Abstract
Service Level Agreements (SLAs) have been used for decades to regulate aspects such as throughput, delay and response times of services in various outsourcing scenarios. However, security aspects have typically been neglected in SLAs. In this paper we argue that security SLAs will be necessary for future Internet services, and provide examples of how this will work in practice.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bernsmed, K., Jaatun, M.G., Meland, P.H., Undheim, A.: Security SLAs for Federated Cloud Services. In: Proceedings of the Sixth International Conference on Availability, Reliability and Security, AReS 2011 (2011)
International Telecommunication Union: Terms and Definitions Related to Quality of Service and Network Performance Including Dependability, ITUT E.800 (2008)
Irvine, C.: Quality of security service. In: Proc. ACM New Security Paradigms Workshop, pp. 91–99 (2000)
Henning, R.R.: Security service level agreements: quantifiable security for the enterprise? In: Proceedings of the 1999 Workshop on New Security Paradigms. NSPW 1999, pp. 54–60. ACM, New York (2000)
Grgic, I., Røhne, M.: Agreements in IP-based Networks. Telektronikk 2(3), 186–212 (2001)
Lindskog, S., Jonsson, E.: Adding Security to Quality of Service Architectures. In: Proceedings of the SS-GRR Conference (2002), http://www.cs.kau.se/~stefan/publications/SSGRR02s/paper.pdf
SLA@SOI Consortium: SLA@SOI (2011), http://sla-at-soi.eu/
Righi, R.R., Kreutz, D.L., Westphall, C.B.: Sec-mon: An architecture for monitoring and controlling security service level agreements. In: XI Workshop on Managing and Operating Networks and Services (2006)
Casola, V., Mazzeo, A., Mazzocca, N., Rak, M.: A SLA evaluation methodology in Service Oriented Architectures. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.) Quality of Protection. Advances in Information Security, vol. 23, pp. 119–130. Springer, US (2006)
Frankova, G., Yautsiukhin, A.: Service and protection level agreements for business processes. In: Young Researchers Workshop on Service (2007)
de Chaves, S.A., Westphall, C.B., Lamin, F.R.: SLA Perspective in Security Management for Cloud Computing. In: Proceeding of the 2010 Sixth International Conference on Networking and Services, pp. 212–217. IEEE (March 2010)
mOSAIC Consortium: mOSAIC (Open source API and platform for multiple clouds) (2011), http://www.mosaic-cloud.eu/
Meland, P.H., Bernsmed, K., Jaatun, M.G., Undheim, A., Castejon, H.: Expressing Cloud Security Requirements in Deontic Contract Languages. In: Proceedings of the 2nd International Conference on Cloud Computing and Services Science, CLOSER (2012)
Open Grid Forum: Web Services Agreement Specification, WS-Agreement (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Jaatun, M.G., Bernsmed, K., Undheim, A. (2012). Security SLAs – An Idea Whose Time Has Come?. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds) Multidisciplinary Research and Practice for Information Systems. CD-ARES 2012. Lecture Notes in Computer Science, vol 7465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32498-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-32498-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32497-0
Online ISBN: 978-3-642-32498-7
eBook Packages: Computer ScienceComputer Science (R0)