Classification Markings

This article provides an overview of classification marking articles in the Internet as published by organisations and institutions.

The list provides a good overview of classification markings, also called security markings. For all these the ClassifyIt tool provides a sound basis to implement and support your users on the best protection of your information and documents.

Traffic Light Protocol (TLP)

A very easy and intuitive classification marking policy for your sensitive and un-sensitive data. The Traffic Light Protocol (TLP) is used by Computer Emergency Response Teams (CERTs) to provide classification markings to their documents when exchanging with other CERTs. TLP is a real standard which could be used by any entity (company or agency) to apply classification marking, and therefore data protection rules and regulations, to their documents.

RED - personal for named recipients only

In the context of a meeting, for example, RED information is limited to those present at the meeting. In most circumstances, RED information will be passed verbally or in person.

AMBER - limited distribution

The recipient may share AMBER information with others within their organization, but only on a ‘need-to-know’ basis. The originator may be expected to specify the intended limits of that sharing.

GREEN - community wide

Information in this category can be circulated widely within a particular community. However, the information may not be published or posted publicly on the Internet, nor released outside of the community.

 WHITE  - unlimited

Subject to standard copyright rules, WHITE information may be distributed freely, without restriction.

Read more ...

•  US CERT: Traffic Light Protocol (TLP) Definitions and Usage
• German BSI (German): Merkblatt „Traffic Light Protocol (TLP)“
• ENISA: Considerations on the Traffic Light Protocol

USA - Marking of Classified Information

The US Department of Defence (DoD) established an all-embracing security classification marking schema which covers very complex issues of classification markings and release aspects.

DOD Information Security Program: Marking of Classified Information

EU - Protection of Classified Information

The European Council established comprehensive security rules for the protection of classified information/documents. It addresses multiple aspects of information protection which provides a high assurance for protecting classified documents.

COUNCIL DECISION on the security rules for protecting EU classified informationCOUNCIL DECISION on the security rules for protecting EU classified information

NATO - Security within the North Atlantic Treaty Organisation

NATO established a comprehensive policy for the protection of classified information. The linked document combines security agreement aspects and the basic principles and minimum standards of security to be applied by NATO, nations and NATO civil and military bodies in order to ensure that a common degree of protection is given to classified information exchanged among the parties.