A1 Refereed original research article in a scientific journal
The Order Machine - The Ontology of Information Security
Authors: Vuorinen J, Tetri P
Publisher: ASSOC INFORMATION SYSTEMS
Publication year: 2012
Journal: Journal of the Association for Information Systems
Journal name in source: JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS
Journal acronym: J ASSOC INF SYST
Number in series: 9
Volume: 13
Issue: 9
First page : 695
Last page: 713
Number of pages: 19
ISSN: 1536-9323
Abstract
Traditionally, information security has been approached in terms of how to achieve the confidentiality, integrity, and availability of information. In this paper, we seek to ontologically examine information security by using Gilles Deleuze and Felix Guattari's philosophical concepts of machine, coupling, interruption, and territory. Through these concepts, we conceptualize information security as an order-seeking, connection-based, territorial security machine that attempts to subject and harness other actors - from technical devices and physical barriers to employees and various combinations of these actors - to carry out the security machine's protective tasks. The goal of the security machine is to block or interrupt the chaotic forces of the outside and, thus, to maintain the fragile order of information. However, the process of interrupting the outside requires interruption of the inside as well: users and organizations are interrupted daily by the security machine and its practices. Yet this aspect of information security has remained largely unexamined. We argue that the question of what information security does to its subjects - what its effects are - in the protected system should be examined more thoroughly.
Traditionally, information security has been approached in terms of how to achieve the confidentiality, integrity, and availability of information. In this paper, we seek to ontologically examine information security by using Gilles Deleuze and Felix Guattari's philosophical concepts of machine, coupling, interruption, and territory. Through these concepts, we conceptualize information security as an order-seeking, connection-based, territorial security machine that attempts to subject and harness other actors - from technical devices and physical barriers to employees and various combinations of these actors - to carry out the security machine's protective tasks. The goal of the security machine is to block or interrupt the chaotic forces of the outside and, thus, to maintain the fragile order of information. However, the process of interrupting the outside requires interruption of the inside as well: users and organizations are interrupted daily by the security machine and its practices. Yet this aspect of information security has remained largely unexamined. We argue that the question of what information security does to its subjects - what its effects are - in the protected system should be examined more thoroughly.
UTU Research Portal