authorization boundary

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

information system boundary

CNSSI 4009-2015

Information System Boundary

NIST SP 800-137, NIST SP 800-30 Rev. 1, NIST SP 800-39, NIST SP 800-53 Rev. 4, NIST SP 800-53A Rev. 4

Information System Component

NIST SP 800-30 Rev. 1

Security Authorization Boundary

NIST SP 800-39, NIST SP 800-53 Rev. 4

system boundary

Definition(s):

  All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is connected.
Source(s):
CNSSI 4009-2015 NIST SP 800-53 Rev. 4, NIST SP 800-53A Rev. 1, NIST SP 800-37 Rev. 1
NIST SP 800-137 under Authorization Boundary NIST SP 800-37
NIST SP 800-161 under Authorization Boundary NIST SP 800-53 Rev. 4
NIST SP 800-30 Rev. 1 under Authorization Boundary CNSSI 4009
NIST SP 800-37 Rev. 1 under Authorization Boundary
NIST SP 800-39 under Authorization Boundary NIST SP 800-37
NIST SP 800-53 Rev. 4 under Authorization Boundary
NIST SP 800-53A Rev. 4 under Authorization Boundary NIST SP 800-37

  A discrete, identifiable information technology asset (e.g., hardware, software, firmware) that represents a building block of an information system. Information system components include commercial information technology products.
Source(s):
NIST SP 800-53 Rev. 4 under Information System Component NIST SP 800-128 - Adapted

  A discrete identifiable IT asset that represents a building block of an information system.
Source(s):
NIST SP 800-128 under Information System Component

  Note: Information systems also include specialized systems such as industrial/process controls systems, telephone switching and private branch exchange (PBX) systems, and environmental control systems.
Source(s):
NIST SP 800-53 Rev. 4 under Information System Boundary

  All components of an information system to be authorized for operation by an authorizing official. This excludes separately authorized systems to which the information system is connected.
Source(s):
NIST SP 800-37 Rev. 2

  See Authorization Boundary.
Source(s):
CNSSI 4009-2015 under information system boundary NIST SP 800-37 Rev. 1
NIST SP 800-37 Rev. 2 under information system boundary
NIST SP 800-137 under Information System Boundary
NIST SP 800-30 Rev. 1 under Information System Boundary
NIST SP 800-37 Rev. 1 under Information System Boundary
NIST SP 800-39 under Information System Boundary
NIST SP 800-53 Rev. 4 under Information System Boundary
NIST SP 800-53A Rev. 4 under Information System Boundary
NIST SP 800-37 Rev. 2 under system boundary
NIST SP 800-53 Rev. 4 under Information System Component NIST SP 800-128 - Adapted
NIST SP 800-53 Rev. 4 under Security Authorization Boundary

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

authorization boundary

Glossary Comments