A Reduced Semantics for Deciding Trace Equivalence

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer from a classical combinatorial explosion problem caused by the exploration of many interleavings in the behaviour of processes. M\"odersheim et al. have tackled this problem for reachability properties using partial order reduction techniques. We revisit their work, generalize it and adapt it for equivalence checking. We obtain an optimisation in the form of a reduced symbolic semantics that eliminates redundant interleavings on the fly. The obtained partial order reduction technique has been integrated in a tool called APTE. We conducted complete benchmarks showing dramatic improvements.Comment: Accepted for publication in LMC

Partial Order Reduction for Security Protocols

Security protocols are concurrent processes that communicate using cryptography with the aim of achieving various security properties. Recent work on their formal verification has brought procedures and tools for deciding trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for a bounded number of sessions. However, these procedures are based on a naive symbolic exploration of all traces of the considered processes which, unsurprisingly, greatly limits the scalability and practical impact of the verification tools. In this paper, we overcome this difficulty by developing partial order reduction techniques for the verification of security protocols. We provide reduced transition systems that optimally eliminate redundant traces, and which are adequate for model-checking trace equivalence properties of protocols by means of symbolic execution. We have implemented our reductions in the tool Apte, and demonstrated that it achieves the expected speedup on various protocols

Inconsistent Regulators: Evidence From Banking

US state chartered commercial banks are supervised alternately by state and federal regulators. Each regulator supervises a given bank for a fixed time period according to a predetermined rotation schedule. We use unique data to examine differences between federal and state regulators for these banks. Federal regulators are significantly less lenient, downgrading supervisory ratings about twice as frequently as state supervisors. Under federal regulators, banks report higher nonperforming loans, more delinquent loans, higher regulatory capital ratios, and lower ROA. There is a higher frequency of bank failures and problem-bank rates in states with more lenient supervision relative to the federal benchmark. Some states are more lenient than others. Regulatory capture by industry constituents and supervisory staff characteristics can explain some of these differences. These findings suggest that inconsistent oversight can hamper the effectiveness of regulation by delaying corrective actions and by inducing costly variability in operations of regulated entities.

Understanding Mortgage Spreads

Spreads of agency mortgage-backed securities (MBS) vary significantly in the cross section and over time, but the sources of this variation are not well understood. We document that, in the cross section, MBS spreads adjusted for the prepayment option show a pronounced smile with respect to the MBS coupon. We propose prepayment model risk as a candidate driver of MBS spreads and present a new pricing model that uses "stripped" MBS prices to identify the contribution of this risk to option-adjusted spreads. With this pricing model, we find that prepayment model risk explains the smile, while the variation in the time series is mostly accounted for by a non-prepayment-risk component, which is related to credit risk in fixed-income markets and MBS supply. Finally, we study the MBS market response to the Fed's large-scale asset purchases and show that the model is consistent with spread movements following the initial announc ement and, in particular, the fanning out of option-adjusted spreads across different coupons

Domestic political survival and international conflict: Is democracy good for peace?

We build a game-theoretic model where aggression can be triggered by domestic political concerns as well as the fear of being attacked. In the model, leaders of full and limited democracies risk losing power if they do not stand up to threats from abroad. In addition, the leader of a fully democratic country loses the support of the median voter if he attacks a non-hostile country. The result is a non-monotonic relationship between democracy and peace. Using the Polity IV dataset, we classify countries as full democracies, limited democracies, and dictatorships. For the period 1816-200, Correlates of War data suggest that limited democracies are more aggressive than other regime types, including dictatorships, and not only during periods when the political regime is changing. In particular, a dyad of limited democracies is more likely to be involved in a militarized dispute than any other dyad (including mixed dyads, where the two countries have different regime types). Thus, while full democratization might advance the cause of peace, limited democratization might advance the cause of war. We also find that as the environment becomes more hostile, fully democratic countries become more aggressive faster than other regime types

Parsing the content of bank supervision

We measure bank supervision using the database of supervisory issues, known as matters requiring attention or immediate attention, raised by Federal Reserve examiners to banking organizations. The volume of supervisory issues increases with banks' asset size, especially for the largest and most complex banks, and decreases with profitability and the quality of the loan portfolio. Stressed banks are faster at resolving issues, but all else equal, resolving new issues takes longer the more issues a bank faces, which may suggest capacity constraints in addressing multiple supervisory issues. Using computational linguistic methods on the text of the issue description, we define five categorical issue topics. The subset of issues related to capital levels and loan portfolio are the most consequential in terms of supervisory rating downgrades and are directly related to changes in banks' balance sheet characteristics and profitability. Other issues appear to reflect soft information and are less correlated with bank observables. By categorizing questions asked by analysts at banks' quarterly earnings calls using the same linguistic approach, we find that market monitors raise issues similar to those of supervisors when the issues are related to hard information (such as loan quality or capital) and public supervisory assessment programs

