Late next year, consumers will be able to buy smartphones that either come with native hypervisor software or use an app allowing them to run two interfaces on the phone: one for personal use, one for work.
The technology could help address an issue that has cropped up with increasing frequency at work: Employees who bring their personal mobile devices to work and use them to communicate with clients and to access corporate data. The issue can cause friction at companies that need to safeguard their data on employee-owned smartphones and tablets and want to be able to remotely wipe the devices of data if they’re lost or if an employee quits or is fired.
The bring-your-own-device (BYOD) trend has enabled a more efficient and mobile workforce while exposing companies to a myriad of security and data management quandaries. For example, corporate BYOD policies limit what devices can be used based on the type of mobile device management software their IT shop has deployed.
Next year, software and mobile device manufacturers will enable what are essentially two instances of the same OS on a smartphone. That will give corporations secure control over their data and employees the personal data privacy they want, keeping it from being seen or wiped by corporate IT.
VMware and Red Bend are two of the leading software companies that have already signed OEM agreements with smartphone manufacturers to create dual-identify devices from some of today’s most popular models.
The two approaches to the smartphone virtualisation market, however, are different and hinge on whether the software provider is using a Type 1 or Type 2 hypervisor.
A Type 1 hypervisor is hardware-based technology that creates a second copy of the OS and runs both instances in two distinct regions of a processor. A Type 2 hypervisor runs as a guest OS on top of the host OS, not in parallel like a Type 1. The guest has to communicate through the host OS in order to access the hardware.
Type 1 hypervisor technology is considered more secure because it’s integrated into the processor, said Ken Dulaney, a vice president and distinguished analyst at research firm Gartner.
Red Bend’s Type 1 hypervisor will run on a new generation of mobile processors due out next year. It now has a partnership with ARM, which is developing a new Cortex-A15 processor to take advantage of mobile virtualisation. “So it’s the best security combined with the best performance,” said Lori Sylvia, Red Bend’s executive vice president of marketing.
ARM has also partnered with AMD to develop new x86 processors that are optimised for virtualised smartphones.
While more secure than today’s devices, Dulaney sees a Type 1 hypervisor as kludgy because it requires dual booting of the OS — one for each smart phone instance. “Most users reject this kind of operation because you have to go back and forth between two OSes,” Dulaney said.
Sylvia acknowledged that both OSes need to boot, but said there’s no performance issue. “It’s the standard Android boot time,” she said.
“In Red Bend’s solution, the personal virtual phone boots first, and then the virtual work phone boots second. After the first one is running, it takes a few moments and then the second one is good to go, too,” Sylvia said. “What goes into the work-phone instance will all be customised on the back end by the IT admins.”
During a meeting with Computerworld, Sylvia demonstrated how Red Bend’s technology works on an Android-enabled Samsung Galaxy Nexus smartphone prototype.
During the demo, if the phone was displaying the private user interface and a phone call came in from a person listed in the phone’s corporate contact list, the device automatically changed interfaces to the business instance. The phone smoothly moved between the two distinct interfaces.
“The performance can be totally optimised because I’m only seeing one instance at a time,” Sylvia said. “The other OS is there, but it’s not consuming the same resources at the same time.”
Some smart phone makers are looking at other UI implementations, such as an icon on the home screen that switches back and forth between private and corporate instances when pressed. “The [ones] we’re working with are designing their phones to be virtualised. So the issues of additional RAM, which is the main requirement for this hypervisor, will be addressed on an enterprise-ready phone,” Sylvia said.
Red Bend, which got its start in 1999 writing software that enabled AOL browser upgrades, moved into the mobile area in 2003 with its Firmware Over The Air (FOTA) technology. It’s now used on 1.6 billion mobile devices for mobile OS and app updates.
Red Bend began developing its mobile virtualisation platform after it acquired VirtualLogix in 2010.
When the technology is available in the second half of 2013, a dual-identity smartphone buyer would simply tell their corporate IT admins about the device. If the company has Red Bend’s Software Management Center installed on its mobile device management (MDM) servers, the software will initiate an OMA Device Management session and send a delta file to the phone. The delta file copies the Android OS to create a second instance on the device.
The IT administrator can then customise the “corporate image” on the smartphone with whatever applications the company has chosen for its employees. For example, the corporate image could include a VPN, meeting apps, and access to the company email system.
VMware’s Horizon Mobile software
VMware has also been working on the idea of a Type 1 hypervisor on mobile phones. Four years ago, VMware purchased France-based Trango Virtual Processors, a maker of Type 1 hypervisor technology. After several years of development, however, VMware decided not to use Trango’s technology because it didn’t see support among smartphone manufacturers for hardware-based virtualisation, according to Srinivas Krishnamurti, VMware’s senior director of Mobile Solutions.
“Type 1 hypervisors for mobile phones are hard to build and maintain in a scalable manner,” Krishnumurti said. “The chip makers — the Qualcomms and the Texas Instruments of the world — were like, ‘Why should I invest in rewriting all my device drivers, and doing a bunch of battery, graphic and performance optimisations that no [systems manufacturer] is asking me for?’
