Using Actor Network Theory to Understand Information Security Management

Abstract : This paper presents an Actor Network Theory (ANT) analysis of a computer hack at a large university. Computer hacks are usually addressed through technical means thus ensuring that perpetrators are unable to exploit system vulnerabilities. We however argue that a computer hack is a result of different events in a heterogeneous network embodying human and non-human actors. Hence a secure organizational environment is one that is characterized by 'stability' and 'social order', which is a result of negotiations and alignment of interests among different actants. The argument is conducted through a case study. Our findings reveal not only the usefulness of ANT in developing an understanding of the (in)security environment at the case study organization, but also the ability of ANT to identify differences in interests among actants. At a practical level, our analysis suggests three principles that management needs to pay attention to in order to prevent future security breaches.
Type de document :
Communication dans un congrès
Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.43-54, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_5〉
Liste complète des métadonnées

Littérature citée [2 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054504
Contributeur : Hal Ifip <>
Soumis le : jeudi 7 août 2014 - 11:42:00
Dernière modification le : vendredi 11 août 2017 - 11:12:29
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:31:23

Fichier

4-Paper-133-USING_ACTOR_NETWOR...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Karin Hedström, Gurpreet Dhillon, Fredrik Karlsson. Using Actor Network Theory to Understand Information Security Management. Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.43-54, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_5〉. 〈hal-01054504〉

Partager

Métriques

Consultations de la notice

152

Téléchargements de fichiers

179