Insider dealing and the Chinese wall: a legal, economic, and policy analysis

Insider dealing has been in the public eye for many years now. The impact of Big Bang and the growth of financial conglomerates has, however, propelled the practice to the very forefront of regulatory concern. Regulators are faced with a dilemma: financial conglomerates bring with them many economic benefits, but they also accentuate the problem of insider dealing, in that the greater availability of inside information within these open ended financial houses, increases the scope for its misuse. Regulators must ensure that the regulation imposed does not overly impede the benefits to be gained from conglomeration; yet they must ensure that regulation is sufficiently stringent to provide a fair market place. The Chinese Wall - a self-styled mechanism consisting of policies procedures designed to stop the flow of inside information within financial conglomerates - is singled out for special treatment. The legal and policy problems associated with the use of the mechansim are reviewed. These revolve around two main issues: (i) Is the Wall an effective policy device to rebut allegations of insider dealing in a financial conglomerate where Arm A is dealing in shares in Company X while arm B has information pertaining to Company X. (ii) If the Chinese Wall actually works, does the operation of the mechanism give rise to breach of fiduciary obligations ie. to what extent does the operation of the Chinese Wall in conglomerates modify traditional fiduciary law. The conclusion reached is that the Chinese Wall offers regulators the best solution to the problem of conflicts of interest and obligation in fully fledged financial conglomerates. The Wall must, however, be 'strengthened' to prevent, for example, a coroprate fiduciary dealing for its own account where another department within the conglomerate has a material interest in the transaction. At common law, the courts ought to, and probably would, accept this approach. However in an action brought under the SIB rulebook, and the rulebooks made thereunder, it would seem that the courts are bound to accept a Wall per se (ie. without being strengthened) as valid. To the extent that this differs from what ought to be the position at common law, the SIB rulebook should be modified. A tentative import of economic analysis is used to complement the largely legal analysis. In this way it is hoped to gain a better grasp of the policy issues under study

PROACTIVE BIOMETRIC-ENABLED FORENSIC IMPRINTING SYSTEM

Insider threats are a significant security issue. The last decade has witnessed countless instances of data loss and exposure in which leaked data have become publicly available and easily accessible. Losing or disclosing sensitive data or confidential information may cause substantial financial and reputational damage to a company. Therefore, preventing or responding to such incidents has become a challenging task. Whilst more recent research has focused explicitly on the problem of insider misuse, it has tended to concentrate on the information itself—either through its protection or approaches to detecting leakage. Although digital forensics has become a de facto standard in the investigation of criminal activities, a fundamental problem is not being able to associate a specific person with particular electronic evidence, especially when stolen credentials and the Trojan defence are two commonly cited arguments. Thus, it is apparent that there is an urgent requirement to develop a more innovative and robust technique that can more inextricably link the use of information (e.g., images and documents) to the users who access and use them. Therefore, this research project investigates the role that transparent and multimodal biometrics could play in providing this link by leveraging individuals’ biometric information for the attribution of insider misuse identification. This thesis examines the existing literature in the domain of data loss prevention, detection, and proactive digital forensics, which includes traceability techniques. The aim is to develop the current state of the art, having identified a gap in the literature, which this research has attempted to investigate and provide a possible solution. Although most of the existing methods and tools used by investigators to conduct examinations of digital crime help significantly in collecting, analysing and presenting digital evidence, essential to this process is that investigators establish a link between the notable/stolen digital object and the identity of the individual who used it; as opposed to merely using an electronic record or a log that indicates that the user interacted with the object in question (evidence). Therefore, the proposed approach in this study seeks to provide a novel technique that enables capturing individual’s biometric identifiers/signals (e.g. face or keystroke dynamics) and embedding them into the digital objects users are interacting with. This is achieved by developing two modes—a centralised or decentralised manner. The centralised approach stores the mapped information alongside digital object identifiers in a centralised storage repository; the decentralised approach seeks to overcome the need for centralised storage by embedding all the necessary information within the digital object itself. Moreover, no explicit biometric information is stored, as only the correlation that points to those locations within the imprinted object is preserved. Comprehensive experiments conducted to assess the proposed approach show that it is highly possible to establish this correlation even when the original version of the examined object has undergone significant modification. In many scenarios, such as changing or removing part of an image or document, including words and sentences, it was possible to extract and reconstruct the correlated biometric information from a modified object with a high success rate. A reconstruction of the feature vector from unmodified images was possible using the generated imprints with 100% accuracy. This was achieved easily by reversing the imprinting processes. Under a modification attack, in which the imprinted object is manipulated, at least one imprinted feature vector was successfully retrieved from an average of 97 out of 100 images, even when the modification percentage was as high as 80%. For the decentralised approach, the initial experimental results showed that it was possible to retrieve the embedded biometric signals successfully, even when the file (i.e., image) had had 75% of its original status modified. The research has proposed and validated a number of approaches to the embedding of biometric data within digital objects to enable successful user attribution of information leakage attacks.Embassy of Saudi Arabia in Londo

