A Slow March from Social Evil to Harm Reduction: Drugs and Drug Policy in Vietnam

The suppression of drug consumption and trade is high on the Government of Vietnam’s agenda. To accomplish this goal, Vietnam employs repressive policies that often contravene international human rights law. Among the most detrimental and problematic policies are the incarceration of drug users in compulsory treatment centers, and the stigmatization and abuse of consumers by the police. That said, Vietnamese drug policy is slowly changing in the face of one of Asia’s worst ongoing HIV epidemics. While the Communist Government of the early-1990s designated illicit drugs as a “social evil” to be eradicated through punitive and often repressive means, the recent implementation of harm reduction approaches have reduced the level of needle sharing, and thus HIV transmission. This briefing will explore the current trends in drug consumption, production, and trafficking before looking at the key harms and threats associated with drugs in Vietnam. This will be followed by a summary of Vietnam’s drug policies, including the country’s approach to drug treatment, harm reduction, and illicit opium suppression—Vietnam is one of a small number of states to have suppressed illicit opium production, an intervention that centred upon coercive negotiations with limited alternative development. The briefing will conclude with some tentative recommendations for reform and thoughts on what could be expected from Vietnam during the Special Session of the United Nations General Assembly on the World Drug Problem (UNGASS 2016).

Eliciting Security Requirements and Tracing them to Design: An Integration of Common Criteria, Heuristics, and UMLsec

Building secure systems is difficult for many reasons. This paper deals with two of the main challenges: (i) the lack of security expertise in development teams, and (ii) the inadequacy of existing methodologies to support developers who are not security experts. The security standard ISO 14508 (Common Criteria) together with secure design techniques such as UMLsec can provide the security expertise, knowledge, and guidelines that are needed. However, security expertise and guidelines are not stated explicitly in the Common Criteria. They are rather phrased in security domain terminology and difficult to understand for developers. This means that some general security and secure design expertise are required to fully take advantage of the Common Criteria and UMLsec. In addition, there is the problem of tracing security requirements and objectives into solution design,which is needed for proof of requirements fulfilment. This paper describes a security requirements engineering methodology called SecReq. SecReq combines three techniques: the Common Criteria, the heuristic requirements editorHeRA, andUMLsec. SecReqmakes systematic use of the security engineering knowledge contained in the Common Criteria and UMLsec, as well as security-related heuristics in the HeRA tool. The integrated SecReq method supports early detection of security-related issues (HeRA), their systematic refinement guided by the Common Criteria, and the ability to trace security requirements into UML design models. A feedback loop helps reusing experiencewithin SecReq and turns the approach into an iterative process for the secure system life-cycle, also in the presence of system evolution.