Trafikklysprotokollen

Skjermbilde 2024 02 29 kl 13 21 21

Traffic Light Protocol (TLP) er utviklet av den amerikanske cybersikkerhetsorganisasjonen FIRST, som en standard for klassifisering og deling av ugradert informasjon. Gjeldende versjon er TLP 2.0, som kan leses i sin helhet på FIRSTs nettsider.

Viktig: Kun UGRADERT informasjon kan klassifiseres etter trafikklysprotokollen. Sikkerhetsgradert materiale skal merkes og distribueres i henhold til egne krav

Informasjon som klassifiseres etter trafikklysprotokollen skal merkes tydelig. I e-poster skal TLP-klassifisering fremgå i emnefeltet. I dokumenter skal klassifisering fremgå oppe til høyre på arket.

Oversikt over klassifiseringsmerker:

a. TLP:RED = For the eyes and ears of individual recipients only, no further disclosure. Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. Recipients may therefore not share TLP:RED information with anyone else. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting.

b. TLP:AMBER = Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients. Note that TLP:AMBER+STRICT restricts sharing to the organization only. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note: if the source wants to restrict sharing to the organization only, they must specify TLP:AMBER+STRICT.

c. TLP:GREEN = Limited disclosure, recipients can spread this within their community. Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.

d. TLP:CLEAR = Recipients can spread this to the world, there is no limit on disclosure. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.

Skjermbilde 2022 11 15 kl 21 33 12

Takk for at du vil laste ned en rapport fra NSR.

  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
  • ${ error }
Lukk

Takk!

En epost med lenke til nedlasting av ${ this.publicationData ? this.publicationData.title : '' } er sendt til ${ this.email }.