Controlling tropical deforestation : an analysis of alternative policies

After discussing ownership issues related to tropical forests, theauthor develops a simple general equilibrium model to represent - at least in a stylized way - the salient aspects of the deforestation process. He uses the model to generate first- and second-best policy options for controlling deforestation and, later, to assess the environmental consequences of government policies often cited in the literature on deforestation. Property rights, though important for understanding the process of tropical deforestation, do not necessarily point to a simple or straightfoward fix for environmental problems, particularly in developing countries. The sheer size, communal nature of service flows, and pervasiveness of individual access to tropical forests make monitoring and enforcement costly in some situations and unimaginable in others. Redefining nominal rights in ways that appear to correct inefficiencies may yield gains in some cases, but an approach to environmental protection that leans heavily on this prescription seems aimed more at symptoms than at causes, says the author. Moreover, policy approaches based on the use of Pigovian taxes or marketable permit schemes may yield efficiency gains in some cases, but such approaches generally involve the same monitoring and enforcement problems that prevent the market from solving allocation problems. Simple, direct solutions to deforestation and other environmental problems are unavailable, but an ability to understand the environmental and welfare consequences of policies adopted for other reasons is useful - if only to help policymakers avoid mistakes that would otherwise go unrecognized. The model the author develops for this purpose is highly stylized and intended primarily to provide a systematic way of thinking about the environmental and welfare effects of government policy - for example, by considering patterns of substitution among inputs and outputs, in cases where an environmental resource to which people have free access is exploited. If the use of first-best policies is infeasible - whether because of monitoringcosts, transboundary effects, or other reasons - then it becomes important to have detailed knowledge of patterns of substitution and complementarity among ordinary inputs and environmental resources, and information on the use of various environmental resources in the production of specific goods and services. Knowledge of such factors can permit policymakers to pursue policy goals in situations where first-best instruments are unavailable.Environmental Economics&Policies,Economic Theory&Research,Public Sector Economics&Finance,Forestry,Markets and Market Access

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

The Prescription Opioid Epidemic: an Evidence-Based Approach

A group of experts, led by researchers at the Johns Hopkins Bloomberg School of Public Health, issued this report aimed at stemming the prescription opioid epidemic, a crisis that kills an average of 44 people a day in the U.S. The report calls for changes to the way medical students and physicians are trained, prescriptions are dispensed and monitored, first responders are equipped to treat overdoses, and those with addiction are identified and treated. The report grew out of discussions that began last year at a town hall co-hosted by the Bloomberg School and the Clinton Health Matters Initiative, an initiative of the Clinton Foundation. The recommendations were developed by professionals from medicine, pharmacy, injury prevention and law. Patient representatives, insurers and drug manufacturers also participated in developing the recommendations. The report breaks its recommendations into seven categories:Prescribing GuidelinesPrescription Drug Monitoring Programs (PDMPs)Pharmacy Benefit Managers (PBMs) and PharmaciesEngineering Strategies (i.e., packaging)Overdose Education and Naloxone Distribution ProgramsAddiction TreatmentCommunity-Based Prevention Strategie

Co-operative and Competitive Enforced Self Regulation: The Role of Governments, Private Actors and Banks in Corporate Responsibility.

In considering why practices which stimulate incentives for private agents to exert corporate control should be encouraged, this paper highlights criticisms attributed to government control of banks. However the theory relating to the “helping hand” view of government is advanced as having a fundamental role in the regulation and supervision of banks. Furthermore, governments have a vital role to play in corporate responsibility and regulation given the fact that banks are costly and difficult to monitor – this being principally attributed to the possibility that private agents will lack required incentives or the ability to supervise banks. Through its supervision of banks, governments also assume an important role where matters related to the fostering of accountability are concerned – not only because banks may have the power to affect firm performance, but also because some private agents are not able to afford internal monitoring mechanisms. Through the Enforced Self Regulation model, the paper attempts to highlight the role played by government in the direct monitoring of firms. In proposing the Co-operative and Competitive Enforced Self Regulation model, it attempts to draw attention to the fact that although such a model is based on a combination of already existing models and theories, the absence of effective enforcement mechanisms will restrict the maximisation potential of such a model. The primary theme of the paper relates to how corporate responsibility and accountability could be fostered through monitoring and the involvement of governments in the regulation of firms. It illustrates how structures which operate in various systems, namely, stock market economies and universal banking systems, function (and attempt) to address gaps which may arise as a result of lack of adequate mechanisms of accountability. Furthermore it draws attention to the impact of asymmetric information (generally and in these systems), on levels of monitoring procedures and how conflicts of interests which could arise between banks and their shareholders, or between governments and those firms being regulated by the regulator, could be addressed

A Declarative Framework for Specifying and Enforcing Purpose-aware Policies

Purpose is crucial for privacy protection as it makes users confident that their personal data are processed as intended. Available proposals for the specification and enforcement of purpose-aware policies are unsatisfactory for their ambiguous semantics of purposes and/or lack of support to the run-time enforcement of policies. In this paper, we propose a declarative framework based on a first-order temporal logic that allows us to give a precise semantics to purpose-aware policies and to reuse algorithms for the design of a run-time monitor enforcing purpose-aware policies. We also show the complexity of the generation and use of the monitor which, to the best of our knowledge, is the first such a result in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International Workshop on Security and Trust Management (STM 2015

Towards integrated island management: lessons from Lau, Malaita, for the implementation of a national approach to resource management in Solomon Islands: final report

Solomon Islands has recently developed substantial policy aiming to support inshore fisheries management, conservation, climate change adaptation and ecosystem approaches to resource management. A large body of experience in community based approaches to management has developed but “upscaling” and particularly the implementation of nation-wide approaches has received little attention so far. With the emerging challenges posed by climate change and the need for ecosystem wide and integrated approaches attracting serious donor attention, a national debate on the most effective approaches to implementation is urgently needed. This report discusses potential implementation of “a cost-effective and integrated approach to resource management that is consistent with national policy and needs” based on a review of current policy and institutional structures and examination of a recent case study from Lau, Malaita using stakeholder, transaction and financial cost analyses

Enforcing reputation constraints on business process workflows

The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture

A coordination protocol for user-customisable cloud policy monitoring

Cloud computing will see a increasing demand for end-user customisation and personalisation of multi-tenant cloud service offerings. Combined with an identified need to address QoS and governance aspects in cloud computing, a need to provide user-customised QoS and governance policy management and monitoring as part of an SLA management infrastructure for clouds arises. We propose a user-customisable policy definition solution that can be enforced in multi-tenant cloud offerings through an automated instrumentation and monitoring technique. We in particular allow service processes that are run by cloud and SaaS providers to be made policy-aware in a transparent way

CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure