Abstract
Security and privacy are interdependent concepts. Each impacts the other, but to say that they are alternatives is a false dichotomy. Both are issues of human concern; their policies and their risks may be made manifest in software-intensive systems. Architecting a system that attends to the needs of security and privacy is possible and desirable, yet there are often unintended and unexpected consequences in so doing. © 2011 IEEE.