Service Level Agreements and Security SLA: A Comprehensive Survey

• URL: http://arxiv.org/abs/2405.00009v1
• Date: Wed, 31 Jan 2024 12:33:41 GMT
• Title: Service Level Agreements and Security SLA: A Comprehensive Survey
• Authors: Serena Nicolazzo, Antonino Nocera, Witold Pedrycz,
• Abstract summary: This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management. It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic. It proposes a novel classification criterium to organize the analysis based on SLA life cycle phases.
• Score: 51.000851088730684
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: A Service Level Agreement (SLA) is a formal contract between a service provider and a consumer, representing a crucial instrument to define, manage, and maintain relationships between these two parties. The SLA's ability to define the Quality of Service (QoS) expectations, standards, and accountability helps to deliver high-quality services and increase client confidence in disparate application domains, such as Cloud computing and the Internet of Things. An open research direction in this context is related to the possible integration of new metrics to address the security and privacy aspects of services, thus providing protection of sensitive information, mitigating risks, and building trust. This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management with a distinctive and original focus on the recent development of Security SLA (SecSLA). It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic, spanning from 2017 to 2023. Moreover, it proposes a novel classification criterium to organize the analysis based on SLA life cycle phases. This original point of view can help both academics and industrial practitioners to understand and properly locate existing contributions in the advancement of the different aspects of SLA technology. The present work highlights the importance of the covered topics and the need for new research improvements to tackle present and demanding challenges.

Related papers

• 2FA: Navigating the Challenges and Solutions for Inclusive Access [55.2480439325792]
  Two-Factor Authentication (2FA) has emerged as a critical solution to protect online activities. This paper examines the intricacies of deploying 2FA in a way that is secure and accessible to all users. An analysis was conducted to examine the implementation and availability of various 2FA methods across popular online platforms.
  arXiv  Detail & Related papers  (2025-02-17T12:23:53Z)
• EMERALD: Evidence Management for Continuous Certification as a Service in the Cloud [0.7499722271664147]
  Lack of cloud-specific security certifications hinder transparency and accountability in the provision and usage of European cloud services. EMERALD aims to provide agile and lean re-certification to consumers that adhere to a defined level of security and trust.
  arXiv  Detail & Related papers  (2025-02-11T07:49:10Z)
• Towards Trustworthy Retrieval Augmented Generation for Large Language Models: A Survey [92.36487127683053]
  Retrieval-Augmented Generation (RAG) is an advanced technique designed to address the challenges of Artificial Intelligence-Generated Content (AIGC) RAG provides reliable and up-to-date external knowledge, reduces hallucinations, and ensures relevant context across a wide range of tasks. Despite RAG's success and potential, recent studies have shown that the RAG paradigm also introduces new risks, including privacy concerns, adversarial attacks, and accountability issues.
  arXiv  Detail & Related papers  (2025-02-08T06:50:47Z)
• Privacy-Preserving Customer Support: A Framework for Secure and Scalable Interactions [0.0]
  This paper introduces the Privacy-Preserving Zero-Shot Learning (PP-ZSL) framework, a novel approach leveraging large language models (LLMs) in a zero-shot learning mode. Unlike conventional machine learning methods, PP-ZSL eliminates the need for local training on sensitive data by utilizing pre-trained LLMs to generate responses directly. The framework incorporates real-time data anonymization to redact or mask sensitive information, retrieval-augmented generation (RAG) for domain-specific query resolution, and robust post-processing to ensure compliance with regulatory standards.
  arXiv  Detail & Related papers  (2024-12-10T17:20:47Z)
• A Critical Analysis of Foundations, Challenges and Directions for Zero Trust Security in Cloud Environments [0.0]
  This review discusses the theoretical frameworks and application prospects of Zero Trust Security (ZTS) in cloud computing context. This paper analyzes the core principles of ZTS, including micro-segmentation, least privileged access, and continuous monitoring. Main barriers to implementing zero trust security were outlined, including the dimensions of decreased performance in large-scale production.
  arXiv  Detail & Related papers  (2024-11-09T10:26:02Z)
• Evaluating Cultural and Social Awareness of LLM Web Agents [113.49968423990616]
  We introduce CASA, a benchmark designed to assess large language models' sensitivity to cultural and social norms. Our approach evaluates LLM agents' ability to detect and appropriately respond to norm-violating user queries and observations. Experiments show that current LLMs perform significantly better in non-agent environments.
  arXiv  Detail & Related papers  (2024-10-30T17:35:44Z)
• Linkage on Security, Privacy and Fairness in Federated Learning: New Balances and New Perspectives [48.48294460952039]
  This survey offers comprehensive descriptions of the privacy, security, and fairness issues in federated learning. We contend that there exists a trade-off between privacy and fairness and between security and sharing.
  arXiv  Detail & Related papers  (2024-06-16T10:31:45Z)
• Socialized Learning: A Survey of the Paradigm Shift for Edge Intelligence in Networked Systems [62.252355444948904]
  This paper presents the findings of a literature review on the integration of edge intelligence (EI) and socialized learning (SL) SL is a learning paradigm predicated on social principles and behaviors, aimed at amplifying the collaborative capacity and collective intelligence of agents. We elaborate on three integrated components: socialized architecture, socialized training, and socialized inference, analyzing their strengths and weaknesses.
  arXiv  Detail & Related papers  (2024-04-20T11:07:29Z)
• A Deep Reinforcement Learning Approach for Security-Aware Service Acquisition in IoT [2.765106384328772]
  We propose a complete framework that defines suitable levels of privacy and security requirements in the acquisition of services in the Internet of Things. Through the use of a Reinforcement Learning based solution, a user agent, inside the environment, is trained to choose the best smart objects granting access to the target services.
  arXiv  Detail & Related papers  (2024-04-04T08:00:12Z)
• New Challenges in Reinforcement Learning: A Survey of Security and Privacy [26.706957408693363]
  Reinforcement learning (RL) is one of the most important branches of AI. RL has been widely applied in multiple areas, such as healthcare, data markets, autonomous driving, and robotics. Some of these applications and systems have been shown to be vulnerable to security or privacy attacks.
  arXiv  Detail & Related papers  (2022-12-31T12:30:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.