206,265 research outputs found
Controlling tropical deforestation : an analysis of alternative policies
After discussing ownership issues related to tropical forests, theauthor develops a simple general equilibrium model to represent - at least in a stylized way - the salient aspects of the deforestation process. He uses the model to generate first- and second-best policy options for controlling deforestation and, later, to assess the environmental consequences of government policies often cited in the literature on deforestation. Property rights, though important for understanding the process of tropical deforestation, do not necessarily point to a simple or straightfoward fix for environmental problems, particularly in developing countries. The sheer size, communal nature of service flows, and pervasiveness of individual access to tropical forests make monitoring and enforcement costly in some situations and unimaginable in others. Redefining nominal rights in ways that appear to correct inefficiencies may yield gains in some cases, but an approach to environmental protection that leans heavily on this prescription seems aimed more at symptoms than at causes, says the author. Moreover, policy approaches based on the use of Pigovian taxes or marketable permit schemes may yield efficiency gains in some cases, but such approaches generally involve the same monitoring and enforcement problems that prevent the market from solving allocation problems. Simple, direct solutions to deforestation and other environmental problems are unavailable, but an ability to understand the environmental and welfare consequences of policies adopted for other reasons is useful - if only to help policymakers avoid mistakes that would otherwise go unrecognized. The model the author develops for this purpose is highly stylized and intended primarily to provide a systematic way of thinking about the environmental and welfare effects of government policy - for example, by considering patterns of substitution among inputs and outputs, in cases where an environmental resource to which people have free access is exploited. If the use of first-best policies is infeasible - whether because of monitoringcosts, transboundary effects, or other reasons - then it becomes important to have detailed knowledge of patterns of substitution and complementarity among ordinary inputs and environmental resources, and information on the use of various environmental resources in the production of specific goods and services. Knowledge of such factors can permit policymakers to pursue policy goals in situations where first-best instruments are unavailable.Environmental Economics&Policies,Economic Theory&Research,Public Sector Economics&Finance,Forestry,Markets and Market Access
Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security
assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security
mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps
framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include
the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any)
and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security
level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received
funding from the European Unionâs Horizon 2020 research
and innovation programme under grant agreement No 644429
and No 780351, MUSA project and ENACT project,
respectively. We would also like to acknowledge all the
members of the MUSA Consortium and ENACT Consortium
for their valuable help
The Prescription Opioid Epidemic: an Evidence-Based Approach
A group of experts, led by researchers at the Johns Hopkins Bloomberg School of Public Health, issued this report aimed at stemming the prescription opioid epidemic, a crisis that kills an average of 44 people a day in the U.S. The report calls for changes to the way medical students and physicians are trained, prescriptions are dispensed and monitored, first responders are equipped to treat overdoses, and those with addiction are identified and treated. The report grew out of discussions that began last year at a town hall co-hosted by the Bloomberg School and the Clinton Health Matters Initiative, an initiative of the Clinton Foundation. The recommendations were developed by professionals from medicine, pharmacy, injury prevention and law. Patient representatives, insurers and drug manufacturers also participated in developing the recommendations. The report breaks its recommendations into seven categories:Prescribing GuidelinesPrescription Drug Monitoring Programs (PDMPs)Pharmacy Benefit Managers (PBMs) and PharmaciesEngineering Strategies (i.e., packaging)Overdose Education and Naloxone Distribution ProgramsAddiction TreatmentCommunity-Based Prevention Strategie
Co-operative and Competitive Enforced Self Regulation: The Role of Governments, Private Actors and Banks in Corporate Responsibility.
In considering why practices which stimulate incentives for private agents to exert corporate
control should be encouraged, this paper highlights criticisms attributed to government
control of banks. However the theory relating to the âhelping handâ view of government is
advanced as having a fundamental role in the regulation and supervision of banks.
Furthermore, governments have a vital role to play in corporate responsibility and regulation
given the fact that banks are costly and difficult to monitor â this being principally attributed
to the possibility that private agents will lack required incentives or the ability to supervise
banks. Through its supervision of banks, governments also assume an important role where
matters related to the fostering of accountability are concerned â not only because banks may
have the power to affect firm performance, but also because some private agents are not able
to afford internal monitoring mechanisms.
Through the Enforced Self Regulation model, the paper attempts to highlight the role played
by government in the direct monitoring of firms. In proposing the Co-operative and
Competitive Enforced Self Regulation model, it attempts to draw attention to the fact that
although such a model is based on a combination of already existing models and theories, the
absence of effective enforcement mechanisms will restrict the maximisation potential of such
a model.
The primary theme of the paper relates to how corporate responsibility and accountability
could be fostered through monitoring and the involvement of governments in the regulation of
firms. It illustrates how structures which operate in various systems, namely, stock market
economies and universal banking systems, function (and attempt) to address gaps which may
arise as a result of lack of adequate mechanisms of accountability. Furthermore it draws
attention to the impact of asymmetric information (generally and in these systems), on levels
of monitoring procedures and how conflicts of interests which could arise between banks and
their shareholders, or between governments and those firms being regulated by the regulator,
could be addressed
A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Purpose is crucial for privacy protection as it makes users confident that
their personal data are processed as intended. Available proposals for the
specification and enforcement of purpose-aware policies are unsatisfactory for
their ambiguous semantics of purposes and/or lack of support to the run-time
enforcement of policies.
In this paper, we propose a declarative framework based on a first-order
temporal logic that allows us to give a precise semantics to purpose-aware
policies and to reuse algorithms for the design of a run-time monitor enforcing
purpose-aware policies. We also show the complexity of the generation and use
of the monitor which, to the best of our knowledge, is the first such a result
in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International
Workshop on Security and Trust Management (STM 2015
Towards integrated island management: lessons from Lau, Malaita, for the implementation of a national approach to resource management in Solomon Islands: final report
Solomon Islands has recently developed substantial policy aiming to support inshore fisheries management, conservation, climate change adaptation and ecosystem approaches to resource management. A large body of experience in community based approaches to management has developed but âupscalingâ and particularly the implementation of nation-wide approaches has received little attention so far. With the emerging challenges posed by climate change and the need for ecosystem wide and integrated approaches attracting serious donor attention, a national debate on the most effective approaches to implementation is urgently needed. This report discusses potential implementation of âa cost-effective and integrated approach to resource management that is consistent with national policy and needsâ based on a review of current policy and institutional structures and examination of a recent case study from Lau, Malaita using stakeholder, transaction and financial cost analyses
Enforcing reputation constraints on business process workflows
The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture
A coordination protocol for user-customisable cloud policy monitoring
Cloud computing will see a increasing demand for end-user customisation and personalisation of multi-tenant cloud service offerings. Combined with an identified need to address QoS and governance aspects in cloud computing, a need to provide user-customised QoS and governance policy management and monitoring as part of an SLA management infrastructure for clouds arises. We propose a user-customisable policy definition solution that can be enforced in multi-tenant cloud offerings through an automated instrumentation and monitoring technique. We in particular allow service processes that are run by cloud and SaaS providers to be made policy-aware in a transparent way
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
- âŠ