Execution Integrity with In-Place Encryption

Instruction set randomization (ISR) was initially proposed with the main goal of countering code-injection attacks. However, ISR seems to have lost its appeal since code-injection attacks became less attractive because protection mechanisms such as data execution prevention (DEP) as well as code-reuse attacks became more prevalent. In this paper, we show that ISR can be extended to also protect against code-reuse attacks while at the same time offering security guarantees similar to those of software diversity, control-flow integrity, and information hiding. We present Scylla, a scheme that deploys a new technique for in-place code encryption to hide the code layout of a randomized binary, and restricts the control flow to a benign execution path. This allows us to i) implicitly restrict control-flow targets to basic block entries without requiring the extraction of a control-flow graph, ii) achieve execution integrity within legitimate basic blocks, and iii) hide the underlying code layout under malicious read access to the program. Our analysis demonstrates that Scylla is capable of preventing state-of-the-art attacks such as just-in-time return-oriented programming (JIT-ROP) and crash-resistant oriented programming (CROP). We extensively evaluate our prototype implementation of Scylla and show feasible performance overhead. We also provide details on how this overhead can be significantly reduced with dedicated hardware support

Ethics and taxation : a cross-national comparison of UK and Turkish firms

This paper investigates responses to tax related ethical issues facing busines

General trends in competition policy and investment regulation in mandatory defined contribution markets in Latin America

Following Chile's pension reform in 1981, a wave of multi-pillar pension reforms took place in Latin America (LAC). Their implementation has revealed new policy challenges. To shed light on these issues, this paper reviews the structure and performance of mandatory DC pillars in LAC. The review highlights three important points. First, it suggests overall positive outcomes from reforms in the LAC countries that implemented multi-pillar pension systems. There is, however, scope for increasing efficiency. Second, management fees have declined but remain relatively high whereas decreases in operational costs have only been partially passed through to consumers reflecting inadequate competition. Limits on transfers and related measures have been ineffective in curtailing management fees but created new barriers to entry. In recent years, a few countries inLAC introduced or are in the process of introducing a combination of new measures that focus more directly on the two root causes of inadequate competition - the inelasticity of demand to fees and selective elimination of barriers to entry by facilitating unbundling of services. These new measures show some promise. Third, the paper's review indicates that a greater diversification of pension fund portfolios in LAC appears to be necessary. Portfolio concentration owes to the adoption of strict quantitative investment regulations, underdeveloped capital markets and volatile macroeconomic environments. A gradual relaxation of these restrictions is now in progress in several countries. Regulators have become more conscious of the costs imposed by such regulations and macroeconomic conditions have improved. Greater overseas diversification seems inevitable given the development stage of local capital markets.Debt Markets,,Emerging Markets,Access to Finance,Investment and Investment Climate

Risk in Financial Conglomerates: Management and Supervision

Financial conglomerates, combining banking, securities trading, and insurance, have become an important part of the financial landscape in many countries. Cross-sector consolidation has been fostered by trends such as disintermediation, globalization, and deregulation creating new challenges for both the group’s management as well as for regulators. We discuss the theoretical reasons why supervisors are interested in the riskiness of a financial firm and why – for firms – a similar concern emerges from the theory on risk management, both from a market and a firm perspective. After describing the Dutch institutional set-up, we turn to the discussion of the following question: How can a supervisor devise a framework of supervision that does justice to a financial conglomerate’s own responsibility and, at the same time, safeguards the general public’s interest? The framework, we feel, should be similar in flavor to the Supervisory Review, as proposed in the new Basel accord.supervision, financial conglomerates, banks, insurers, diversification

Identifying barriers and opportunities for transitions towards more sustainable agriculture through system analysis: the case of Vereda La Hoya, Colombia

The paper presents the results of studies which investigated farmers’ reasoning and behaviour with regards to the mis‐use of personal protective equipment and pesticide among smallholders in Colombia. First, the research approach is described. In particular, the structured mental models approach and the integrative agent‐centred framework are presented. These approaches permit to understand the farmers’ reasoning and behaviour in a system perspective. Second, the results are summarized. The methods adopted allowed not only for identifying the factors, but also the social dynamics influencing farmers. Finally, suggestions for interventions are provided, which are not limited to a technical fix, but address the underlying social causes of the problem

The future of work: Towards a progressive agenda for all. EPC Issue Paper 9 DECEMBER 2019

Europe’s labour markets and the world of work in general are being transformed by the megatrends of globalisation, the fragmentation of the production and value chain, demographic ageing, new societal aspirations and the digitalisation of the economy. This Issue Paper presents the findings and policy recommendations of “The future of work – Towards a progressive agenda for all”, a European Policy Centre research project. Its main objectives were to expand public knowledge about these profound changes and to reverse the negative narrative often associated with this topic. It aimed to show how human decisions and the right policies can mitigate upcoming disruptions and provide European and national policymakers with a comprehensive toolkit for a progressive agenda for the new world of work