Public Certificates Research Articles

Literacy and Financial Education: Private Providers, Public Certification and Political Preferences

AbstractFinancial education can influence the level of financial literacy. In many countries public authorities implement financial education policy by means of ex ante certification of both private and public providers of education activities. This article uses political economy, educational marketing and text analysis as complementary tools to offer a positive analysis of such setting. Being financial education a credence good and given the key assumption that financial literacy is a country state–contingent endowment that deteriorates, as a consequence of innovation, the third-party certification can be considered as a strategic governance solution. Yet, when a public agency acts as third-party certifier, political and bureaucratic incentives shape its action. In particular, political activism in financial education can be motivated by financial instability worries. Such theoretical relationship is empirically confirmed applying text analyses, and using financial education narrative as a proxy for activism both for the politicians of the European Parliament and the bureaucrats of the ECB in the period 1997–2024.

On The Zero-Trust Intranet Certification Problem

Securing corporate networks and ensuring the trustworthiness of network resources are critical security concerns for organisations in today's interconnected digital landscape. The zero-trust security model is an approach to designing and implementing ICT systems which prescribes that clients and servers cannot be trusted automatically, even when connected to networks traditionally considered trusted. The implementation of the zero-trust model within the corporate intranet requires a secure method to verify the identity of local servers. On the Internet, trust in the identity of public servers is established by well-known public Certificate Authorities (CAs), which issue digital certificates to securely identify servers. However, local intranet servers exist within the internal address space of the network. Consequently, it is impossible to naturally obtain digital certificates for these servers, validly signed by a public CA, without publicly disclosing sensitive information such as intranet server Domain Name System (DNS) records. This leaves organisations with the option of relying on endpoint management systems to install custom CA root certificates on all corporate browsers or, in some cases, ignoring the problem altogether. In this paper, we draw on practical experience in the deployment of cybersecurity devices in corporate intranets to formally define the intranet certification problem. We specify five requirements that a solution to this problem must satisfy. We then conduct a comprehensive review of existing candidate solutions and academic research relevant to the intranet certification problem. Specifically, existing ICT systems for public key infrastructure and endpoint management are identified and evaluated with respect to their ability to meet the stated requirements for solving the intranet certification problem, as well as their cost. Our study reveals that solutions that meet the technical and security requirements of the intranet certification problem are beyond the reach of smaller private sector companies and public sector organisations in underdeveloped and emerging economies. The high cost and technical expertise required for their implementation and management render these solutions impractical. Consequently, by relying on servers with self-signed certificates, these entities inadvertently leave their servers susceptible to impersonation, information theft, and unauthorised resource access, thus violating the fundamental principles of the zero-trust model. We conclude that a gap exists for a simple, cost-effective, and easily managed solution to the intranet certification problem.

Two Sides of the same Coin: Financial Education, Education Marketing and Public Certification

Two Sides of the same Coin: Financial Education, Education Marketing and Public Certification

Edge-Cloud-Assisted Certificate Revocation Checking: An Efficient Solution Against Irresponsible Service Providers

Certificate revocation checking (CRC) is a fundamental requirement in certificate-based public-key cryptographic systems. Most existing CRC schemes are not tailored for edgecloud computing systems, and directly applying these schemes would cause security and efficiency problems. In this paper, we first propose a two-layer edge-cloud-assisted CRC framework, dubbed ECA-CRC, where edge nodes utilizing a probabilistic checking algorithm serve as a first layer, and the cloud server utilizing a deterministic checking algorithm serves as a second layer. Both the edge nodes and the cloud server collaboratively provide verifiable CRC services for devices. The most prominent manifestations of ECA-CRC are that (1) most CRC requests can be processed with the probabilistic checking layer, which reduces the checking delay significantly while providing an accurate CRC service; (2) devices can detect the irresponsible behavior of the service provider, including using an incorrect revoked certificate set (RCS) to compute checking results or procrastinating on updating the RCS, as soon as possible.We then propose an efficient instantiation of ECA-CRC, dubbed eECACRC, by utilizing a Merkle hash tree (MHT) based homomorphic signature, Cuckoo filter, and Othello. We formally prove the security of eECA-CRC against the irresponsible service provider under the random oracle model. We implement an eECA-CRC prototype and conduct a comprehensive performance evaluation based on a public certificate database. Our results show that 95% of CRC requests are completed on the edge nodes, and only 5% of CRC requests need to be handled by the cloud server.

