VU Research Portal
Managing Violations in Service Level Agreements
Rana, O.; Warnier, M.E.; Quillinan, T.B.; Brazier, F.M.; Cojocarasu, D.
published in
the Proceedings of the Usage of Service Level Agreements in Grids Workshop
2007
document version
Publisher's PDF, also known as Version of record
Link to publication in VU Research Portal
citation for published version (APA)
Rana, O., Warnier, M. E., Quillinan, T. B., Brazier, F. M., & Cojocarasu, D. (2007). Managing Violations in
Service Level Agreements. In the Proceedings of the Usage of Service Level Agreements in Grids Workshop
General rights
Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners
and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.
• Users may download and print one copy of any publication from the public portal for the purpose of private study or research.
• You may not further distribute the material or use it for any profit-making activity or commercial gain
• You may freely distribute the URL identifying the publication in the public portal ?
Take down policy
If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately
and investigate your claim.
E-mail address:
vuresearchportal.ub@vu.nl
Download date: 10. Aug. 2022
MANAGING VIOLATIONS IN SERVICE LEVEL
AGREEMENTS
Omer Rana
School of Computer Science/Welsh eScience Centre
Cardiff University, UK
o.f.rana@cs.cardiff.ac.uk
Martijn Warnier, Thomas B. Quillinan and Frances Brazier
Department of Computer Science,
VU University Amsterdam, The Netherlands
warnier@cs.vu.nl
tb.quillinan@few.vu.nl
frances@cs.vu.nl
Dana Cojocarasu
Norwegian Research Center for Computers and Law
University of Oslo, Norway
d.i.cojocarasu@jus.uio.no
Abstract A Service Level Agreement (SLA) represents an agreement between a service
user and a provider in the context of a particular service provision. SLAs contain
Quality of Service properties that must be maintained by a provider. These are
generally defined as a set of Service Level Objectives (SLOs). These properties
need to be measurable and must be monitored during the provision of the service
that has been agreed in the SLA. The SLA must also contain a set of penalty
clauses specifying what happens when service providers fail to deliver the pre-
agreed quality. Although significant work exists on how SLOs may be specified
and monitored, not much work has focused on actually identifying how SLOs
may be impacted by the choice of specific penalty clauses. The participation of a
trusted mediator may be necessary to resolve conflicts between involved parties.
The main focus of the paper is on identifying particular penalty clauses that can
be associated with an SLA.
Keywords: Service Level Agreements, Violations, Penalty Clauses, WS-Agreement
1. Introduction
A Service Level Agreement (SLA) represents an agreement between a client
and a provider in the context of a particular service provision. SLAs may
be between two parties, for instance, a single client and a single provider, or
between multiple parties, for example, a single client and multiple providers.
SLAs generally specify performance related properties, generally referred to
as Quality of Service (QoS) terms, that must be maintained by a provider dur-
ing service provision. These properties need to be measurable and must be
monitored during the provision of the service that has been agreed in the SLA
– and are referred to as Service Level Objectives (SLOs). The SLA must also
contain a set of penalty clauses when service providers fail to deliver the pre-
agreed quality. Although significant work exists on how SLOs may be spec-
ified and monitored [10], not much work has focused on actually identifying
how SLOs may be impacted by the choice of specific penalty clauses. The par-
ticipation of a trusted mediator may be necessary to resolve conflicts between
involved parties. Automating this conflict resolution process clearly provides
substantial benefits. Different outcomes are possible. These include monetary
penalties, impact on potential future agreements between the parties and the
enforced re-running of the agreed service. While it may seem reasonable to
penalise SLA non-compliance, there are a number of concerns when issuing
such penalties. For example, consider a service provider violation in a multi-
provider SLA: determining whether the service provider is the only party that
should be penalised, or determining the type of penalty that are applied to each
party would be required. Enforcement in the various legal systems of differ-
ent countries can be tackled through stipulating a ‘choice of law clause’, that
is, a clause indicating expressly which countries’ laws will be applied in case
a conflict between the provider and the client would occur. Specific ‘legal
templates’ [4] can be used to further refine such clauses. This paper focuses
on identifying particular penalty clauses that can be associated with an SLA
and on identifying how penalty clauses impact the choice of SLOs. The next
section discusses the types of violations that can be used in SLAs. Section 3
discusses the type of penalties that can be used. An example from resource
sharing in an electronic market (based on work in the CATNETs project [8])
is presented in Section 4 and a mapping to the WS-Agreement specification is
proposed in Section 5. The paper ends with discussions and conclusions.
