| 词条 | Traffic Light Protocol |
| 释义 |
The Traffic Light Protocol (TLP) was originally created in the early 2000s by the UK Government's National Infrastructure Security Coordination Centre (NISCC, now Centre for Protection of National Infrastructure - CPNI)[1][2] to encourage[3][4] greater sharing of sensitive information. The fundamental concept is for the originator to signal how widely they want their information to be circulated beyond the immediate recipient. It is designed to improve the flow of information between individuals, organizations or communities in a controlled and trusted way. It is important that everyone who handles TLP-labeled communications understands and obeys the rules of the protocol. Only then can trust be established and the benefits of information sharing realized. The TLP is based on the concept of the originator labeling information with one of four colors to indicate what further dissemination, if any, can be undertaken by the recipient. The recipient must consult the originator if wider dissemination is required. A number of current specifications for TLP exist:
Summary of TLP's four colours and their meaningsThere are four colors (or traffic lights):[8]
In the context of a meeting, for example, RED information is limited to those present at the meeting. In most circumstances, RED information will be passed verbally or in person.
The recipient may share AMBER information with others within their organization, but only on a ‘need-to-know’ basis. The originator may be expected to specify the intended limits of that sharing.
Information in this category can be circulated widely within a particular community. However, the information may not be published or posted publicly on the Internet, nor released outside of the community.
Subject to standard copyright rules, WHITE information may be distributed freely, without restriction. See also
References1. ^{{Cite web|url=http://publications.tno.nl/publication/34616508%2FoLyfG9/luiijf-2015-sharing.pdf|title=Sharing Cyber Security Information|last=Luiijf; Kernkamp|first=|date=March 2015|website=|publisher=TNO|access-date=2016-10-25}} 2. ^{{Cite web|url=https://www.trusted-introducer.org/ISTLPv11.pdf|title=ISTLP - Information Sharing Traffic Light Protocol|last=Stikvoort|first=Don|date=11 November 2009|website=|publisher=Trusted Introducer|access-date=2016-10-25}} 3. ^{{cite web|url=https://www.oecd.org/sti/40761118.pdf|title=OECD: Development of Policies for Protection of Critical Information Infrastructures|publisher=Oecd.org|accessdate=2015-11-19}} 4. ^{{cite web|url=http://marc.info/?l=bugtraq&m=122754275122010&w=2|title='Re: OpenSSH security advisory: cbc.adv' - MARC|date=|publisher=Marc.info|accessdate=2012-11-25}} (alt source SecurityFocus archive entry) 5. ^{{Cite web|url=http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=42509|title=ISO/IEC 27010:2012 - Information technology -- Security techniques -- Information security management for inter-sector and inter-organizational communications|last=|first=|date=2012|website=|publisher=ISO/IEC|access-date=2016-10-25}} 6. ^[https://www.us-cert.gov/tlp Traffic Light Protocol (TLP) Matrix and Frequently Asked Questions] 7. ^[https://www.first.org/newsroom/releases/20160831 FIRST announces Traffic Light Protocol (TLP) version 1.0)] 8. ^{{cite web |url=http://www.ccip.govt.nz/incidents/tlp.html |title=Incidents | Traffic Light Protocol |publisher=CCIP |date= |accessdate=2012-11-25 |deadurl=yes |archiveurl=https://web.archive.org/web/20130205072939/http://ccip.govt.nz/incidents/tlp.html |archivedate=2013-02-05 |df= }} External links
2 : Classified information|Information sensitivity |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。