Human Security and Crime in Latin America: The political Capital and Political Impact of Criminal Groups and Belligerents Involved in Illicit Economies

Organized crime and illegal economies generate multiple threats to states and societies. But although the negative effects of high levels of pervasive street and organized crime on human security are clear, the relationships between human security, crime, illicit economies, and law enforcement are highly complex. By sponsoring illicit economies in areas of state weakness where legal economic opportunities and public goods are seriously lacking, both belligerent and criminal groups frequently enhance some elements of human security of the marginalized populations who depend on illicit economies for basic livelihoods. Even criminal groups without a political ideology often have an important political impact on the lives of communities and on their allegiance to the State. Criminal groups also have political agendas. Both belligerent and criminal groups can develop political capital through their sponsorship of illicit economies. The extent of their political capital is dependent on several factors. Efforts to defeat belligerent groups by decreasing their financial flows through suppression of an illicit economy are rarely effective. Such measures, in turn, increase the political capital of anti-State groups. The effectiveness of anti-money laundering measures (AML) also remains low and is often highly contingent on specific vulnerabilities of the target. The design of AML measures has other effects, such as on the size of a country’s informal economy. Multifaceted anti-crime strategies that combine law enforcement approaches with targeted socio-economic policies and efforts to improve public goods provision, including access to justice, are likely to be more effective in suppressing crime than tough nailed-fist approaches. For anti-crime policies to be effective, they often require a substantial, but politically-difficult concentration of resources in target areas. In the absence of effective law enforcement capacity, legalization and decriminalization policies of illicit economies are unlikely on their own to substantially reduce levels of criminality or to eliminate organized crime. Effective police reform, for several decades largely elusive in Latin America, is one of the most urgently needed policy reforms in the region. Such efforts need to be coupled with fundamental judicial and correctional systems reforms. Yet, regional approaches cannot obliterate the so-called balloon effect. If demand persists, even under intense law enforcement pressures, illicit economies will relocate to areas of weakest law enforcement, but they will not be eliminated.

Building Regional Security: Cooperation in the 21st Century: The Case of the Caribbean Regional Security System [RSS]

Small states that lack capacity and act on their own may fall victim to international and domestic terrorism, transnational organized crime or criminal gangs. The critical issue is not whether small Caribbean states should cooperate in meeting security challenges, but it is rather in what manner, and by which mechanisms can they overcome obstacles in the way of cooperation. The remit of the Regional Security System (RSS) has expanded dramatically, but its capabilities have improved very slowly. The member governments of the RSS are reluctant to develop military capacity beyond current levels since they see economic and social development and disaster relief as priorities, requiring little investment in military hardware. The RSS depends on international donors such as the USA, Canada, Great Britain, and increasingly China to fund training programs, maintain equipment and acquire material. In the view of most analysts, an expanded regional arrangement based on an RSS nucleus is not likely in the foreseeable future. Regional political consensus remains elusive and the predominance of national interests over regional considerations continues to serve as an obstacle to any CARICOM wide regional defense mechanism. Countries in the Caribbean, including the members of the RSS, have to become more responsible for their own security from their own resources. While larger CARICOM economies can do this, it would be difficult for most OECS members of the RSS to do the same. The CARICOM region including the RSS member countries, have undertaken direct regional initiatives in security collaboration. Implementation of the recommendations of the Regional Task Force on Crime and Security (RTFCS) and the structure and mechanisms created for the staging of the Cricket World Cup (CWC 2007) resulted in unprecedented levels of cooperation and permanent legacy institutions for the regional security toolbox. The most important tier of security relationships for the region is the United States and particularly USSOUTHCOM. The Caribbean Basin Security Initiative [CBSI] in which the countries of the RSS participate is a useful U.S. sponsored tool to strengthen the capabilities of the Caribbean countries and promote regional ownership of security initiatives. Future developments under discussion by policy makers in the Caribbean security environment include the granting of law enforcement authority to the military, the formation of a single OECS Police Force, and the creation of a single judicial and law enforcement space. The RSS must continue to work with its CARICOM partners, as well as with the traditional “Atlantic Powers” particularly Canada, the United States and the United Kingdom to implement a general framework for regional security collaboration. Regional security cooperation should embrace wider traditional and non-traditional elements of security appropriate to the 21st century. Security cooperation must utilize to the maximum the best available institutions, mechanisms, techniques and procedures already available in the region. The objective should not be the creation of new agencies but rather the generation of new resources to take effective operations to higher cumulative levels. Security and non-security tools should be combined for both strategic and operational purposes. Regional, hemispheric, and global implications of tactical and operational actions must be understood and appreciated by the forces of the RSS member states. The structure and mechanisms, created for the staging of Cricket World Cup 2007 should remain as legacy institutions and a toolbox for improving regional security cooperation in the Caribbean. RSS collaboration should build on the process of operational level synergies with traditional military partners. In this context, the United States must be a true partner with shared interests, and with the ability to work unobtrusively in a nationalistic environment. Withdrawal of U.S. support for the RSS is not an option.

