Many service providers and network operators offer service level agreements (SLAs) supporting various service dimensions, such as price, reliability, and performance, to their customers. SLAs are usually considered more of a luxury item today than a necessity. With the increased focus on homeland security, does it make sense to use security-type SLAs as a vehicle for the government to help secure national critical infrastructures and recover quickly from a disaster? Are network security SLAs a viable option as an umbrella to protect the basic critical infrastructures? This paper discusses (a) the need and value of technical SLAs, (b) SLAs available today and widely used in industry, (c) critical components and content of security SLAs, (d) examples of security SLA architectural design for critical national services, (e) examples of what an SLA can do for homeland security, (f) viability of implementing security SLAs based on the inherent value of security, and (g) improvements required in the future to realize security SLAs as a service provider offering.
[1]
Jonathan Feldman.
Special series: The IT agenda: lessons from the field: beyond ROI
,
2003
.
[2]
William A. Arbaugh,et al.
IEEE 52 Computer
,
1985
.
[3]
S. M. Cherry.
Internet slammed again [hacking]
,
2003
.
[4]
S. M. Cherry.
The blog of war [Web journalism]
,
2003
.
[5]
S.M. Cherry.
Hell month
,
2003,
IEEE Spectrum.
[6]
Marianne Swanson,et al.
Security metrics guide for information technology systems
,
2003
.
[7]
Himanshu Pant,et al.
Reliability and security modeling in upgrading wireless backbone networks
,
2004,
Bell Labs Technical Journal.