Beyond compliance: public voluntary standards and their effect on state institutional capacity in Vietnam

ABSTRACT Public certification standards have received limited scholarly attention, especially the institutional capacity of public authorities that develop and implement these standards to address complex challenges, such as the promotion of industrial ecology and industrial symbiosis for enhancing resource use efficiency. This research uses an institutional capacity assessment framework to examine the ways in which a voluntary public standard for certifying eco-industrial parks affected the Vietnamese state’s capacity to coordinate and implement industrial ecology. The article draws upon the interviews and a review of official documentation to show that the benefits of public standards extend beyond compliance to the enhancement of state capacities to coordinate complex policy domains such as industrial ecology. The findings contribute to providing a basis to redesign standard-setting processes to move beyond end-user compliance and provide insights into how public actors can more effectively address ‘systemic’ sustainability challenges – from circular economy ambitions to the Sustainable Development Goals.

The impact of private and public certification schemes and labels on smallholder participation in agricultural trade

The impact of private and public certification schemes and labels on smallholder participation in agricultural trade

Development of Verification of non-financial reporting in Russia

The article is devoted to the audit of non-financial statements of commercial organizations. Currently, the significant increasing number of commercial organizations are forming and posting non-financial reports on their official websites, as well as on the websites of public organizations. Since there is no unified methodology for the formation of non-financial reporting in Russia, the problem of its audit arises in this regard. Audit of non-financial statements in the literature is called as verification, assurance (confirmation). The purpose of the article is to investigate the correlation between these concepts. The methodological basis of the study includes the Russian and foreign regulatory framework in the field of formation and verification of non-financial reporting of commercial organizations. The article provides an overview of the system of normative regulation of verification of non-financial reporting. The classification of types of verification of non-financial statements is also presented in the article. Based on the data of the Russian Union of Industrialists and Entrepreneurs (RSPP), a study was conducted on the number of Russian companies that passed public certification and verification from 2010 to 2020. The classification of types of conclusions and forms of conclusions based on the results of verification of non-financial statements of commercial organizations is proposed in the article. The theoretical and practical significance of the study lies in the justification and substantiation of the verification procedure of non-financial reporting and the choice of the optimal method or combination of its assurance (confirmation).

Financial Education between Market and State: Private Commitment, Conflicts of Interest and Public Certification

Financial Education between Market and State: Private Commitment, Conflicts of Interest and Public Certification

Blockchain Smart Contract to Prevent Forgery of Degree Certificates: Artificial Intelligence Consensus Algorithm

Certificates are often falsified, such as fake diplomas and forged transcripts. As such, many schools and educational institutions have begun to issue diplomas online. Although diplomas can be issued conveniently anytime, anywhere, there are many cases wherein diplomas are forged through hacking and forgery. This paper deals with the required Blockchain diploma. In addition, we use an automatic translation system, which incorporates natural language processing, to perform verification work that does not require an existing public certificate. The hash algorithm is used to authenticate security. This paper also proposes the use of these security protocols to provide more secure data protection. In addition, each transaction history, whether a diploma is true or not, may be different in length if it is presented in text, but converting it into a hash function means that it is always more than a certain length of SHA-512 or higher. It is then verified using the time stamp values. These chaining codes are designed. This paper also provides the necessary experimental environment. At least 10 nodes are constructed. Blockchain platform development applies and references Blockchain standardization, and a platform test, measurement test, and performance measurement test are conducted to assess the smart contract development and performance measurement. A total of 500 nodes were obtained by averaging 200 times, and a Blockchain-based diploma file was agreed upon at the same time. It shows performance information of about 4100 TPS. In addition, the analysis of artificial intelligence distribution diagram was conducted using a four-point method, and the distribution chart was evenly distributed, confirming the diploma with the highest similarity. The verified values were then analyzed. This paper proposes these natural language processing-based Blockchain algorithms.