A Formal Analysis of 5G Authentication

Mobile communication networks connect much of the world's population. The security of users' calls, SMSs, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose. We provide the first comprehensive formal model of a protocol from the AKA family: 5G AKA. We also extract precise requirements from the 3GPP standards defining 5G and we identify missing security goals. Using the security protocol verification tool Tamarin, we conduct a full, systematic, security evaluation of the model with respect to the 5G security goals. Our automated analysis identifies the minimal security assumptions required for each security goal and we find that some critical security goals are not met, except under additional assumptions missing from the standard. Finally, we make explicit recommendations with provably secure fixes for the attacks and weaknesses we found.Comment: Categories (ACM class 2012): Security and privacy - Formal methods and theory of security -- Security requirements -- Formal security models -- Logic and verification; Network protocols - Protocol correctness -- Formal specifications; Security and privacy - Network security -- Mobile and wireless security - Security services -- Privacy-preserving protocol

Supervising large, complex financial companies: What do supervisors do?

The Federal Reserve is responsible for the prudential supervision of bank holding companies (BHCs) on a consolidated basis. Prudential supervision involves monitoring and oversight to assess whether these firms are engaged in unsafe or unsound practices, as well as ensuring that firms are taking corrective actions to address such practices. Prudential supervision is interlinked with, but distinct from, regulation, which involves the development and promulgation of the rules under which BHCs and other regulated financial intermediaries operate. This paper describes the Federal Reserve's supervisory approach for large, complex financial companies and how prudential supervisory activities are structured, staffed, and implemented on a day-to-day basis at the Federal Reserve Bank of New York as part of the broader supervisory program of the Federal Reserve System. The goal of the paper is to generate insight for those not involved in supervision into what supervisors do and how they do it. Understanding how prudential supervision works is a critical precursor to determining how to measure its impact and effectiveness

Measuring Central Bank Communication: An Automated Approach with Application to FOMC Statements

We present a new automated, objective and intuitive scoring technique to measure the content of central bank communication about future interest rate decisions based on information from the Internet and news sources. We apply the methodology to statements released by the Federal Open Market Committee (FOMC) after its policy meetings starting in 1999. Using intra-day financial quotes, we find that short-term nominal Treasury yields respond to changes in policy rates around policy announcements, whereas longer-dated Treasuries mainly react to changes in policy communication. Using lower frequency data, we find that changes in the content of the statements lead policy rate decisions by more than a year in univariate interest rate forecasting and vector autoregression (VAR) models. When we estimate Treasury yield responses to the shocks identified in the VAR, we find communication to be a more important determinant of Treasury rates than contemporaneous policy rate decisions. These results are consistent with the view that the FOMC releases information about future policy rate actions in its statements and that market participants incorporate this information when pricing longer-dated Treasuries. Finally, we decompose realized policy rate decisions using a forward-looking Taylor rule model. Based on this decomposition, we find that FOMC statements contain significant information regarding both the predicted rule-based interest rate and the Taylor-rule residual component, and that content of the statements leads the residual by a few quarters.

Исследовательская деятельность эколого-биологической направленности в НОУ "Эврика" - эффективное средство профессиональной ориентации учащихся

В статье научно-исследовательская деятельность эколого-биологической направленности старшеклассников НОУ "Эврика" г. Нижнего Новгорода рассматривается как одна из значимых инновационных форм профессионального самоопределения. Материалом исследования послужил анализ программ конференции городского научного общества учащихся "Эврика" и судьбы выпускников данного общества. Отмечена тенденция роста популярности эколого-биологических исследований среди старшеклассников г. Нижнего Новгорода и успешное вхождение в профессию выпускников научного общества учащихся.In the article, the research activity of the ecology and biology of senior pupils of the scientific society of the pupils "Eureka" in Nizhny Novgorod is considered as one of the significant innovative forms of professional self-determination. The material of the study was the analysis of the programs of the conference of the city scientific society of the students "Eureka" and the fate of the graduates of this society. The tendency of growth of popularity of ecological and biological researches among senior pupils of Nizhny Novgorod and successful entry into the profession of graduates of the scientific society of students is noted