§ 3532. — Definitions.
[Laws in effect as of January 24, 2002]
[Document not affected by Public Laws enacted between
January 24, 2002 and December 19, 2002]
[CITE: 44USC3532]
TITLE 44--PUBLIC PRINTING AND DOCUMENTS
CHAPTER 35--COORDINATION OF FEDERAL INFORMATION POLICY
SUBCHAPTER II--INFORMATION SECURITY
Sec. 3532. Definitions
(a) In General.--Except as provided under subsection (b), the
definitions under section 3502 shall apply to this subchapter.
(b) Additional Definitions.--As used in this subchapter--
(1) the term ``information security'' means protecting
information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction in order to
provide--
(A) integrity, which means guarding against improper
information modification or destruction, and includes ensuring
information nonrepudiation and authenticity;
(B) confidentiality, which means preserving authorized
restrictions on access and disclosure, including means for
protecting personal privacy and proprietary information;
(C) availability, which means ensuring timely and reliable
access to and use of information; and
(D) authentication, which means utilizing digital
credentials to assure the identity of users and validate their
access;
(2) the term ``national security system'' means any information
system (including any telecommunications system) used or operated by
an agency or by a contractor of an agency, or other organization on
behalf of an agency, the function, operation, or use of which--
(A) involves intelligence activities;
(B) involves cryptologic activities related to national
security;
(C) involves command and control of military forces;
(D) involves equipment that is an integral part of a weapon
or weapons system; or
(E) is critical to the direct fulfillment of military or
intelligence missions provided that this definition does not
apply to a system that is used for routine administrative and
business applications (including payroll, finance, logistics,
and personnel management applications);
(3) the term ``information technology'' has the meaning given
that term in section 11101 of title 40; and
(4) the term ``information system'' means any equipment or
interconnected system or subsystems of equipment that is used in the
automatic acquisition, storage, manipulation, management, movement,
control, display, switching, interchange, transmission, or reception
of data or information, and includes--
(A) computers and computer networks;
(B) ancillary equipment;
(C) software, firmware, and related procedures;
(D) services, including support services; and
(E) related resources.
(Added Pub. L. 107-296, title X, Sec. 1001(b)(1), Nov. 25, 2002, 116
Stat. 2260.)
Applicability of Section
This section not to apply while subchapter III of this chapter
is in effect, see section 3549 of this title.
Prior Provisions
A prior section 3532, added Pub. L. 106-398, Sec. 1 [[div. A], title
X, Sec. 1061], Oct. 30, 2000, 114 Stat. 1654, 1654A-266, related to
definitions applicable to this subchapter prior to the general amendment
of this subchapter by Pub. L. 107-296.
Section Referred to in Other Sections
This section is referred to in title 6 section 511; title 15 section
278g-3.
