Central bank Financial Independence

Central bank independence is a multifaceted institutional design. The financial component has been seldom analysed. This paper intends to set a comprehensive conceptual background for central bank financial independence. Quite often central banks are modelled as robot like maximizers of some goal. This perspective neglects the fact that central bank functions are inevitably deployed on its balance sheet and have effects on its income statement. A financially independent central bank exhibits the adequate balance sheet structure and earnings generation capacity to efficiently perform its functions. From a long term perspective, as far as the demand for banknotes is maintained seignorage waters down any central bank financial independence concern. However, from a short term perspective central bank financial vulnerability may condition its effective independence. Vulnerability may be real or accounting based. However, no matter its origin, institutional solutions are needed to minimize their impact. Adequate capitalization turns out to be a key issue. Alternatively, contingent capital in the form of institutional arrangements to bear central bank losses may be a (second- best) solution. The paper analyses in the context of simple VAR model the interplay between capitalization, accounting rules and dividend distribution. This analysis is preceded by a thorough discussion of the risk return profile of central banks net return on assets. Three main conclusions shape the input to the capitalization model. Central banks return on assets can be very volatile from a short term perspective. From a medium term perspective, natural earnings generation cycles dampen down volatility. On average, central banks net return on assets typically exhibits a discount over government debt financing cost. These observations shape the central bank financing planning problem as follows. Namely, the size of the discount relative to the social costs that would arise in case of a lack of central bank independence, along with central bank exposure to risks and the volatility thereof, determine the incentives of the government to maintain an excess of financial assets in the form of central bank capital. Actually, the working of smoothing mechanisms operating across time on central banks earnings leads to a distinction between short term and medium term capital, i.e. the optimum capital solution is a band. In the same vein, the need to maintain optimal consistence between central bank financial strength and dividends distribution policy leads also to smoothing proposals for pay out policy.Central Banking Capital, Independence, Accounting, Profits

On Enhancing Security of Password-Based Authentication

Password has been the dominant authentication scheme for more than 30 years, and it will not be easily replaced in the foreseeable future. However, password authentication has long been plagued by the dilemma between security and usability, mainly due to human memory limitations. For example, a user often chooses an easy-to-guess (weak) password since it is easier to remember. The ever increasing number of online accounts per user even exacerbates this problem. In this dissertation, we present four research projects that focus on the security of password authentication and its ecosystem. First, we observe that personal information plays a very important role when a user creates a password. Enlightened by this, we conduct a study on how users create their passwords using their personal information based on a leaked password dataset. We create a new metric---Coverage---to quantify the personal information in passwords. Armed with this knowledge, we develop a novel password cracker named Personal-PCFG (Probabilistic Context-Free Grammars) that leverages personal information for targeted password guessing. Experiments show that Personal-PCFG is much more efficient than the original PCFG in cracking passwords. The second project aims to ease the password management hassle for a user. Password managers are introduced so that users need only one password (master password) to access all their other passwords. However, the password manager induces a single point of failure and is potentially vulnerable to data breach. To address these issues, we propose BluePass, a decentralized password manager that features a dual-possession security that involves a master password and a mobile device. In addition, BluePass enables a hand-free user experience by retrieving passwords from the mobile device through Bluetooth communications. In the third project, we investigate an overlooked aspect in the password lifecycle, the password recovery procedure. We study the password recovery protocols in the Alexa top 500 websites, and report interesting findings on the de facto implementation. We observe that the backup email is the primary way for password recovery, and the email becomes a single point of failure. We assess the likelihood of an account recovery attack, analyze the security policy of major email providers, and propose a security enhancement protocol to help securing password recovery emails by two factor authentication. \newline Finally, we focus on a more fundamental level, user identity. Password-based authentication is just a one-time checking to ensure that a user is legitimate. However, a user\u27s identity could be hijacked at any step. For example, an attacker can leverage a zero-day vulnerability to take over the root privilege. Thus, tracking the user behavior is essential to examine the identity legitimacy. We develop a user tracking system based on OS-level logs inside an enterprise network, and apply a variety of techniques to generate a concise and salient user profile for identity examination

THE AGEING WORKFORCE IN IRELAND: WORKING CONDITIONS, HEALTH AND EXTENDING WORKING LIVES. ESRI RESEARCH SERIES NUMBER 92 OCTOBER 2019

Extending working lives is a central element of active ageing policy in Ireland and Europe, and is seen as promoting active lifestyles and sustaining social protection systems in the context of an ageing population. However, efforts to extend working life must consider the reasons why workers leave employment early. Simply raising the minimum retirement age will not build sustainable jobs. A central element of this picture is the health and working conditions faced by older workers. This project explores the retention of older workers in Ireland, drawing on several sources of data to describe their experience in the Irish labour market. While there is no official age threshold to classify a worker as an older worker, the literature on ageing workforce often focuses on workers aged 55 and over.1 In Ireland, according to the 2018 Labour Force Survey, there are currently 396,060 workers in this age category, accounting for 18 per cent of the employed population. We set out to explore the following questions: • How do the working conditions and the health of older workers compare to those of younger workers? • What types of jobs and working conditions are associated with perceived ability to work longer? • Which sectors and occupations are best able to retain older workers? • Among those who exit early (aged 55–59 years), what are their reasons for leaving work? • Are older workers more vulnerable to fatal injury in the workforce? Are they embedded in sectors prone to injury

