Collaboration for Small-Scale Fisheries Reform. Lessons in Collective Impact for Systemic Change

As a worldwide collaboration of NGOs, businesses, funders, and governments, 50in10 aimed to help its partners take promising tools and approaches in small-scale fisheries restoration to the next level by testing, strengthening, and replicating them. In January 2016, 50in10 brought together three dozen 50in10 network members and stakeholders in Belize City to learn from one another, explore financing models, innovate new approaches, and discuss how network members could continue to replicate successes. The framework of the 50in10 Theory of Change—a collective impact approach in which community empowerment, policy reform, credible science, and market demand work together—as well as collaborative learning guided the convening. Participants prioritized sustainable financing, community engagement, scientific data, and enforcement and compliance as key areas in which innovation is needed to overcome obstacles to reform, and developed ideas for how to address these challenges

Final Report from the Models for Change Evaluation

Note: This evaluation is accompanied by an evaluation of the National Campaign for this initiative as well as introduction to the evaluation effort by MacArthur's President, Julia Stasch, and a response to the evaluation from the program team. Access these related materials here (https://www.macfound.org/press/grantee-publications/evaluation-models-change-initiative).Models for Change is an initiative of The John D. and Catherine T. MacArthur Foundationto accelerate juvenile justice reforms and promote fairer, more effective, and more developmentally appropriate juvenile justice systems throughout the United States. Between 2004 and 2014, the Foundation invested more than $121 million in the initiative, intending to create sustainable and replicable models of systems reform.In June 2013, the Foundation partnered with Mathematica Policy Research and the University of Maryland to design and conduct a retrospective evaluation of Models for Change. The evaluation focused on the core state strategy, the action network strategy, and the national context in which Models for Change played out. This report is a digest and synthesis of several technical reports prepared as part of the evaluation

Non-collaborative Attackers and How and Where to Defend Flawed Security Protocols (Extended Version)

Security protocols are often found to be flawed after their deployment. We present an approach that aims at the neutralization or mitigation of the attacks to flawed protocols: it avoids the complete dismissal of the interested protocol and allows honest agents to continue to use it until a corrected version is released. Our approach is based on the knowledge of the network topology, which we model as a graph, and on the consequent possibility of creating an interference to an ongoing attack of a Dolev-Yao attacker, by means of non-collaboration actuated by ad-hoc benign attackers that play the role of network guardians. Such guardians, positioned in strategical points of the network, have the task of monitoring the messages in transit and discovering at runtime, through particular types of inference, whether an attack is ongoing, interrupting the run of the protocol in the positive case. We study not only how but also where we can attempt to defend flawed security protocols: we investigate the different network topologies that make security protocol defense feasible and illustrate our approach by means of concrete examples.Comment: 29 page

Telephony Denial of Service Defense at Data Plane (TDoSD@DP)

The Session Initiation Protocol (SIP) is an application-layer control protocol used to establish and terminate calls that are deployed globally. A flood of SIP INVITE packets sent by an attacker causes a Telephony Denial of Service (TDoS) incident, during which legitimate users are unable to use telephony services. Legacy TDoS defense is typically implemented as network appliances and not sufficiently deployed to enable early detection. To make TDoS defense more widely deployed and yet affordable, this paper presents TDoSD@DP where TDoS detection and mitigation is programmed at the data plane so that it can be enabled on every switch port and therefore serves as distributed SIP sensors. With this approach, the damage is isolated at a particular switch and bandwidth saved by not sending attack packets further upstream. Experiments have been performed to track the SIP state machine and to limit the number of active SIP session per port. The results show that TDoSD@DP was able to detect and mitigate ongoing INVITE flood attack, protecting the SIP server, and limiting the damage to a local switch. Bringing the TDoS defense function to the data plane provides a novel data plane application that operates at the SIP protocol and a novel approach for TDoS defense implementation.Final Accepted Versio

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Trust Management (TM) systems for authentication are vital to the security of online interactions, which are ubiquitous in our everyday lives. Various systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage trust in this setting. In recent years, blockchain technology has been introduced as a panacea to our security problems, including that of authentication, without sufficient reasoning, as to its merits.In this work, we investigate the merits of using open distributed ledgers (ODLs), such as the one implemented by blockchain technology, for securing TM systems for authentication. We formally model such systems, and explore how blockchain can help mitigate attacks against them. After formal argumentation, we conclude that in the context of Trust Management for authentication, blockchain technology, and ODLs in general, can offer considerable advantages compared to previous approaches. Our analysis is, to the best of our knowledge, the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology. To achieve this result, we first provide an abstract model for TM systems for authentication. Then, we show how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions. As a next step, we examine five prevalent attacks on TM systems, and provide evidence that blockchain-based solutions can be beneficial to the security of such systems, by mitigating, or completely negating such attacks.Comment: A version of this paper was published in IEEE Trustcom. http://ieeexplore.ieee.org/document/8029486

Juvenile Justice

Summarizes the foundation's Models for Change approach to juvenile justice reform -- coordinating grantmaking to develop the knowledge base, models of systems reform, and advocacy and dissemination. Includes lists of representative grants

Challenges of the New Economy: Issues at the Intersection of Antitrust and Intellectual Property

There is wide agreement that the last decade or so has presented an unusually lively and challenging period for antitrust analysis. Among many reasons we can point to are deregulation and problems of transition to a free market (telecommunications and electricity production offer leading examples), developments in procedural cooperation and possible substantive convergence in response to the increasing globalization of competition and enforcement approaches, and priorities in addressing an unprecedented merger wave. An additional challenge involves the application of established antitrust principles to the growing high-tech sector of the economy. It is that application of antitrust law to the new economy, and particularly the relationship between antitrust and intellectual property, that I will address here