Internalizing Outsider Trading

Investing in the United States has become a hobby for many. Individual ownership of equity, moreover, has increased over the past decade due in part to the introduction of internet-based trading. While providing the possibility for greater returns compared with bank savings accounts, among other investment alternatives, the public capital markets also pose greater risks for investors. Many individual investors lack both the resources and the incentive to analyze the value of any particular security in the market. Such investors thus trade at a systematic disadvantage relative to more informed parties. In response, regulators have asserted that certain informational disparities cause uninformed investors to lose confidence in the market, thereby justifying stringent regulation. This Article analyzes the impact of information advantages in the market and proposes a unified approach to regulating such advantages. Informational disparities in the market arise from a number of different sources. An individual investor may contemplate a trade in a particular publicly traded company. Call the company whose securities are being traded the traded firm . In a world without regulatory prohibitions, individual investors first face the possibility that the traded firm itself will provide nonpublic material information to only a subset of investors in the market. Insiders at the traded firm, for example, may enjoy preferential access to confidential information about the company\u27s business prospects and expansion plans, among other things. Insiders may then exploit this information to profit from trades in the market at the expense of outside investors. The traded firm may also provide internal information to outside investors selectively; for example, giving nonpublic material information solely to a group of analysts that regularly follow the firm

Advanced Dynamic Encryption – A Security Enhancement Protocol for IEEE 802.11 and Hybrid Wireless Network

Data integrity and privacy are the two most important security requirements in wireless communication. Most mechanisms rely on pre-share key data encryption to prevent unauthorized users from accessing confidential information. However, a fixed secret key is vulnerable to cracking by capturing sufficient packets or launching a dictionary attack. In this research, a dynamic re-keying encryption protocol was developed to enhance the security protection for IEEE 802.11 and hybrid wireless network. This protocol automatically updates the secret key during the end-to-end transmission between wireless devices to protect the network and the communication privacy. In addition, security analyses are given to verify the protection of this protocol. Experiment results also validate that the dynamic encryption approach can perform as efficiently as other security architectures while providing an additional layer of data protection

The regulation of insider trading in corporate securities

PhDFirstly it is necessary to examine insider trading in corporate securities in it's social and economic context. Before any discussion of substantive regulation can meaningfully take place it 1s necessary to consider such questions as the incidence of insider trading and whether in fact it causes harm. In, particular the question of 'fairness' is considered, and the economic arguments sometimes raised in support of insider trading explored. Corporate disclosure is directly related to insider trading. The ability of corporate insiders to abuse their positions is obviously related to the effectiveness of company disclosure. Furthermore apart from the effect corporate disclosure has on the availability of information for investors, disclosure of insiders transactions may discourage abusive trading and assist in the enforcement of regulatory provisions. Disclosure may also be used as a sanction. The impact of expanded corporate disclosure policies and in particular the disclosure of price sensativa information to employees is considered. One or the main problems with anti-insider trading regulation is the satisfactory determination of a definition for insiders. This determination will set the scope of regulation. In drawing up this definition attention must be given to the problem of 'tippee trading' and the effect that such provisions might have on the securities industry. An extensive study of the present law relevant to insider trading, in Britain, Australasia and Canada is provided with particular reference. to the role of self regulatory authorities. Recent proposals for anti-insider trading legislation in the United Kingdom are analysed. At the heart of any discussion of insider trading must be the question of enforcement Civil enforcement is discussed in the context of derivative actions and class suits. The present structure of regulation is analysed and a now enforcement agency is suggested. The crucial availability of effective market surveillance-is discussed in the context of the experience of other countries

No dark corners : defending against insider threats to critical infrastructure

CHDS State/LocalAn adversary who makes a frontal attack can be anticipated or repulsed. An adversary who attacks from within, however, cannot be so readily countered. This study intends to identify defenses against trust betrayers targeting critical infrastructure. Using a Delphi method, the study develops insights of experts from more mature arenas of defense against insider threats, such as workplace violence and counter-espionage, in order to assist infrastructure stewards with defending against the insider threat to critical infrastructure. The findings uncover flaws in institutional defenses that adversaries can exploit, with infiltrators posing a greater threat than disgruntled insiders. Resulting recommendations run counter to accepted wisdom. These recommendations shape the contours of a No Dark Corners approach that applies and extends seminal theories of Newman's Defensible Space and Kelling's Fixing Broken Windows. No Dark Corners replaces a laser for a flashlight. The laser is a narrow beam of workplace monitoring only by corporate sentinels, or security specialists. The flashlight is a broader beam of employee engagement and monitoring on the front lines at the team level. There are no easy answers. No Dark Corners shows promise in filling the gaps in traditional insider defenses to deliver the victory of ownership over surprise.http://archive.org/details/nodarkcornersdef109454656Security Unit Manager, Metropolitan Water District of Southern California author (civilian)

A study of insider threat behaviour: developing a holistic insider threat model

This study investigates the factors that influence the insider threat behaviour. The research aims to develop a holistic view of insider threat behaviour and ways to manage it. This research adopts an Explanatory Mixed Methods approach for the research process. Firstly, the researcher collects the quantitative data and then the qualitative data. In the first phase, the holistic insider threat model is developed; in the second phase, best practices are developed to manage the threat