Equity and Policy Effectiveness with Imperfect Targeting

We propose a general cost-of-inequality approach that jointly integrates horizontal and vertical equity criteria in the assessment of poverty alleviation programs, with the strength of each criterion being captured through its own inequity-aversion parameter. This contrasts with the assessment of poverty alleviation programs done with simple under-coverage and leakage ratios or with other methods that do not take into account the heterogeneity of the poor and that do not address directly the social benefits of achieving normative criteria. Our methodology is illustrated using Tunisian data and two alternative poverty alleviation policies. We find inter alia that the social ranking of commodity and socio-demographic targeting in Tunisia depends on the policymaker's comparative preference for vertical and horizontal equity.Poverty, Vertical Equity, Horizontal Inequity, Transfers, Targeting, Tunisia

Generalized Proofs of Knowledge with Fully Dynamic Setup

Proofs of knowledge (PoK) are one of the most fundamental notions in cryptography. The appeal of this notion is that it provides a general template that an application can suitably instantiate by choosing a specific relation. Nonetheless, several important applications have been brought to light, including proofs-of-ownership of files or two-factor authentication, which do not fit the PoK template but naturally appear to be special cases of a more general notion of proofs of knowledge or possession. One would thus expect that their security properties, in particular privacy and soundness, are simply derived as concrete instantiation of a common generalized PoK concept with well understood security semantics. Unfortunately, such a notion does not exist, resulting in a variety of tailor-made security definitions whose plausibility must be checked on a case-by-case basis. In this work, we close this gap by providing the theoretical foundations of a generalized notion of PoK that encompasses dynamic and setup-dependent relations as well as interactive statement derivations. This novel combination enables an application to directly specify relations that depend on an assumed setup, such as a random oracle, a database or ledger, and to have statements be agreed upon interactively and dynamically between parties based on the state of the setup. Our new notion is called agree-and-prove and provides clear semantics of correctness, soundness, and zero-knowledge in the above generalized scenario. As an application, we first consider proofs-of-ownership of files for client-side file deduplication. We cast the problem and some of its prominent schemes in our agree-and-prove framework and formally analyze their security. Leveraging our generic zero-knowledge formalization, we then devise a novel scheme that is provably the privacy-preserving analogue of the well-known Merkle-Tree based protocol. As a second application, we consider two-factor entity authentication to showcase how the agree-and-prove notion encompasses proofs of ability, such as proving the correct usage of an abstract hardware token

Sources of economic renewal: from the traditional firm to the knowledge firm

We build on the imperfection of intellectual property rights as the central motivation for the organization of firms. There are several characteristics specific to a theory of the firm grounded on the absence of intellectual property rights: monetary incentive schemes arise naturally as a element of the organization and strategy of the firm, since profits are verifiable; firm's boundaries and the degree of centralization respond to the same economic principle; the sunk cost of physical assets plays a role of 'anchoring' non-patentable knowledge inside the firm, improving the appropriability of intellectual capital. Moreover, the model implies that 'small' changes in primitives (particularly small reductions in entry costs) may have drastic implications in organizations, inducing firms to shift from a strategy of building up physical capital, which improves appropriability, to a strategy of reliance on employee 'empowerment' (under which employees combine equity holding with being fully informed). The former strategy is characterized instead by flat wages and by employees' restricted access to the intellectual capital of the firm. The model may shed light in the theoretical explanation of observed industrial restructuring. JEL Classification: C70, D23, D43, D82, L11, L22, O31

State of The Art and Hot Aspects in Cloud Data Storage Security

Along with the evolution of cloud computing and cloud storage towards matu- rity, researchers have analyzed an increasing range of cloud computing security aspects, data security being an important topic in this area. In this paper, we examine the state of the art in cloud storage security through an overview of selected peer reviewed publications. We address the question of defining cloud storage security and its different aspects, as well as enumerate the main vec- tors of attack on cloud storage. The reviewed papers present techniques for key management and controlled disclosure of encrypted data in cloud storage, while novel ideas regarding secure operations on encrypted data and methods for pro- tection of data in fully virtualized environments provide a glimpse of the toolbox available for securing cloud storage. Finally, new challenges such as emergent government regulation call for solutions to problems that did not receive enough attention in earlier stages of cloud computing, such as for example geographical location of data. The methods presented in the papers selected for this review represent only a small fraction of the wide research effort within cloud storage security. Nevertheless, they serve as an indication of the diversity of problems that are being addressed

