44 U.S. Code § 3532 - Definitions

prev | next
(a) In General.— Except as provided under subsection (b), the definitions under section 3502 shall apply to this subchapter.
(b) Additional Definitions.— As used in this subchapter—
(1) the term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide—
(A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;
(B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information;
(C) availability, which means ensuring timely and reliable access to and use of information; and
(D) authentication, which means utilizing digital credentials to assure the identity of users and validate their access;
(2) the term “national security system” means any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency, the function, operation, or use of which—
(A) involves intelligence activities;
(B) involves cryptologic activities related to national security;
(C) involves command and control of military forces;
(D) involves equipment that is an integral part of a weapon or weapons system; or
(E) is critical to the direct fulfillment of military or intelligence missions provided that this definition does not apply to a system that is used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications);
(3) the term “information technology” has the meaning given that term in section 11101 of title 40; and
(4) the term “information system” means any equipment or interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information, and includes—
(A) computers and computer networks;
(B) ancillary equipment;
(C) software, firmware, and related procedures;
(D) services, including support services; and
(E) related resources.


(Added Pub. L. 107–296, title X, § 1001(b)(1),Nov. 25, 2002, 116 Stat. 2260.)
Applicability of Section

This section not to apply while subchapter III of this chapter is in effect, see section 3549 of this title.
Prior Provisions

A prior section 3532, added Pub. L. 106–398, § 1 [[div. A], title X, § 1061], Oct. 30, 2000, 114 Stat. 1654, 1654A–266, related to definitions applicable to this subchapter prior to the general amendment of this subchapter by Pub. L. 107–296.


LII has no control over and does not endorse any external Internet site that contains links to or references LII.