> I like the idea where an application implements its most valuable part 
> (security) as closed source and the rest is left open.

Closed source security is a really, really bad idea. Security should
*never* be closed source. Two terms;
  peer review
  security by obscurity?

http://www.schneier.com/crypto-gram-0205.html#1

I haven't even read this article, but I'm trusting it to be agreeable,
since it's coming from Schneier. Please take a close look at it.
Security is important stuff.

Cheers,
  Arlen.