If you simply protect the application with a password, it is useless, since a more or less experienced user or someone who uses google can still access the SMS databases. Of course, this would be enough to protect your messages from a friend(yeah, really good friend ) who asks to play a little bit with your phone.

Of course, there things like access permissions on the file system level, but I don't know how to make this user friendly with reasonable expenditure, because rtcom-messaging-ui(The sms interface) runs as the user "user".

You may be also interested in the lock code. After some time, when not used, the phone locks itself so you have to enter a PIN to unlock the screen again, otherwise, you can't use it. This would also more or less protect your messages.