Trafikklysprotokollen
Traffic Light Protocol (TLP) er utviklet av den amerikanske cybersikkerhetsorganisasjonen FIRST, som en standard for klassifisering og deling av ugradert informasjon. Gjeldende versjon er TLP 2.0, som kan leses i sin helhet på FIRSTs nettsider.
Viktig: Kun UGRADERT informasjon kan klassifiseres etter trafikklysprotokollen. Sikkerhetsgradert materiale skal merkes og distribueres i henhold til egne krav
Informasjon som klassifiseres etter trafikklysprotokollen skal merkes tydelig. I e-poster skal TLP-klassifisering fremgå i emnefeltet. I dokumenter skal klassifisering fremgå oppe til høyre på arket.
Oversikt over klassifiseringsmerker:
a. TLP:RED = For the eyes and ears of individual
recipients only, no further disclosure.
Sources may use TLP:RED when information cannot be effectively acted
upon without significant risk for the privacy, reputation, or operations
of the organizations involved. Recipients may therefore not share
TLP:RED information with anyone else. In the context of a meeting, for
example, TLP:RED information is limited to those present at the meeting.
b. TLP:AMBER = Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients. Note that TLP:AMBER+STRICT restricts sharing to the organization only. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note: if the source wants to restrict sharing to the organization only, they must specify TLP:AMBER+STRICT.
c. TLP:GREEN = Limited disclosure, recipients can spread this within their community. Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.
d. TLP:CLEAR = Recipients can spread this to the world, there is no limit on disclosure. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.