Service Level Agreements and Security SLA: A Comprehensive Survey

• URL: http://arxiv.org/abs/2405.00009v1
• Date: Wed, 31 Jan 2024 12:33:41 GMT
• Title: Service Level Agreements and Security SLA: A Comprehensive Survey
• Authors: Serena Nicolazzo, Antonino Nocera, Witold Pedrycz,
• Abstract summary: This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management. It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic. It proposes a novel classification criterium to organize the analysis based on SLA life cycle phases.
• Score: 51.000851088730684
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: A Service Level Agreement (SLA) is a formal contract between a service provider and a consumer, representing a crucial instrument to define, manage, and maintain relationships between these two parties. The SLA's ability to define the Quality of Service (QoS) expectations, standards, and accountability helps to deliver high-quality services and increase client confidence in disparate application domains, such as Cloud computing and the Internet of Things. An open research direction in this context is related to the possible integration of new metrics to address the security and privacy aspects of services, thus providing protection of sensitive information, mitigating risks, and building trust. This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management with a distinctive and original focus on the recent development of Security SLA (SecSLA). It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic, spanning from 2017 to 2023. Moreover, it proposes a novel classification criterium to organize the analysis based on SLA life cycle phases. This original point of view can help both academics and industrial practitioners to understand and properly locate existing contributions in the advancement of the different aspects of SLA technology. The present work highlights the importance of the covered topics and the need for new research improvements to tackle present and demanding challenges.

