Security information: New traffic light protocol to simplify confidentiality
The Traffic Light Protocol has established itself for marking confidential information. TLP version 2.0 aims to make the author’s intention clearer.
The Traffic Light Protocol, or TLP for short, has established itself in the security community for classifying the confidentiality of information. The Association of Security Response Teams FIRST has now released TLP Version 2.0 – labeled “TLP:CLEAR” for free distribution.
The specifications of the TLP aim to ensure that the author’s intention is immediately understood: red stands for “only for you”, yellow indicates “limited distribution possible” and green means largely free distribution, at least within the security community. The TLP level relates solely to the intended confidentiality, not to copyright issues. TLP does not provide any information on how the desired confidentiality is to be ensured or on sanctions in the event of violations.
Fine-tuning at the confidentiality traffic light
The changes in version 2.0 are largely cosmetic in nature and are intended to further simplify TLP usage. The only new element is “TLP:AMBER+STRICT”, which allows redistribution only within an organization; “TLP:AMBER” includes its own customers. And TLP:CLEAR replaces the old TLP:WHITE.
The TLP levels and their meaning:
- TLP:RED – only for the individual recipient; no transfer.
- TLP: AMBER (yellow) – restricted distribution only to people who need to know within an organization. Includes disclosure to clients (“clients” in the original). TLP:AMBER+STRICT excludes customers.
- TLP:GREEN – Passing on within your own community
- TLP:CLEAR – no redistribution restriction
The FIRST TLP definitions contain further explanations of the terms and their interpretation. In addition, they also make specifications for color coding, which, however, could not be adhered to here due to limitations of the CMS (it cannot have the prescribed black background or yellow font).