Risk analysis of LPG tanks at the wildland-urban interface

In areas of wildland-urban interface (WUI), especially residential developments, it is very common to see liquefied petroleum gas (LPG) tanks, particularly with a higher ratio of propane, in surface installations serving homes. The most common tanks are between 1 and 5 m3 of capacity, but smaller ones of less than 1 m3 are more frequent. In case of accident, installations may be subject to fires and explosions, especially in those circumstances where legal and normative requirements allow very close exposure to flames from vegetable fuel near LPG tanks. In this project, it is intended to do a comprehensive diagnosis of the problem, addressing the compilation of information on real risk scenarios in historical fires. First, a preliminary presentation of the properties and characteristics of liquefied petroleum gas will be exposed. Its physical and chemical properties, production methodology, pressure and temperature diagrams and important considerations will be defined when using this type of substances in a storage tank of a certain volume. Next, a review of the situation of the existence of LPG tanks in the urban forest interfaces will be exposed. In this case, the main accidents caused by problems with the storage of LPG will be analyzed taking into account the relevance of BLEVE events in this type of incidents. To do this, the main scenarios that could take place in the event of a fire will be presented. Next, the existing legislation on the storage of LPG in these environments in some Mediterranean countries will be studied. In order to develop a comprehensive analysis, the main safety measures and distances will be considered, as well as the awareness of the possibility of vegetation material in the vicinity of LPG storage tanks, which is the main problem that will arise in a possible BLEVE scenario in case of fire. To finalize and facilitate understanding, a comparative table will be included with the aim of visualizing the main advantages and legislative deficiencies between the different countries. Following, the state of the art in terms of modelling LPG accidents at the WUI will be reviewed. Trying to simulate and predict this type of scenarios, it will see the models normally chosen to obtain the tolerable values selected and the answers obtained in each case. Finally, several fire scenarios will be simulated by means of a CFD tool (FDS, Fire Dynamics Simulator). In these simulations, the wind velocity and the distance of the combustible vegetal mass to the tank will be controlled in a WUI fire in which there is a tank of fixed dimensions. The temperature and the heat flow in each of the scenarios will be obtained, and the differences among the location of the sensors and the characteristics of the scenario will be analyzed. As a conclusion, it has been observed that there is a great amount of variables that are not contemplated by the regulatory organisms and that the existing legislation does not guarantee the safety of the population in this type of environment. From the simulations results, variables as temperature should be studied for further characterizations

Electrolyte effects on polyacrylic acid-polyvinylpyrrolidone aqueous glycol mixtures for use as de-icing fluids

Rheological and wind tunnels measurements are presented for mixtures of polymers polyacrylic acid [PAA] and polyvinylpyrrolidone [PVP] polymers dispersed in water-1,2 propylene glycol mixture to examine their use as potential aircraft de-icing fluids. PAA solutions which form the basis of de-icing fluids are known to result in undesirable gelation which may lead to undesirable and catastrophic consequences in such applications. In this study, we examine the blending of PVP with PAA blends as alternative de-icing fluid formulations that can reduce the likelihood of forming such irreversible gel deposits. Through adjustment of the electrolyte concentration, the ratio of PAA to PVP as well as the molecular weight of PVP, it is possible to achieve a required viscosity profile to that exhibited by a model de-icing fluid across a range of appropriate temperatures. Wind tunnel tests indicate that the mixtures are capable of meeting the necessary requirements for boundary layer depletion as well as having sufficient capability of retaining a stable layer required during aircraft taxiing

A Calculus for Orchestration of Web Services

Service-oriented computing, an emerging paradigm for distributed computing based on the use of services, is calling for the development of tools and techniques to build safe and trustworthy systems, and to analyse their behaviour. Therefore, many researchers have proposed to use process calculi, a cornerstone of current foundational research on specification and analysis of concurrent, reactive, and distributed systems. In this paper, we follow this approach and introduce CWS, a process calculus expressly designed for specifying and combining service-oriented applications, while modelling their dynamic behaviour. We show that CWS can model all the phases of the life cycle of service-oriented applications, such as publication, discovery, negotiation, orchestration, deployment, reconfiguration and execution. We illustrate the specification style that CWS supports by means of a large case study from the automotive domain and a number of more specific examples drawn from it

A Mediated Definite Delegation Model allowing for Certified Grid Job Submission

Grid computing infrastructures need to provide traceability and accounting of their users" activity and protection against misuse and privilege escalation. A central aspect of multi-user Grid job environments is the necessary delegation of privileges in the course of a job submission. With respect to these generic requirements this document describes an improved handling of multi-user Grid jobs in the ALICE ("A Large Ion Collider Experiment") Grid Services. A security analysis of the ALICE Grid job model is presented with derived security objectives, followed by a discussion of existing approaches of unrestricted delegation based on X.509 proxy certificates and the Grid middleware gLExec. Unrestricted delegation has severe security consequences and limitations, most importantly allowing for identity theft and forgery of delegated assignments. These limitations are discussed and formulated, both in general and with respect to an adoption in line with multi-user Grid jobs. Based on the architecture of the ALICE Grid Services, a new general model of mediated definite delegation is developed and formulated, allowing a broker to assign context-sensitive user privileges to agents. The model provides strong accountability and long- term traceability. A prototype implementation allowing for certified Grid jobs is presented including a potential interaction with gLExec. The achieved improvements regarding system security, malicious job exploitation, identity protection, and accountability are emphasized, followed by a discussion of non- repudiation in the face of malicious Grid jobs