{
  "namespace": "PAP",
  "expanded": "Permissible Actions Protocol",
  "description": "The Permissible Actions Protocol - or short: PAP - was designed to indicate how the received information can be used.",
  "version": 1,
  "predicates": [
    {
      "value": "RED",
      "expanded": "(PAP:RED) Non-detectable actions only. Recipients may not use PAP:RED information on the network. Only passive actions on logs, that are not detectable from the outside.",
      "colour": "#ff0000"
    },
    {
      "value": "AMBER",
      "expanded": "(PAP:AMBER) Passive cross check. Recipients may use PAP:AMBER information for conducting online checks, like using services provided by third parties (e.g. VirusTotal), or set up a monitoring honeypot.",
      "colour:": "#ffa800"
    },
    {
      "value": "GREEN",
      "expanded": "(PAP:GREEN) Active actions allowed. Recipients may use PAP:GREEN information to ping the target, block incoming/outgoing traffic from/to the target or specifically configure honeypots to interact with the target.",
      "colour": "#00ad1c"
    },
    {
      "value": "WHITE",
      "expanded": "(PAP:WHITE) No restrictions in using this information.",
      "colour": "#ffffff"
    }
  ],
  "values": null
}