The concept is simple: Combining all security functions on a single chip for mobile applications could serve as a remedy for many component-sourcing and development headaches.
Instead of relying on several chips and devices for different security applications in a mobile device, an all-in-one (AIO) component could offer Virtual Private Network (VPN), Digital Rights Management (DRM), Data-at-Rest (DAR), and other protection for smart phones and tablets. Inside Secure says it has successfully developed such an AIO chip design, called VaultSEcure, and other suppliers are following its lead, the company says. A wide-scale adoption of the design would obviously have an effect on the mobile electronics supply chain.
But don't expect AIO security chip designs to create waves in the supply chain for mobile devices, either — it will, however, likely create ripples. Some OEMs will find it advantageous, analysts say, while AIO does have some drawbacks and is not necessarily a good fit for consumer grade mobile electronics.
OEMs will likely use AIO to offer a full gamut of mobile security functions in their devices, for example, but don't expect to see the technology in the next iPhone, analysts say.
Pros and cons
In theory at least, AIO solutions can offer major advantages compared to the process of selecting different mobile security components as part of a best-of-breed (BOB) design. Beyond the most obvious benefit of not having to source different devices for mobile security, an AIO solution can help to avoid compatibility problems. Developers, for example, often face challenges when ensuring that separate encryption and data loss prevention (DLP) devices are compatible, an issue that an AIO solution could eliminate.
“The problem is that if you take an encryption engine, but use a separate DLP component, the DLP might not work with encrypted data,” Clive Longbottom, an analyst for Quocirca, told EBN. “You may get a better encryption engine, but if it doesn't work seamlessly with everything else, then the AIO will be a better bet, as it should be designed to be seamless.”
But one drawback of AIO alternatives is how any flaw in one of the different security functions on the chip means the entire device would likely have to be replaced.
“If one part of the AIO is cracked, the whole thing has to be changed out,” Longbottom said. “Again, this may not be a major issue with a BOB design — the cracking of a single BOB component would only mean that just one component would need swapping out.”
Ultimately, the end user applications that OEMs target with their mobile devices will determine whether they choose AIO or BOB solutions. They will also need to decide whether FPGAs, which are programmable but are also more expensive and consume more power than hard-coded ASICs do, serve as the best fit for embedded security with either an AIO or BOB design, Longbottom said. “For many, a middle ground would work by choosing an FPGA-based AIO, but the design would also have a single throat to choke in the supply chain,” he said. “Should there be problems in sourcing the AIO, it is also thus harder to swap to an alternative provider.”
Inside Secure has large-scale ambitions for its AIO device. It hopes VaultSEcure will eventually serve as the security component for a sizeable percentage of smartphones and tablet sales, which IDC says will more than double from 2013 to 2.14 billion units by 2017.
However, OEMs will probably opt for AIO security solutions for mobile devices on a niche scale, Jack E. Gold, president of J. Gold Associates, told EBN. For example, not all OEMs will require some of the technologies on an AIO chip and could save costs by sourcing components on a as-needed basis by adopting a BOB solution.
“AIO is a Swiss army knife where many vendors are probably looking at their own solutions. And some of the components, such as VPN and encryption, are primarily targeted at enterprise users and not the consumer,” Gold said. “So it may work with niche enterprise type products, but probably not consumer mass market.”