The portuguese insurance industry: basis for strategic process decision

Nowadays, the Portuguese insurance industry operates in a market with a much more aggressive structure than a few decades ago. Markets and the economy have become globalised since the last decade of the 20th century. Market forces have gradually shifted – power is now mainly on the demand side. In order to meet the new requirements, the insurance industry must develop a strong strategic ability to respond to constant changes of the new international economic order.One of the basic aspects of this strategic development will focus on the ability to predict the future. We introduce the subject by briefly describing the sector, its organisational structure in the Portuguese market, and challenges arising from the development of the European Union. We then analyse the economic and financial structure of the sector. From this point of view, we aim at the possibility of designing models that could explain the demand for insurance, claims and technical reserves evolution. Such models, (even if based on the past), would resolve, at least partly, one of the greatest difficulties experienced by insurance companies when estimating the budget. Thus, we examine the existence of variables that explain the previous points, which are capable of forming a basis for designing models that are simple but efficient, and can be used for strategic planning.

Biblioteca para a realização de security token services

A família de especificações WS-* define um modelo de segurança para web services, baseado nos conceitos de claim, security token e Security Token Service (STS). Neste modelo, a informação de segurança dos originadores de mensagens (identidade, privilégios, etc.) é representada através de conjuntos de claims, contidos dentro de security tokens. A emissão e obtenção destes security tokens, por parte dos originadores de mensagens, são realizadas através de protocolos legados ou através de serviços especiais, designados de Security Token Services, usando as operações e os protocolos definidos na especificação WS-Trust. O conceito de Security Token Service não é usado apenas no contexto dos web services. Propostas como o modelo dos Information Cards, aplicável no contexto de aplicações web, também utilizam este conceito. Os Security Token Services desempenham vários papéis, dependendo da informação presente no token emitido. São exemplos o papel de Identity Provider, quando os tokens emitidos contêm informação de identidade, ou o papel de Policy Decision Point, quando os tokens emitidos definem autorizações. Este documento descreve o projecto duma biblioteca software para a realização de Security Token Services, tal como definidos na norma WS-Trust, destinada à plataforma .NET 3.5. Propõem-se uma arquitectura flexível e extensível, de forma a suportar novas versões das normas e as diversas variantes que os Security Token Services possuem, nomeadamente: o tipo dos security token emitidos e das claims neles contidas, a inferência das claims e os métodos de autenticação das entidades requerentes. Apresentam-se aspectos de implementação desta arquitectura, nomeadamente a integração com a plataforma WCF, a sua extensibilidade e o suporte a modelos e sistemas externos à norma. Finalmente, descrevem-se as plataformas de teste implementadas para a validação da biblioteca realizada e os módulos de extensão da biblioteca para: suporte do modelo associado aos Information Cards, do modelo OpenID e para a integração com o Authorization Manager.

Improving Remote Voting Security with Code Voting

One of the major problems that prevents the spread of elections with the possibility of remote voting over electronic networks, also called Internet Voting, is the use of unreliable client platforms, such as the voter's computer and the Internet infrastructure connecting it to the election server. A computer connected to the Internet is exposed to viruses, worms, Trojans, spyware, malware and other threats that can compromise the election's integrity. For instance, it is possible to write a virus that changes the voter's vote to a predetermined vote on election's day. Another possible attack is the creation of a fake election web site where the voter uses a malicious vote program on the web site that manipulates the voter's vote (phishing/pharming attack). Such attacks may not disturb the election protocol, therefore can remain undetected in the eyes of the election auditors. We propose the use of Code Voting to overcome insecurity of the client platform. Code Voting consists in creating a secure communication channel to communicate the voter's vote between the voter and a trusted component attached to the voter's computer. Consequently, no one controlling the voter's computer can change the his/her's vote. The trusted component can then process the vote according to a cryptographic voting protocol to enable cryptographic verification at the server's side.

Optimal insurance with counterparty default risk

We study the design of optimal insurance contracts when the insurer can default on its obligations. In our model default arises endogenously from the interaction of the insurance premium, the indemnity schedule and the insurer’s assets. This allows us to understand the joint effect of insolvency risk and background risk on efficient contracts. The results may shed light on the aggregate risk retention sched- ules observed in catastrophe reinsurance markets, and can assist in the design of (re)insurance programs and guarantee funds.

Tools for testing the Solvency Capital Requirement for life insurance

Longevity risk is one of the major risks that an insurance company or a pension fund has to deal with and it is expected that its importance will grow in the near future. In agreement with these considerations, in Solvency II regulation the Standard formula furnished for calculating the Solvency Capital Requirement explicitly considers this kind of risk. According to the new European rules in our paper we suggest a multiperiod approach to evaluate the SCR for longevity risk. We propose a backtesting framework for measuring the consistency of SCR calculations for life insurance policies.