“So it’s hard to do it without an ecosystem, and the ecosystem is not going to do it unless their customers are asking for it,” Krishnamurti added.
VMware chose a Type 2 hypervisor product, Horizon Mobile, which will either be embedded on a smartphone and awaiting activation or a free, downloadable app. It will be available to U.S. smartphone users next year.
VMware already has deals in place with LG, Samsung and Motorola to embed its Horizon Mobile software on their devices. Motorola is already selling its Droid Razr M smartphone in Japan with VMware’s hypervisor technology.
“Our expectation is there will be multiple devices from each vendor available in the U.S. in 2013,” Krishnamurti said. “And there are three or four other vendors we’ve not yet announced. Our expectation is there will be a lot of Android phones that will have our hypervisor on them.”
On the corporate side, IT administrators who want to enable employee smartphones for business use can buy VMware’s administrative interface, Horizon Mobile Manager. When an employee with a Horizon Mobile-enabled smartphone wants to activate the “corporate” interface, all he or she needs to do is choose the app; it will ask them to log in with their corporate name and password.
The Horizon Mobile Manager server on the backend will then recognise the log-in, and a pre-configured Android or iOS instance (with all the work apps) will be pushed to the smartphone. If an employee tries to transfer data or apps between the corporate instance and the private instance, the transfer is automatically blocked.
“So, we basically monetise on the management side and not on the app or the hypervisor side,” Krishnumurti said. “Enterprises are the ones who are having the problems with security and making sure data doesn’t leak. So they’re quite willing to pay for that.”
Currently, VMware’s Horizon Mobile supports Apple’s iOS and Android-based smartphones. VWware hasn’t announced its plans for Windows phones yet. It’s currently waiting to see how adoption rates scale before moving to modify the hypervisor for that platform, Krishnumurti said.
iOS products are relatively easy to support, Krishnumurti said, because Apples devices at the factory are updated when that operating system is upgraded. And typically, 50% to 60% of iPhone and iPad users download an upgrade in the first two weeks it’s out. By contrast, the Android phone market is more fragmented, he said. Some OEMs upgrade to the latest version of the OS, others don’t, he said.
“It’s hard for us to put our arms around it. By virtualising, we normalise and abstract away all that fragmentation and give IT their own version of Android to manage,” he said. “And, there’s no chance a Type 2 hypervisor will show up on an Apple device” because of the proprietary nature of Apple’s hardware.
Other mobile virtualisation players
Other companies, such as Israel-based CellRox and Good Technology in Sunnyvale, Calif. are also developing technology for dual-identity smartphones.
Like VMware’s Horizon Mobile software, CellRox’s ThinVisor is a kernel-enabled hypervisor that runs on the smartphone and creates multiple “personas” to keep corporate data and private data separate. In September, CellRox announced it had launched its BYOD Multi-Persona app toolkit for Android Ice Cream Sandwich-enabled mobile device manufacturers to embed the capability on their smartphones.
Good Technology places encrypted containers in a sandboxed segment of a file system on the phone, where corporations can run their own apps securely and separate from a user’s personal apps. Gartner’s Dulaney said Good Technology’s product isn’t truly a hypervisor because it has basically built an application development container.
ARM and AMD plan new hypervisor processors
For many dual OS-instance technologies to succeed, today’s mobile processors will have to become more powerful to handle the added workload and incorporate native data management and security features.
Red Bend has signed a partnership agreement with chip maker Advanced RISC Machines Ltd. (ARM) to produce processors powerful enough to run dual-OS phones. Those are expected out in the second half of 2013.
“BYOD is not just about running two OSes,” said Ron Perez, an AMD fellow and the director of its security architecture organisation. “It’s [also] about what to do with the data produced in that corporate environment that’s on the device.”
In a move away from its traditional server market space, AMD earlier this year also partnered with ARM to develop x86 chips that will have ARM microcontrollers dedicated to mobile security.
ARM, and now AMD, are also working with the non-profit standards organisation, GlobalPlatform, to develop the Trusted Execution Environment (TEE) API Specification. Founded in 1999, GlobalPlatform has its roots in the smartcard and payment market with member organisations such as Visa, MasterCard and American Express.
Using the ARM microcontroller on the x86 chip, the TEE would create a separate area on a mobile phone’s main processor that uses data encryption algorithms to secure sensitive data stored on the device. Mobile capabilities already on smartphones would allow IT organisations to track mobile devices and erase only corporate data if the device is lost or compromised, or if the employee has left the company. For example, geo-sensor technology on smartphones would allow corporations to track where employee-owned mobile phones are and wipe the devices if they left a specified region
“So, essentially this comes down to encryption key management. How do we protect the data from one operating system so that another operating system doesn’t have access to it,” Perez said. “The security processor would have that responsibility.”
AMD expects its news secure mobile processors to begin shipping in the second half of 2013.
Although AMD also plans to use its new x86 chips in the server and storage industry, mobile will be first.
“The mobile platform is the most exposed,” Perez said. “It’s the weakest link in the entire ecosystem. That’s where greater levels of separation through virtualisation is needed.”