Puneet Varma (Editor)

Traffic Light Protocol

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit

The Traffic Light Protocol (TLP) was originally created in the early 2000s by the UK Government's National Infrastructure Security Coordination Centre (NISCC, now Centre for Protection of National Infrastructure - CPNI) to encourage greater sharing of sensitive information.

The fundamental concept is for the originator to signal how widely they want their information to be circulated beyond the immediate recipient. It is designed to improve the flow of information between individuals, organizations or communities in a controlled and trusted way. It is important that everyone understands and obeys the rules of the protocol. Only then can trust be established and the benefits of information sharing realized. The TLP is based on the concept of the originator labeling information with one of four colors to indicate what further dissemination, if any, can be undertaken by the recipient. The recipient must consult the originator if wider dissemination is required.

A number of current specifications for TLP exist:

  • From ISO/IEC, as part of the Standard on Information security management for inter-sector and inter-organizational communications
  • From US-CERT, which is intended to provide a publicly available simple definition
  • From the Forum of Incident Response and Security Teams (FIRST), which published version 1.0 of its consolidated TLP document on August 31, 2016. arising from a Special Interest Group it created to ensure that interpretations of TLP are consistent, and clear expectations exist across user communities.

    • Summary of TLP's four colours and their meanings

    There are four colors (or traffic lights):

  • RED - personal for named recipients only
    • In the context of a meeting, for example, RED information is limited to those present at the meeting. In most circumstances, RED information will be passed verbally or in person.
  • AMBER - limited distribution
    • The recipient may share AMBER information with others within their organization, but only on a ‘need-to-know’ basis. The originator may be expected to specify the intended limits of that sharing.
  • GREEN - community wide
    • Information in this category can be circulated widely within a particular community. However, the information may not be published or posted publicly on the Internet, nor released outside of the community.
  •  WHITE  - unlimited
    • Subject to standard copyright rules, WHITE information may be distributed freely, without restriction.

    References

    Traffic Light Protocol Wikipedia
    (Text) CC BY-SA