User Authentication Method via Speaker Recognition and Speech Synthesis Detection

As the Internet has been developed, various online services such as social media services are introduced and widely used by many people. Traditionally, many online services utilize self-certification methods that are made using public certificates or resident registration numbers, but it is found that the existing methods pose the risk of recent personal information leakage accidents. The most popular authentication method to compensate for these problems is biometric authentication technology. The biometric authentication techniques are considered relatively safe from risks like personal information theft, forgery, etc. Among many biometric-based methods, we studied the speaker recognition method, which is considered suitable to be used as a user authentication method of the social media service usually accessed in the smartphone environment. In this paper, we first propose a speaker recognition-based authentication method that identifies and authenticates individual voice patterns, and we also present a synthesis speech detection method that is used to prevent a masquerading attack using synthetic voices.

Revealing the Needs of College Students Studying English in an Extracurricular Program

This study examined the needs of various College students who are participating in an extracurricular program called “English Clinic.” In this program, students can ask questions about their English study and get help from English professors on an individual basis. The content of the questions was analyzed and compared according to both the majors and the years of the students. The most frequent questions asked by these students were those involving advice for preparing and planning for a public certification test, such as the TOEIC test. General study methods to improve their English skills and help with grammar learning were the second most frequently asked questions. Interestingly, there were quite a number of questions concerning the effectiveness of the study method regarding the course that they were currently taking. Their majors and years showed a difference in the frequency and content of each question category.</br>The study concluded that English Clinic should provide help of a more comprehensive nature, assisting the students not only by giving them writing feedback--which is all too common with such English Clinic programs―but by helping them with their very study process as well. Based on the results, this study makes suggestions regarding the development of certain programs and methods in order to better help those students who are in need of specific skills.

Enhancing Digital Certificate Usability in Long Lifespan IoT Devices by Utilizing Private CA

Today, smart devices and services have become a part of our daily life. These devices and services offer a richer user experience with a much higher quality of services than before. Many of them utilize sensing functions via cloud architecture to perform remote device controls and monitoring. Generally, the security of the communication between these devices and the service provider (e.g., cloud server) is achieved by using the TLS protocol via PKI standard. In this study, we investigate the risk associating with the use of public certificate authorities (CAs) in a PKI-based IoT system. An experiment is conducted to demonstrate existing vulnerabilities in real IoT devices available in the market. Next, the use of a private CA in the cloud-centric IoT architecture is proposed to achieve better control over the certificate issuing process and the validity period of the certificate. Lastly, the security analysis pointing out the strengths and drawbacks of the proposed method is discussed in detail.

Non-Invertible Public Key Certificates.

Post-quantum public cryptosystems introduced so far do not define a scalable public key infrastructure for the quantum era. We demonstrate here a public certification system based on Lizama’s non-invertible key exchange protocol which can be used to implement a secure, scalable, interoperable and efficient public key infrastructure (PKI). We show functionality of certificates across different certification domains. Finally, we discuss a method that enables non-invertible certificates to exhibit perfect forward secrecy (PFS).

The Interaction of Private and Public Governance: The Case of Sustainability Standards for Palm Oil

By providing insights into the interaction between private-driven and public-driven governance initiatives in the context of the “Roundtable of Sustainable Palm Oil” (RSPO) and the “Indonesian Sustainable Palm Oil” (ISPO), this article sheds new light the interaction between private and public governance. It investigates how the relationship between the RSPO and the ISPO evolves over time and who and what drives this evolution. While the interaction between these standard schemes has initially largely been characterized by competition, it has become more collaborative and also coordinated in nature. This article argues that the experimentalist architecture of palm oil governance has fostered mechanisms for coordination across public and private certification schemes and has helped to join up the separate components of the regime complex through productive interactions. At the same time, several gaps and challenges remain, especially in light of the different interests of the multiple public and private actors involved in palm oil.

Blockchain-Based Certificate Transparency and Revocation Transparency

Traditional X.509 public key infrastructures (PKIs) depend on trusted certification authorities (CAs) to sign certificates, used in SSL/TLS to authenticate web servers and establish secure channels. However, recent security incidents indicate that CAs may (be compromised to) sign fraudulent certificates. In this article, we propose blockchain-based certificate transparency (CT) and revocation transparency (RT) to balance the absolute authority of CAs. Our scheme is compatible with X.509 PKIs but significantly reinforces the security guarantees of a certificate. The CA-signed certificates and their revocation status information of an SSL/TLS web server are published by the subject (i.e., the web server) as a transaction in the global certificate blockchain. The certificate blockchain acts as append-only public logs to monitor CAs’ certificate signing and revocation operations, and an SSL/TLS web server is granted with the cooperative control on its certificates. A browser compares the certificate received in SSL/TLS negotiations with the ones in the public certificate blockchain, and accepts it only if it is published and not revoked. We implement the prototype system with Firefox and Nginx, and the experimental results show that it introduces reasonable overheads.

