The Order Machine - The Ontology of Information Security

Traditionally, information security has been approached in terms of how to achieve the confidentiality, integrity, and availability of information. In this paper, we seek to ontologically examine information security by using Gilles Deleuze and Felix Guattari's philosophical concepts of machine, coupling, interruption, and territory. Through these concepts, we conceptualize information security as an order-seeking, connection-based, territorial security machine that attempts to subject and harness other actors - from technical devices and physical barriers to employees and various combinations of these actors - to carry out the security machine's protective tasks. The goal of the security machine is to block or interrupt the chaotic forces of the outside and, thus, to maintain the fragile order of information. However, the process of interrupting the outside requires interruption of the inside as well: users and organizations are interrupted daily by the security machine and its practices. Yet this aspect of information security has remained largely unexamined. We argue that the question of what information security does to its subjects - what its effects are - in the protected system should be examined more thoroughly.