%0 Conference Proceedings
%T Understanding Trustworthy Service Level Agreements: Open Problems and Existing Solutions
%+ University of Oxford
%A Nugraha, Yudhistira
%A Martin, Andrew
%< avec comité de lecture
%B International Workshop on Open Problems in Network Security (iNetSec)
%C Rome, Italy
%Y Jan Camenisch
%Y Doğan Kesdoğan
%3 Open Problems in Network Security
%V IFIP eCollection-1
%P 54-70
%8 2017-05
%D 2017
%K trust
%K trustworthiness
%K security capability
%K service level agreement
%K assurance
%K security
%Z Computer Science [cs]Conference papers
%X Security has been considered for decades as a possible attribute in service level agreements (SLAs). However, the formulation of security properties has not been expressed in such concrete terms in SLA contexts because security is a process, not a product. Consequently, security properties, such as data confidentiality, integrity and availability have been overlooked in SLA contexts. This paper aims to identify open problems and existing solutions in the context of incorporating security properties into SLA contexts. First, we provide an overview of system assurance of which trustworthy SLAs can be considered as alternative assurance technique in the context of service provisioning. Then, we describe the notion of trustworthy SLAs and discuss possible security properties that can be potentially used in SLA contexts. Finally, we present some open research problems for the incorporation of security capabilities into SLA contexts to establish trust between the customer and service provider. This study identifies needs for developing a trustworthy SLA capability framework to formulate discrete levels of assurance which are believed to be capable of preserving data confidentiality, integrity and availability in SLAs as trust-enhancing instruments.
%G English
%Z TC 11
%Z WG 11.4
%2 https://inria.hal.science/hal-01684231/document
%2 https://inria.hal.science/hal-01684231/file/paper5.pdf
%L hal-01684231
%U https://inria.hal.science/hal-01684231
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-4
%~ IFIP-INETSEC
%~ IFIP-INETSEC-2017
%~ IFIP-ECOLLECTION