Traffic Light Protocol (TLP) is a set of designations used to ensure that sensitive information; it is shared only with the correct audience within the organization. This protocol uses four colors to indicate the degree of confidentiality it should be treated with and the considerations the end user must keep in mind before sharing the document. The information exchange protocol is based on a color code according to its classification level.
| COLOR | WHEN SHOULD IT BE USED? | HOW MAY IT BE SHARED? |
|---|---|---|
| TLP:RED | Sources may use TLP:RED when the information is directed to specific members and its distribution represents a risk of negative impact in privacy, reputation and operation in case of misuse. | Recipients may not share TLP:RED classified information with any parties outside the originally disclosed group. |
| TLP:AMBER | Sources may use TLP:AMBER when the information can be distributed in a limited way, but it presents a risk if shared outside the organization. | Recipients may share TLP:AMBER classified information only with members of their own organization and their customers who need to know it. |
| TLP:AMBER+STRICT | Sources may use TLP:AMBER+STRICT when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. | Recipients may share TLP:AMBER+STRICT classified information only with members of their own organization |
| TLP:GREEN | Sources may use TLP:GREEN when the information is useful for all organizations. It can be shared with third parties within the community or the same sector. | Recipients may share TLP:GREEN classified information with affiliated organizations or members of the same sector. |
| TLP:CLEAR | Sources may use TLP:CLEAR when the information carries no risk at all for misuse, and it can be released publicly. | TLP:CLEAR classified information may be distributed without restriction, subject to copyright controls. |
The color of the TLP indicator specifies the extent in which the information can be shared; usually, the legend “TLP:<COLOR>” in uppercase is included in the header and footer of the document.
If the receiver considers necessary to share the information with third parties beyond the extent of the designated TLP indicator, he or she must have previous explicit authorization from Scitum-CSIRT. TLP is a simple and intuitive schema for indicating how and when sensitive information can be shared, facilitating collaboration with other entities or organizations, either national or international.