Principles of Security and Trust: 7th International Conference, POST 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings

authentication; computer science; computer software selection and evaluation; cryptography; data privacy; formal logic; formal methods; formal specification; internet; privacy; program compilers; programming languages; security analysis; security systems; semantics; separation logic; software engineering; specifications; verification; world wide we

Secure data storage and retrieval in cloud computing

Nowadays cloud computing has been widely recognised as one of the most inuential information technologies because of its unprecedented advantages. In spite of its widely recognised social and economic benefits, in cloud computing customers lose the direct control of their data and completely rely on the cloud to manage their data and computation, which raises significant security and privacy concerns and is one of the major barriers to the adoption of public cloud by many organisations and individuals. Therefore, it is desirable to apply practical security approaches to address the security risks for the wide adoption of cloud computing

Federated and Transfer Learning: A Survey on Adversaries and Defense Mechanisms

The advent of federated learning has facilitated large-scale data exchange amongst machine learning models while maintaining privacy. Despite its brief history, federated learning is rapidly evolving to make wider use more practical. One of the most significant advancements in this domain is the incorporation of transfer learning into federated learning, which overcomes fundamental constraints of primary federated learning, particularly in terms of security. This chapter performs a comprehensive survey on the intersection of federated and transfer learning from a security point of view. The main goal of this study is to uncover potential vulnerabilities and defense mechanisms that might compromise the privacy and performance of systems that use federated and transfer learning.Comment: Accepted for publication in edited book titled "Federated and Transfer Learning", Springer, Cha

Are Oligarchs Productive? Theory and Evidence

This paper develops a partial equilibrium model to account for stylized facts about the behavior of oligarchs, politically and economically strong conglomerates in transition and developing countries. The model predicts that oligarchs are more likely than other owners to invest in productivity enhancing projects and to vertically integrate firms to capture the gains from possible synergies and, thus, oligarchs can be productive. Using a unique dataset comprising almost 2,000 Ukrainian open joint stock companies, the paper tests empirical implications of the model. In contrast to commonly held views, econometric results suggest that, after controlling for endogeneity of ownership, oligarchs can improve the performance of the firms they own relative to other firms.treatment effect, oligarch, transition, firm performance, property rights

NetVote: A strict-coercion resistance re-voting based internet voting scheme with linear filtering

This paper is an extended of: Querejeta-Azurmendi, I.; Hernández Encinas, L.; Arroyo Guardeño, D.; Hernandez-Ardieta, J.L. An internet voting proposal towards improving usability and coercion resistance. Proceedings of the International Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2019) and 10th International Conference on EUropean Transnational Education (ICEUTE 2019), Seville, Spain, 13-15 May 2019.This paper proposes NetVote, an internet voting protocol where usability and ease in deployment are a priority. We introduce the notion of strict coercion resistance, to distinguish between vote-buying and coercion resistance. We propose a protocol with ballot secrecy, practical everlasting privacy, verifiability and strict coercion resistance in the re-voting setting. Coercion is mitigated via a random dummy vote padding strategy to hide voting patterns and make re-voting deniable. This allows us to build a filtering phase with linear complexity, based on zero knowledge proofs to ensure correctness while maintaining privacy of the process. Voting tokens are formed by anonymous credentials and pseudorandom identifiers, achieving practical everlasting privacy, where even if dealing with a future computationally unbounded adversary, vote intention is still hidden. It is not assumed for voters to own cryptographic keys prior to the election, nor store cryptographic material during the election. This property allows voters not only to vote multiple times, but also from different devices each time, granting the voter a vote-from-anywhere experience. This paper builds on top of the paper published in CISIS'19. In this version, we modify the filtering. Moreover, we formally define the padding technique, which allows us to perform the linear filtering scheme. Similarly we provide more details on the protocol itself and include a section of the security analysis, where we include the formal definitions of strict coercion resistance and a game based definition of practical everlasting privacy. Finally, we prove that NetVote satisfies them all.This research has been partially supported by Ministerio de Economía, Industria y Competitividad (MINECO), Agencia Estatal de Investigación (AEI), and European Regional Development Fund (ERDF, EU), through project COPCIS, grant number TIN2017-84844-C2-1-R, and by Comunidad de Madrid (Spain) through project CYNAMON, grant number P2018/TCS-4566-CM, co-funded along with ERDF