Traffic Light Protocol


The Traffic Light Protocol was originally created in the early 2000s by the UK Government's National Infrastructure Security Coordination Centre to encourage greater sharing of sensitive information.
The fundamental concept is for the originator to signal how widely they want their information to be circulated beyond the immediate recipient. It is designed to improve the flow of information between individuals, organizations or communities in a controlled and trusted way. It is important that everyone who handles TLP-labeled communications understands and obeys the rules of the protocol. Only then can trust be established and the benefits of information sharing realized. The TLP is based on the concept of the originator labeling information with one of four colors to indicate what further dissemination, if any, can be undertaken by the recipient. The recipient must consult the originator if wider dissemination is required.
A number of current specifications for TLP exist:
There are four colors :
In practice, one will indicate TLP: using a colon, followed by the level, RED, AMBER, GREEN or WHITE, like so:
TLP:RED: This really hurt our organization, do not share this with others, but maybe you can learn from this: we really screwed up with...
TLP:AMBER : You can share this within your organization but not outside it: our shared platform has this vulnerability, please check your setup:...
TLP:GREEN : You can share this within your organization and with peers, but not with just anyone: We scored number one on this online test... but of course, other tests have other number ones...
TLP:WHITE : You can share the following with just anyone: The following virus scanner is most popular on the internet and all our independent suppliers confirmed it today:...