The IT Law Wiki


A security domain is

[a] collection of entities to which applies a single security policy executed by a single authority.[1]
[a] set of users, rules, processes, systems, and services whose behavior and interactions are governed by a common security policy. A domain that implements a security policy and is administered by a single authority.[2]
[w]ithin an information system, the set of objects that is accessible. Access is determined by the controls associated with information properties such as its security classification, security compartment, or sensitivity. The controls are applied both within an Information System (IS) and in its connection to other classified or unclassified Information Systems.[3]


A security domain is the determining factor in the classification of an enclave of servers/computers. A network with a different security domain is maintained separate from other networks.