Towards the classification of confidentiality capabilities in trustworthy service level agreements

Many governments are increasingly reliant on externalservice providers to process, store or transmit sensitivedata on behalf of the government. This study is motivated by the problem of preserving the confidentiality of sensitive government data, particularly following Edward Snowden's revelations of alleged pervasive surveillance, a problem posed by foreign intelligence services to the Indonesian government in 2013. In this paper, we discuss the idea of proposing TrustworthyService Level Agreements (TSLA) as a means of incorporating security considerations (considering confidentiality) into a Service Level Agreement (SLA) between a service provider and the customer (e.g. government). In particular, we classify confidentialityrequirements and capabilities according to a typical threat profile for government data classification, by describing five discrete levels of security precautions that can be negotiated between the government and service providers to ensure the confidentiality of sensitive data handled by the providers. It further provides an evaluation framework for assessing and clarifying security considerations in SLAs. The levels of assurance should serve as a foundation for expressing security considerations (including threats, requirements, and capabilities) in SLAs as well as fordesigning information system services regarding security. The contribution of this paper is in developing five distinctive levels of increasing assurance that can be applied to the formulation of security-related SLAs, as well as in discussing the discrete levels, using the context of a government cloud.