobile Alliance member has agreed to use reasonable endeavors to inform the Open Mobile Alliance in a timely manner of Essential IPR as it becomes aware that the Essential IPR is related to the prepared or published specification.
However, the members do not have an obligation to conduct IPR searches. The declared Essential IPR is publicly available to members and non-members of the Open Mobile Alliance and may be found on the “OMA IPR Declarations” list at https://www.omaspecworks.org/about/intellectual-property-rights/. The Open Mobile Alliance has not conducted an independent IPR review of this document and the information contained herein, and makes no representations or warranties regarding third party IPR, including without limitation patents, copyrights or trade secret rights. This document may contain inventions for which you must obtain licenses from third parties before making, using or selling the inventions. Defined terms above are set forth in the schedule to the Open Mobile Alliance Application Form.

NO REPRESENTATIONS OR WARRANTIES (WHETHER EXPRESS OR IMPLIED) ARE MADE BY THE OPEN MOBILE ALLIANCE OR ANY OPEN MOBILE ALLIANCE MEMBER OR ITS AFFILIATES REGARDING ANY OF THE IPR’S REPRESENTED ON THE “OMA IPR DECLARATIONS” LIST, INCLUDING, BUT NOT LIMITED TO THE ACCURACY, COMPLETENESS, VALIDITY OR RELEVANCE OF THE INFORMATION OR WHETHER OR NOT SUCH RIGHTS ARE ESSENTIAL OR NON-ESSENTIAL.

THE OPEN MOBILE ALLIANCE IS NOT LIABLE FOR AND HEREBY DISCLAIMS ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE USE OF DOCUMENTS AND THE INFORMATION CONTAINED IN THE DOCUMENTS.

THIS DOCUMENT IS PROVIDED ON AN "AS IS" "AS AVAILABLE" AND "WITH ALL FAULTS" BASIS.

Used with the permission of the Open Mobile Alliance under the terms set forth above.

1. Scope

This document defines the technical specification for a Lock and Wipe object, to be used in conjunction with the Lightweight M2M enabler.

2. References

2.1. Normative References

Table: 2.1.-1 Normative References
[RFC2119]	“Key words for use in RFCs to Indicate Requirement Levels”, S. Bradner, March 1997, URL:http://www.ietf.org/rfc/rfc2119.txt
[RFC4234]	“Augmented BNF for Syntax Specifications: ABNF”. D. Crocker, Ed., P. Overell. October 2005, URL:http://www.ietf.org/rfc/rfc4234.txt
[SCRRULES]	“SCR Rules and Procedures”, Open Mobile Alliance™, OMA-ORG-SCR_Rules_and_Procedures, URL:http://www.openmobilealliance.org/

2.2. Informative References

Table: 2.2.-1 Informative References
[OMADICT]	“Dictionary for OMA Specifications”, Open Mobile Alliance™, OMA-ORG-Dictionary-V2_9, URL:http://www.openmobilealliance.org/

3. Terminology and Conventions

3.1. Conventions

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in [RFC2119].

All sections and appendixes, except “Scope” and “Introduction”, are normative, unless they are explicitly indicated to be informative.

3.2. Definitions

Table: 3.2.-1 Definitions
Full lock	To render the device fully inoperable
Partial lock	To render the device partially inoperable except for functions that aid the recovery of the device
Wipe	To permanently erase data from the device

3.3. Abbreviations

Table: 3.3.-1 Abbreviations
OMA	Open Mobile Alliance

4. Introduction

The document defines the LwM2M Lock and Wipe Object.

There are several use cases in the M2M space that require the functionality provided by this LwM2M Object. E.g. a M2M service provider wants to ensure that a stolen M2M device cannot be used. Furthermore, a M2M service provider wants to remotely erase the memory of a device ensuring that sensitive data does not get into the wrong hands.

4.1. Version 1.0

Version 1.0 defines the following functions:

Lock the M2M device – partially or fully
Unlock the M2M device
Wipe the M2M device – partially or fully
Report the result of the above operations

5. LwM2M Object: Lock and Wipe

Description

This LWM2M objects provides the resources needed to perform the lock and wipe operations.

Object definition

Table: 5.-1 LwM2M Object: Lock and Wipe object definition
Name	Object ID	Object Version	LWM2M Version
Lock and Wipe	8	1.0	1.0
Object URN		Instances	Mandatory
urn:oma:lwm2m:oma:8		Single	Optional

Resource definitions

Table: 5.-2 LwM2M Object: Lock and Wipe Resource definitions
ID	Name	Operations	Instances	Mandatory	Type	Range or Enumeration	Description
0	State	RW	Single	Mandatory	Integer	0..2	State of the device: 0: unlocked state Normal operation. 1: partially locked state To render the device inoperable the device has been partially locked. The "lock target" resource allows specifying the target(s) for this operation. 2: fully locked state To render the device fully inoperable the device has been fully locked.
1	Lock target	W	Multiple	Mandatory	String		To specify one or several targets for the lock operation. This allows partially locking the device by selecting specific components or interfaces to be locked.
2	Wipe item	R	Multiple	Optional	String		Indicates which data can be wiped from the device. This resource could be e.g. representing a directory.
3	Wipe	E	Single	Mandatory			To permanently erase data from the device.
4	Wipe target	W	Multiple	Mandatory	String		To specify one or several targets for the wipe operation. This allows selecting specific data, or, memory areas for the wipe operation.
5	Lock or Wipe Operation Result	R	Single	Mandatory	Integer	0..8	Contains the result of a lock and wipe operation 0: Default 1: Partially Lock operation successful 2: Fully Lock operation successful 3: Unlock operation successful 4: Wipe operation successful 5: Partially Lock operation failed 6: Fully Lock operation failed 7: Unlock operation failed 8: Wipe operation failed This Resource MAY be reported by sending Observe operation.

5.1. Lock Considerations

The Lock operation allows rendering the device inoperable from unauthorized usage – either fully or partially.

If the device is fully locked the device might not be recoverable unless a mechanism is used which is outside the scope of this specification.

If a device is fully locked the wipe operation will not work any longer. Thus, if a wipe operation is intended it should be executed before the lock operation.

If the device is partially locked some functions might be active as specified with the lock target resource. E.g. for a stolen device the location tracking function might be excluded from a lock operation.

5.2. Wipe Considerations

The Wipe operation allows wipe date from the device – either all data or specific data.

Before performing the wipe operation there might be situations where the server wants to find out first what items can be wiped on the device. This can be achieved by reading the “wipe item” resource instances.

The wipe target resource allows specifying one or several targets for the wipe operation. This allows selecting specific data, or, memory areas for the wipe operation.