China's Relations with Brazil and Argentina and Implications for U.S. Security Concerns [Student's Paper Series]

This study on China’s relations with Brazil and Argentina, as well as its implications for U.S. concerns examines two main questions: Why China’s increasing influence on Brazil and Argentina may be considered a cause for U.S. security concerns? And if this is the case, how do China’s strategic alliances with the two countries has impacted U.S. leadership? In an effort to look at China’s influence from multidimensional angles and beyond China’s visible economic influence in these two countries, this paper argues that China’s interest in the Latin American region, with a focus on brazil and Argentina, responds to a more crafted, pragmatic and tailored vision with long-term strategic and political goals. The results of this study reveal that China – avoiding intra-regional competition through a strategic diversification of sectors – has been able to secure critical resources for its population as well as promote enduring alliances in the region that could represent a plausible cause of concern for U.S. interests. In this regard, China’s avoidance of a direct challenge to traditional partners’ influence has responded to the gaps left by a gradual, but steady lack of U.S. involvement.

Consolidating Security and Development in Colombia: Lessons for Peru and Panama

Colombia's increasingly effective efforts to mitigate the power of the FARC and other illegitimately armed groups in the country can offer important lessons for the Peruvian government as it strives to prevent a resurgence of Sendero Luminoso and other illegal non-state actors. Both countries share certain particular challenges: deep economic, social, and in the case of Peru ethnic divisions, the presence of and/or the effects of violent insurgencies, a large-scale narcotics production and trafficking, and a history of weak state presence in large tracts of isolated and scarcely-populated areas. Important differences exist, however in the nature of the insurgencies in the two countries, the government response to them and the nature of government and society that affects the applicability of Colombia's experience to Peru. The security threat to Panama from drug trafficking and Colombian insurgents --often a linked phenomenon-- are in many ways different from the drug/insurgent factor in Colombia itself and in Peru, although there are similar variables. Unlike the Colombian and Peruvian cases, the security threat in Panama is not directed against the state, there are no domestic elements seeking to overthrow the government -- as the case of the FARC and Sendero Luminoso, security problems have not spilled over from rural to urban areas in Panama, and there is no ideological component at play in driving the threat. Nor is drug cultivation a major factor in Panama as it is in Colombia and Peru. The key variable that is shared among all three cases is the threat of extra-state actors controlling remote rural areas or small towns where state presence is minimal. The central lesson learned from Colombia is the need to define and then address the key problem of a "sovereignity gap," lack of legitimate state presence in many part of the country. Colombia's success in broadening the presence of the national government between 2002 and the presence is owed to many factors, including an effective national strategy, improvements in the armed forces and police, political will on the part of government for a sustained effort, citizen buy-in to the national strategy, including the resolve of the elite to pay more in taxes to bring change about, and the adoption of a sequenced approach to consolidated development in conflicted areas. Control of territory and effective state presence improved citizen security, strengthened confidence in democracy and the legitimate state, promoted economic development, and helped mitigate the effect of illegal drugs. Peru can benefit from the Colombian experience especially in terms of the importance of legitimate state authority, improved institutions, gaining the support of local citizens, and furthering development to wean communities away from drugs. State coordinated "integration" efforts in Peru as practiced in Colombia have the potential for success if properly calibrated to Peruvian reality, coordinated within government, and provided with sufficient resources. Peru's traditionally weak political institutions and lack of public confidence in the state in many areas of the country must be overcome if this effort is to be successful.

