Home // SECURWARE 2017, The Eleventh International Conference on Emerging Security Information, Systems and Technologies // View article

Investigating SLA Confidentiality Requirements: A Holistic Perspective for the Government Agencies

Authors:
Yudhistira Nugraha
Andrew Martin

Keywords: Security, Trust, Assurance, Confidentiality Requirements, Service Level Agreement (SLA), Service Provision

Abstract:
Many governments consider the use of remote computing, communications and storage services provided by external service providers to process, store or transmit sensitive government data to increase scalability and decrease costs of maintaining services. The use of assurance approaches based on service level agreement (SLAs) is becoming increasingly important in procuring a wide range of such services from external service providers. However, such existing SLAs are not well-suited to a dynamic cyber threat environment because SLA security requirements (considering data confidentiality) have not been deeply studied by the academic computer security community. Such an understanding of the real needs of government is essential to the formulation of security-related SLAs. This paper seeks to provide such insights, by investigating 35 government participants using Indonesia as case study via a grounded adaptive Delphi study. We found that undeveloped SLA confidentiality requirements can illuminate other administrations to include government’s security requirements and security capabilities of the service providers in SLAs when using such external services. Based on our findings, we make recommendations to the government agencies, service providers and researchers for improvement to existing SLA definition and future lines of research.

Pages: 154 to 160

Copyright: Copyright (c) IARIA, 2017

Publication date: September 10, 2017

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-582-1

Location: Rome, Italy

Dates: from September 10, 2017 to September 14, 2017