Jump to content

Traffic Light Protocol

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by FlashUpdate (talk | contribs) at 08:54, 1 September 2016 (Reference the original definition of TLP as used by US-CERT that is in common use.). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
This article is about areas of classified information and document classification. For operation of traffic signalling devices, see traffic-light signalling and operation. For other uses, see Traffic light (disambiguation).

The Traffic Light Protocol (TLP) was created[1][2] to encourage greater sharing of sensitive information. The originator signals how widely they want their information to be circulated beyond the immediate recipient.

The TLP as defined by US-CERT[3] provides a simple method to achieve this. It is designed to improve the flow of information between individuals, organizations or communities in a controlled and trusted way. It is important that everyone understands and obeys the rules of the protocol. Only then can trust be established and the benefits of information sharing realized. The TLP is based on the concept of the originator labeling information with one of four colors to indicate what further dissemination, if any, can be undertaken by the recipient. The recipient must consult the originator if wider dissemination is required.

In 2015, the Forum of Incident Response and Security Teams (FIRST) initiated a Special Interest Group to ensure that interpretations of TLP are consistent, and clear expectations exist across user communities. The group published version 1.0 of its consolidated TLP document on August 31, 2016.[4]. Due to incompatibility with the standard definition, this variant of theTLP definition should be referenced as "FIRST TLP".

The four colors and their meanings

There are four colors (or traffic lights):[5]

  • RED - personal for named recipients only
In the context of a meeting, for example, RED information is limited to those present at the meeting. In most circumstances, RED information will be passed verbally or in person.
  • AMBER - limited distribution
The recipient may share AMBER information with others within their organization, but only on a ‘need-to-know’ basis. The originator may be expected to specify the intended limits of that sharing.
  • GREEN - community wide
Information in this category can be circulated widely within a particular community. However, the information may not be published or posted publicly on the Internet, nor released outside of the community.
  •  WHITE  - unlimited
Subject to standard copyright rules, WHITE information may be distributed freely, without restriction.

References

  1. ^ "OECD: Development of Policies for Protection of Critical Information Infrastructures" (PDF). Oecd.org. Retrieved 2015-11-19.
  2. ^ "'Re: OpenSSH security advisory: cbc.adv' - MARC". Marc.info. Retrieved 2012-11-25. (alt source SecurityFocus archive entry)
  3. ^ Traffic Light Protocol (TLP) Matrix and Frequently Asked Questions
  4. ^ FIRST announces Traffic Light Protocol (TLP) version 1.0)
  5. ^ "Incidents | Traffic Light Protocol". CCIP. Retrieved 2012-11-25.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Traffic_Light_Protocol&oldid=737198623"