U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

authorization boundary

Abbreviation(s) and Synonym(s):

Information System Boundary
Information System Component
system boundary

Definition(s):

  All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is connected.
Source(s):
CNSSI 4009-2015 from NIST SP 800-53 Rev. 4, NIST SP 800-53A Rev. 1, NIST SP 800-37 Rev. 1
NIST SP 800-137 under Authorization Boundary from NIST SP 800-37
NIST SP 800-161 under Authorization Boundary from NIST SP 800-53 Rev. 4
NIST SP 800-30 Rev. 1 under Authorization Boundary from CNSSI 4009
NIST SP 800-39 under Authorization Boundary from NIST SP 800-37
NIST SP 800-53A Rev. 4 under Authorization Boundary from NIST SP 800-37
NIST SP 800-37 Rev. 1 [Superseded] under Authorization Boundary
NIST SP 800-53 Rev. 4 [Superseded] under Authorization Boundary

  A discrete identifiable IT asset that represents a building block of an information system.
Source(s):
NIST SP 800-128 under Information System Component

  All components of an information system to be authorized for operation by an authorizing official. This excludes separately authorized systems to which the information system is connected.
Source(s):
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from OMB Circular A-130 (2016)

  See Authorization Boundary.
Source(s):
CNSSI 4009-2015 under information system boundary from NIST SP 800-37 Rev. 1
NIST SP 800-37 Rev. 2 under information system boundary
NIST SP 800-137 under Information System Boundary
NIST SP 800-30 Rev. 1 under Information System Boundary
NIST SP 800-39 under Information System Boundary
NIST SP 800-53A Rev. 4 under Information System Boundary
NIST SP 800-37 Rev. 2 under system boundary
NIST SP 800-37 Rev. 1 [Superseded] under Information System Boundary
NIST SP 800-53 Rev. 4 [Superseded] under Information System Boundary
NIST SP 800-53 Rev. 4 [Superseded] under Information System Component from NIST SP 800-128 - Adapted
NIST SP 800-53 Rev. 4 [Superseded] under Security Authorization Boundary

  A discrete, identifiable information technology asset (e.g., hardware, software, firmware) that represents a building block of an information system. Information system components include commercial information technology products.
Source(s):
NIST SP 800-53 Rev. 4 [Superseded] under Information System Component from NIST SP 800-128 - Adapted

  Note: Information systems also include specialized systems such as industrial/process controls systems, telephone switching and private branch exchange (PBX) systems, and environmental control systems.
Source(s):
NIST SP 800-53 Rev. 4 [Superseded] under Information System Boundary