This paper contradicts the commonly held view that privacy and security of data must sometimes be sacrificed for the sake of national security. We demonstrate that for specific examples of real mobile devices, such as mobile phones, Wi-Fit®, electronic passports, and electronic government-employee ID cards, lack of sufficient attention to privacy actually harms the intended national security applications. We then present as a case study the Caernarvon high-security smart-card operating system developed by IBM, to show the feasibility of harmonizing personal privacy and security requirements with national security needs.
Note: The Institute of Electrical and Electronics Engineers, Incorporated is distributing this Article with permission of the International Business Machines Corporation (IBM) who is the exclusive owner. The recipient of this Article may not assign, sublicense, lease, rent or otherwise transfer, reproduce, prepare derivative works, publicly display or perform, or distribute the Article.