2. Types of Violations
An SLA can go through a number of stages once it has been specified. As-
suming that the SLA is initiated by a client application, these stages include:
discovering providers; defining the SLA; agreeing on the terms of the SLA (in
addition to the penalties if the SLOs are not met); monitoring SLA violations;
terminating an SLA; enforcement of penalties for SLA violation. Monitoring
plays an important role in determining whether an SLA has been violated, and
determining the particular penalty clause that should be invoked as a conse-
quence.
Monitoring SLA violations begins once an SLA has been defined. A copy
of the SLA must be maintained by both the client and the provider. It is nec-
essary to distinguish between an ‘agreement date’ (forming of an SLA) and an
‘effective date’ (subsequently providing a service based on the SLOs that have
been agreed). For instance, a request to invoke a service based on the SLOs
may be undertaken at a time much later than when the SLOs were agreed.
During provision it is necessary to determine whether the terms agreed in the
SLA have been complied with during provision. In this context, a monitoring
infrastructure is used to identify the difference between the agreed upon SLO
and the value that was actually delivered during service provisioning – which
is ‘trusted’ by both the client and the provider.
From a legal perspective, monitoring is a prerequisite for contract enforce-
ment. In the present context, the consequences of breaching the agreed SLOs
is a basic requirement. In addition, service clients base the reputations of,
and their trust in, service providers largely on the supported monitoring infras-
tructure. In the context of SLAs three types of monitoring infrastructures can
be distinguished: a trusted third party (TTP); a trusted module at the service
provider; and a module on the client site. In most typical situations a TTP
module provides all the necessary functionality for a monitoring service.
One of the main issues that the provider and the consumer will have to
agree during the SLA negotiation is the penalty scheme. It is also necessary to
define what constitutes a violation. Depending on the importance of the vio-
lated SLO and/or the consequences of the violation, the provider in breach may
avoid dispatch or obtain a diminished monetary sanction from the client. As
both the service provider and the client are ultimately businesses (rather than
consumers), they are free to decide what kind of sanctions they will associate
to the various types of SLA breaches, in accordance with the importance of
the SLO that was not fulfilled. According to the Principles of European Con-
tract Law [3], the term ‘unfulfilment’ is to be interpreted as comprising: (1)
defective performance (parameter monitored at lower level ); (2) late perfor-
mance (service provided at the appropriate level but with unjustified delays);
(3) no performance (service not provided at all). Based on these descriptions
we define the following broad categories:
‘All-or-nothing’ provisioning: provisioning of a service meets all the
SLOs – that is, all of the SLO constraints must be satisfied for a success-
ful delivery of a service;
‘Partial’ provisioning: provisioning of a service meets some of the SLOs
– that is, some of the SLO constraints must be satisfied for a successful
delivery of a service;
‘Weighted Partial’ provisioning: provision of a service meets SLOs that
have a weighting greater than a threshold (identified by the client).
Monitoring can be used to detect whether an SLA has been violated. Typically
such violations result in a complete failure – making SLA violations an ‘all-or-
nothing’ process. In such an event a completely new SLA needs to be negoti-
ated, possibly with another service provider, which requires additional effort on
both the client and the service provider. Based on this all-or-nothing approach,
it is necessary for the provider to satisfy all of the SLOs. This equates to a con-
junction of SLO terms. An SLA may contain several SLOs, where some (for
example, at least two CPUs) may be more important than others (for example,
more then 100 MB hard disk space). During the SLA negotiation phase, the
importance of the different SLOs for the client must be established. Clients
(and service providers) can then react differently according to the importance
of the violated SLO. In the WS-Agreement specification [1], the importance of
particular terms is captured through the use of a ‘Business Value’. Weighted
metrics can also be used to ensure a flexible and fair sanctionatory mechanism
in case an SLA violation occurs. Thus, instead of terminating the SLA alto-
gether it might be possible to renegotiate, for example, with the same service
provider, the part of the SLA that is violated. Again, the more important the
violated SLO, the more difficult it will be to renegotiate (part of) the SLA.
3. Penalties
The use of penalty clauses in SLAs leads to two concerns: what types of
penalty clauses can be used; and how, if at all, can these be included in SLAs.
The ‘burden of proof’ and the interest in demonstrating that the agreed SLOs
have been violated lie with the main beneficiary of the service, that is, in the
service client. An important issue that should be considered when design-
ing ‘penalty schemes’ is that behind the imposition of any contractual sanc-
tions lies the idea that faulty behaviour of a provider should be deterred. As
such, it is always possible for the service provider to contest its liability in
the unwanted result (SLA breach) and claim that a ‘force majeure’ situation
occurred. Although the situation is impossible to be dealt with through au-
tomatic enforcement, monitoring the message exchanges among the provider
and the client can indicate whether the SLA violation was the consequence of
a ‘misconduct’ from the provider (either intentional or negligent). The parties
are advised to stipulate either in the SLA or in the associated Collaboration
Agreement how they choose to deal with the situation where the provider’s