he Evans Wireless Development Survey is a detailed report of extensive, in-depth interviews with almost 500 developers active in wireless application or infrastructure development. It was conducted in the Fall of 2004. All text and analysis herein provided by Evans Data.
Barriers of Adoption: Security
When wireless developers were asked their opinion on whether or not security was a some form of barrier to widespread adoption of mobile devices and services, 85 percent felt that it was. Evans Data respectfully disagrees with this opinion, theorizing that the vast majority of consumers care more about the "gee-whiz" factor of their wireless devices than security.
Figure 1. The Barriers: This graph shows how many developers thought that security was a some form of barrier to widespread adoption of mobile devices and services.
Figure 2. The Question: For mobile devices/services, what is your perception of the following barriers of adoption?
|Figure 3. Most Common Security Mechanism: This graph shows the type of security mechanism that will be the most common.|
The main problem with wireless networks is that most are unprotected. The simple fact is that 70 percent of wi-fi networks don't make use of such readily available security offerings like WEP. Those exposed networks are easily exploited by the unscrupulous.
The average user is extremely pleased if they can get devices from multiple vendors working at all, let alone securely. If the widespread consumer base was concerned about security, the current plagues of email "virii" that are dependant on opening attachments simply would not be possible.
The Type of Security Mechanism that Will Be the Most Common
Currently, there is no clear technology leader in the mobile and wireless space with regard to the security mechanism developers choose when building applications. Additionally, unless a developer specializes in security, there can be definite overlap in their selection. For example, choosing PKI does not rule out the usage of SSL, digital signatures, and data encryption mechanisms.
|Figure 4. The Question: Which of the following security mechanisms would you be most likely to use on your wireless apps?|
They are all interrelated and supportive of each other. SSL relies on digitally signed certificates provided by a trusted third-party PKI certifying authority, which enables encrypted data channels and allows for safe user authentication for Web login scenarios.
PKI ranks first in usage by 15 percent of wireless developers surveyed, followed shortly by SSL/TLS. When the two options are combined, PKI/SSL solutions are selected by just under a third of all developers surveyed. Vying for third-place, user authentication/password protection, WAP 2.0 security, and digital signatures are each selected by one out of 10 respondents.
On the next page, we'll look beyond speculation and find out what security mechanisms developers are actually *using* in their enterprises.