Evaluating architectures for independently auditing service level agreements

Web and Grid Services are quickly maturing as a technology that allows for the integration of applications belonging to different administrative domains, enabling much faster and efficient business-to-business arrangements. For such an integration to be effective, the Provider and the consumer of a service must negotiate a Service Level Agreement (SLA), i.e. a contract that specifies what one part can expect from the other. But, since SLAs are just contracts, auditing is key to assure that they hold. However, auditing can be very challenging when the parties do not blindly trust each other, which is expected to be the common case for large grid deployments. We here evaluate six architectures that perform SLA auditing both quantitatively and qualitatively. The quantitative evaluation focuses on the performance penalty that auditing introduces. The qualitative evaluation compares the architectures based on aspects such as intrusiveness, trust, use of extra requests, possibility of preferential treatment, possibility of auditing consumer load, and possibility of auditing encrypted messages. We conclude that no single architecture seems to be the best solution for all cases and indicate where each one is best suited.