Related papers

• AILuminate: Introducing v1.0 of the AI Risk and Reliability Benchmark from MLCommons [62.374792825813394]
  This paper introduces AILuminate v1.0, the first comprehensive industry-standard benchmark for assessing AI-product risk and reliability. The benchmark evaluates an AI system's resistance to prompts designed to elicit dangerous, illegal, or undesirable behavior in 12 hazard categories.
  arXiv  Detail & Related papers  (2025-02-19T05:58:52Z)
• A Survey of Safety on Large Vision-Language Models: Attacks, Defenses and Evaluations [127.52707312573791]
  This survey provides a comprehensive analysis of LVLM safety, covering key aspects such as attacks, defenses, and evaluation methods. We introduce a unified framework that integrates these interrelated components, offering a holistic perspective on the vulnerabilities of LVLMs. We conduct a set of safety evaluations on the latest LVLM, Deepseek Janus-Pro, and provide a theoretical analysis of the results.
  arXiv  Detail & Related papers  (2025-02-14T08:42:43Z)
• EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud [0.7499722271664147]
  Lack of cloud-specific security certifications hinder transparency and accountability in the provision and usage of European cloud services. EMERALD aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust.
  arXiv  Detail & Related papers  (2025-02-11T07:49:10Z)
• Towards Trustworthy Retrieval Augmented Generation for Large Language Models: A Survey [92.36487127683053]
  Retrieval-Augmented Generation (RAG) is an advanced technique designed to address the challenges of Artificial Intelligence-Generated Content (AIGC) RAG provides reliable and up-to-date external knowledge, reduces hallucinations, and ensures relevant context across a wide range of tasks. Despite RAG's success and potential, recent studies have shown that the RAG paradigm also introduces new risks, including privacy concerns, adversarial attacks, and accountability issues.
  arXiv  Detail & Related papers  (2025-02-08T06:50:47Z)
• Privacy-Preserving Customer Support: A Framework for Secure and Scalable Interactions [0.0]
  This paper introduces the Privacy-Preserving Zero-Shot Learning (PP-ZSL) framework, a novel approach leveraging large language models (LLMs) in a zero-shot learning mode. Unlike conventional machine learning methods, PP-ZSL eliminates the need for local training on sensitive data by utilizing pre-trained LLMs to generate responses directly. The framework incorporates real-time data anonymization to redact or mask sensitive information, retrieval-augmented generation (RAG) for domain-specific query resolution, and robust post-processing to ensure compliance with regulatory standards.
  arXiv  Detail & Related papers  (2024-12-10T17:20:47Z)
• A Critical Analysis of Foundations, Challenges and Directions for Zero Trust Security in Cloud Environments [0.0]
  This review discusses the theoretical frameworks and application prospects of Zero Trust Security (ZTS) in cloud computing context. This paper analyzes the core principles of ZTS, including micro-segmentation, least privileged access, and continuous monitoring. Main barriers to implementing zero trust security were outlined, including the dimensions of decreased performance in large-scale production.
  arXiv  Detail & Related papers  (2024-11-09T10:26:02Z)
• Evaluating Cultural and Social Awareness of LLM Web Agents [113.49968423990616]
  We introduce CASA, a benchmark designed to assess large language models' sensitivity to cultural and social norms. Our approach evaluates LLM agents' ability to detect and appropriately respond to norm-violating user queries and observations. Experiments show that current LLMs perform significantly better in non-agent environments.
  arXiv  Detail & Related papers  (2024-10-30T17:35:44Z)
• Linkage on Security, Privacy and Fairness in Federated Learning: New Balances and New Perspectives [48.48294460952039]
  This survey offers comprehensive descriptions of the privacy, security, and fairness issues in federated learning. We contend that there exists a trade-off between privacy and fairness and between security and sharing.
  arXiv  Detail & Related papers  (2024-06-16T10:31:45Z)
• Socialized Learning: A Survey of the Paradigm Shift for Edge Intelligence in Networked Systems [62.252355444948904]
  This paper presents the findings of a literature review on the integration of edge intelligence (EI) and socialized learning (SL) SL is a learning paradigm predicated on social principles and behaviors, aimed at amplifying the collaborative capacity and collective intelligence of agents. We elaborate on three integrated components: socialized architecture, socialized training, and socialized inference, analyzing their strengths and weaknesses.
  arXiv  Detail & Related papers  (2024-04-20T11:07:29Z)
• A Deep Reinforcement Learning Approach for Security-Aware Service Acquisition in IoT [2.765106384328772]
  We propose a complete framework that defines suitable levels of privacy and security requirements in the acquisition of services in the Internet of Things. Through the use of a Reinforcement Learning based solution, a user agent, inside the environment, is trained to choose the best smart objects granting access to the target services.
  arXiv  Detail & Related papers  (2024-04-04T08:00:12Z)
• A Survey of Federated Unlearning: A Taxonomy, Challenges and Future Directions [71.16718184611673]
  The evolution of privacy-preserving Federated Learning (FL) has led to an increasing demand for implementing the right to be forgotten. The implementation of selective forgetting is particularly challenging in FL due to its decentralized nature. Federated Unlearning (FU) emerges as a strategic solution to address the increasing need for data privacy.
  arXiv  Detail & Related papers  (2023-10-30T01:34:33Z)
• VECHR: A Dataset for Explainable and Robust Classification of Vulnerability Type in the European Court of Human Rights [2.028075209232085]
  We present VECHR, a novel expert-annotated multi-label dataset of vulnerability type classification and explanation rationale. We benchmark the performance of state-of-the-art models on VECHR from both prediction and explainability perspectives. Our dataset poses unique challenges offering significant room for improvement regarding performance, explainability, and robustness.
  arXiv  Detail & Related papers  (2023-10-17T16:05:52Z)
• Advancing Differential Privacy: Where We Are Now and Future Directions for Real-World Deployment [100.1798289103163]
  We present a detailed review of current practices and state-of-the-art methodologies in the field of differential privacy (DP) Key points and high-level contents of the article were originated from the discussions from "Differential Privacy (DP): Challenges Towards the Next Frontier" This article aims to provide a reference point for the algorithmic and design decisions within the realm of privacy, highlighting important challenges and potential research directions.
  arXiv  Detail & Related papers  (2023-04-14T05:29:18Z)
• New Challenges in Reinforcement Learning: A Survey of Security and Privacy [26.706957408693363]
  Reinforcement learning (RL) is one of the most important branches of AI. RL has been widely applied in multiple areas, such as healthcare, data markets, autonomous driving, and robotics. Some of these applications and systems have been shown to be vulnerable to security or privacy attacks.
  arXiv  Detail & Related papers  (2022-12-31T12:30:43Z)
• External Service Sensing (ESS): Research Framework, Challenges and Opportunities [5.211872784262557]
  A new research problem textitExternal Service Sensing (ESS) is defined to cope with various changes in services. This is the first time to systematically define service change-related research as a standard services computing problem.
  arXiv  Detail & Related papers  (2021-06-17T02:12:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.