A Digital Labelling system is an IT component (e.g., a computer with corresponding software) or a combination of components (such as hardware and software components distributed across different computers) that perform secure Digital Labelling. Digital Labelling describes a process in which classified data (in the following referred to as user data) is assigned a digital value (in the following referred to as a Label) that assigns the user data a specific classification according to the VSA, such as VS-NfD or GEHEIM. The user data may be digital documents (e.g. texts created with an office program), but also machine-generated digital data of various types. The assignment of a Label to user data is ensured by a cryptographic artifact (usually a digital signature), which is generated in the Digital Labelling process and becomes part of the Label. The purpose of this Label is to allow suitable technical components at network transitions (e.g. from a network approved for GEHEIM to a network approved for VS-NfD) to decide on the basis of the Label whether the user data may be forwarded to the other network, and thus in particular to prevent the forwarding of higher-classified data.

The CI requirements profile listed here is classified as "VS-NUR FÜR DEN DIENSTGEBRAUCH" and is therefore only available to parties that can prove a corresponding need-to-know in accordance with the General Administrative Provision for the Material Protection of Classified Information (VSA--Verschlusssachenanweisung). If you are interested in the document please contact: vs-anforderungsprofile@bsi.bund.de