Conversation Structures as a Means of Specifying Security Policy (1989)

Author(s): Dobson, J.E.

Abstact: This paper examines the concept of a security policy. It proposes speech act theory as a language for discussing the semantics of information systems and argues that a security policy must, in addition to specifying constraints on the instrumental acts of authorised access to data, also be capable of expressing the valid sequence of speech acts that constitute the authorisation and crete commitment to the policy.