South American Defense Council: What it Means for Regional Security?

The South American Defense Council (CSD), created in March 2009 as a military coordinating body of the Union of South American Nations (UNASUR) demonstrates a growing trend among Latin American countries to approach matters of regional security independent of the United States. The CSD also indicates a maturation of democratic civil military relations in a region once dominated by authoritarian military regimes. The CSD aims to facilitate the exchange of information about regional defense policies, promote collaboration for disaster relief, and promote civil-military engagement. In less than a year it is hardly a tested entity, but the presence of 12 South American states coming together around security policy marks an important moment in the evolution of civil-military relations in the region. Brazil has taken on an important leadership role in the CSD, acting as a leader in recent regional peacekeeping efforts. As a geopolitical move, Brazil also sees a benefit in promoting good relationships with all countries of South america, given its common border with nine of them. Although the United States is not a member of the CSD, the organization's agenda of infromation exchange of defense policies, military cooperation, and capacity building, including disaster assistance and preparedness provide opportunities for greater collaboration. The CSD is not part of the Inter-American System created after the Second World War. It is unclear how its work will coincide with the OAS Committee on Hemispheric Security or its Secretariat for Multidimensional Security. The U.S. should view the CSD as a mechanism to promote joint initiatives that encourage democratic governance in the region.

Security through Obscurity: Layout Obfuscation of Digital Integrated Circuits using Don't Care Conditions

Contemporary integrated circuits are designed and manufactured in a globalized environment leading to concerns of piracy, overproduction and counterfeiting. One class of techniques to combat these threats is circuit obfuscation which seeks to modify the gate-level (or structural) description of a circuit without affecting its functionality in order to increase the complexity and cost of reverse engineering. Most of the existing circuit obfuscation methods are based on the insertion of additional logic (called “key gates”) or camouflaging existing gates in order to make it difficult for a malicious user to get the complete layout information without extensive computations to determine key-gate values. However, when the netlist or the circuit layout, although camouflaged, is available to the attacker, he/she can use advanced logic analysis and circuit simulation tools and Boolean SAT solvers to reveal the unknown gate-level information without exhaustively trying all the input vectors, thus bringing down the complexity of reverse engineering. To counter this problem, some ‘provably secure’ logic encryption algorithms that emphasize methodical selection of camouflaged gates have been proposed previously in literature [1,2,3]. The contribution of this paper is the creation and simulation of a new layout obfuscation method that uses don't care conditions. We also present proof-of-concept of a new functional or logic obfuscation technique that not only conceals, but modifies the circuit functionality in addition to the gate-level description, and can be implemented automatically during the design process. Our layout obfuscation technique utilizes don’t care conditions (namely, Observability and Satisfiability Don’t Cares) inherent in the circuit to camouflage selected gates and modify sub-circuit functionality while meeting the overall circuit specification. Here, camouflaging or obfuscating a gate means replacing the candidate gate by a 4X1 Multiplexer which can be configured to perform all possible 2-input/ 1-output functions as proposed by Bao et al. [4]. It is important to emphasize that our approach not only obfuscates but alters sub-circuit level functionality in an attempt to make IP piracy difficult. The choice of gates to obfuscate determines the effort required to reverse engineer or brute force the design. As such, we propose a method of camouflaged gate selection based on the intersection of output logic cones. By choosing these candidate gates methodically, the complexity of reverse engineering can be made exponential, thus making it computationally very expensive to determine the true circuit functionality. We propose several heuristic algorithms to maximize the RE complexity based on don’t care based obfuscation and methodical gate selection. Thus, the goal of protecting the design IP from malicious end-users is achieved. It also makes it significantly harder for rogue elements in the supply chain to use, copy or replicate the same design with a different logic. We analyze the reverse engineering complexity by applying our obfuscation algorithm on ISCAS-85 benchmarks. Our experimental results indicate that significant reverse engineering complexity can be achieved at minimal design overhead (average area overhead for the proposed layout obfuscation methods is 5.51% and average delay overhead is about 7.732%). We discuss the strengths and limitations of our approach and suggest directions that may lead to improved logic encryption algorithms in the future. References: [1] R. Chakraborty and S. Bhunia, “HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493–1502, 2009. [2] J. A. Roy, F. Koushanfar, and I. L. Markov, “EPIC: Ending Piracy of Integrated Circuits,” in 2008 Design, Automation and Test in Europe, 2008, pp. 1069–1074. [3] J. Rajendran, M. Sam, O. Sinanoglu, and R. Karri, “Security Analysis of Integrated Circuit Camouflaging,” ACM Conference on Computer Communications and Security, 2013. [4] Bao Liu, Wang, B., "Embedded reconfigurable logic for ASIC design obfuscation against supply chain attacks,"Design, Automation and Test in Europe Conference and Exhibition (DATE), 2014 , vol., no., pp.1,6, 24-28 March 2014.

