{"title":"Proof of Network Security Services: Enforcement of Security SLA through Outsourced Network Testing","authors":"Sultan Alasmari, Weichao Wang, Yu Wang","doi":"10.1145/3442520.3442533","DOIUrl":null,"url":null,"abstract":"Many companies outsource their network security functionality to third party service providers. To guarantee the quality of such services, a Security Service Level Agreement (SSLA) between the two parties often needs to be signed and enforced. Some mechanisms to verify the execution of the SSLA must be designed. In this paper, we propose a mechanism to allow a non-interest third party to help end customers verify the SSLA. Specifically, an end customer can carefully craft network traffic and conduct spontaneous and configurable verification of the SSLA with the help of a group of testers. While the basic idea is straightforward, multiple methods must be designed to guarantee the execution of the testing procedure. For example, we need to prevent the testing sites from being abused for network attacks. We describe our approaches in details. Our analysis and quantitative results show that our approach can effectively help end customers verify the execution of network security SLA.","PeriodicalId":340416,"journal":{"name":"Proceedings of the 2020 10th International Conference on Communication and Network Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2020 10th International Conference on Communication and Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3442520.3442533","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Many companies outsource their network security functionality to third party service providers. To guarantee the quality of such services, a Security Service Level Agreement (SSLA) between the two parties often needs to be signed and enforced. Some mechanisms to verify the execution of the SSLA must be designed. In this paper, we propose a mechanism to allow a non-interest third party to help end customers verify the SSLA. Specifically, an end customer can carefully craft network traffic and conduct spontaneous and configurable verification of the SSLA with the help of a group of testers. While the basic idea is straightforward, multiple methods must be designed to guarantee the execution of the testing procedure. For example, we need to prevent the testing sites from being abused for network attacks. We describe our approaches in details. Our analysis and quantitative results show that our approach can effectively help end customers verify the execution of network security SLA.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