Probabilistic Security Constrained Fuzzy Power Flow Models

In restructured power systems, generation and commercialization activities became market activities, while transmission and distribution activities continue as regulated monopolies. As a result, the adequacy of transmission network should be evaluated independent of generation system. After introducing the constrained fuzzy power flow (CFPF) as a suitable tool to quantify the adequacy of transmission network to satisfy 'reasonable demands for the transmission of electricity' (as stated, for instance, at European Directive 2009/72/EC), the aim is now showing how this approach can be used in conjunction with probabilistic criteria in security analysis. In classical security analysis models of power systems are considered the composite system (generation plus transmission). The state of system components is usually modeled with probabilities and loads (and generation) are modeled by crisp numbers, probability distributions or fuzzy numbers. In the case of CFPF the component’s failure of the transmission network have been investigated. In this framework, probabilistic methods are used for failures modeling of the transmission system components and possibility models are used to deal with 'reasonable demands'. The enhanced version of the CFPF model is applied to an illustrative case.

Modelling Denial of Service Attacks on JFK with Meadow's Cost-Based Framework

We present the first detailed application of Meadows’s cost-based modelling framework to the analysis of JFK, an Internet key agreement protocol. The analysis identifies two denial of service attacks against the protocol that are possible when an attacker is willing to reveal the source IP address. The first attack was identified through direct application of a cost-based modelling framework, while the second was only identified after considering coordinated attackers. Finally, we demonstrate how the inclusion of client puzzles in the protocol can improve denial of service resistance against both identified attacks.

Efficient one-round key exchange in the standard model

We consider one-round key exchange protocols secure in the standard model. The security analysis uses the powerful security model of Canetti and Krawczyk and a natural extension of it to the ID-based setting. It is shown how KEMs can be used in a generic way to obtain two different protocol designs with progressively stronger security guarantees. A detailed analysis of the performance of the protocols is included; surprisingly, when instantiated with specific KEM constructions, the resulting protocols are competitive with the best previous schemes that have proofs only in the random oracle model.

Efficient one-round key exchange in the efficient one-round key exchange in the standard model

We consider one-round key exchange protocols secure in the standard model. The security analysis uses the powerful security model of Canetti and Krawczyk and a natural extension of it to the ID-based setting. It is shown how KEMs can be used in a generic way to obtain two different protocol designs with progressively stronger security guarantees. A detailed analysis of the performance of the protocols is included; surprisingly, when instantiated with specific KEM constructions, the resulting protocols are competitive with the best previous schemes that have proofs only in the random oracle model.

Efficient one-round key exchange in the standard model

We consider one-round key exchange protocols secure in the standard model. The security analysis uses the powerful security model of Canetti and Krawczyk and a natural extension of it to the ID-based setting. It is shown how KEMs can be used in a generic way to obtain two different protocol designs with progressively stronger security guarantees. A detailed analysis of the performance of the protocols is included; surprisingly, when instantiated with specific KEM constructions, the resulting protocols are competitive with the best previous schemes that have proofs only in the random oracle model.