¿Agroecología o agricultura orgánica?

This paper carries out a study on the definition and meaning of the terms agroecology and organic agriculture within the national context of Argentine. If the ambiguity and vagueness of natural language is useful for everyday use, however, it is a problem for the sciences when they seek to clarify their concepts. Thus, the text makes a philosophical and conceptual analysis on the selected terms based on classical scientific references and on the Argentina legal regulation. On the one hand, agroecology is a discipline that supports a model of sustainable and resilient agriculture. In the other hand, organic agriculture is an ambiguous term that needs to be understood from the specific national regulations, which have a historical emergence and a specific purpose. From these ideas, it is possible to differentiate between a scientific-technological matrix and a production system and his public certification.

Enforcement mechanisms and governance structures to protect a region of origin lamb product

PurposeThis paper aims to make an empirical contribution by investigating the enforcement mechanisms and governance structures required to protect and govern a regional food product when public certification fails. As one of the recent additions to South Africa’s repertoire of products with a designated origin, Karoo Lamb made for an interesting case study.Design/methodology/approachA conjoint analysis was conducted to elicit the farmers’ preferred enforcement mechanisms to protect the authenticity of the Karoo Lamb product. The investigation, furthermore, draws on survey data collected among 73 farmers, five abattoirs, two processors/packers and five retail outlets to evaluate the governance structures of the Karoo Lamb supply chain.FindingsThe results indicate that due to failed public certification that is governed by market-like structures, Karoo Lamb is better off being governed by hierarchical structures. These structures are expected to allow for a stronger focus on stricter enforcement mechanisms.Practical implicationsAt the farm level, the Karoo Lamb supply chain requires better enforcement mechanisms to protect the unique attributes of origin and taste to ensure the authenticity of Karoo Lamb. This change towards stricter enforcement requires more hierarchical structures to allow for private or mutual enforcement mechanisms.Originality/valueThis paper contributes empirically to the governance structure knowledge base by analysing the enforcement mechanisms and governance structures needed to enforce and protect, the quality and origin standards of a region of origin product, Karoo Lamb, in South Africa.

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

Zero-Knowledge Proof-of-Identity from trusted public certificates (e.g., national identity cards and/or ePassports; eSIM) is introduced here to permissionless blockchains in order to remove the inefficiencies of Sybil-resistant mechanisms such as Proof-of-Work (i.e., high energy and environmental costs) and Proof-of-Stake (i.e., capital hoarding and lower transaction volume). The proposed solution effectively limits the number of mining nodes a single individual would be able to run while keeping membership open to everyone, circumventing the impossibility of full decentralization and the blockchain scalability trilemma when instantiated on a blockchain with a consensus protocol based on the cryptographic random selection of nodes. Resistance to collusion is also considered. Solving one of the most pressing problems in blockchains, a zk-PoI cryptocurrency is proved to have the following advantageous properties: - an incentive-compatible protocol for the issuing of cryptocurrency rewards based on a unique Nash equilibrium - strict domination of mining over all other PoW/PoS cryptocurrencies, thus the zk-PoI cryptocurrency becoming the preferred choice by miners is proved to be a Nash equilibrium and the Evolutionarily Stable Strategy - PoW/PoS cryptocurrencies are condemned to pay the Price of Crypto-Anarchy, redeemed by the optimal efficiency of zk-PoI as it implements the social optimum - the circulation of a zk-PoI cryptocurrency Pareto dominates other PoW/PoS cryptocurrencies - the network effects arising from the social networks inherent to national identity cards and ePassports dominate PoW/PoS cryptocurrencies - the lower costs of its infrastructure imply the existence of a unique equilibrium where it dominates other forms of payment

Intellectual property rights as branding services for exports value-adding: an analysis of Chile-s -Sello de Origen- programme

Intellectual property rights (IPRs) such as geographical indications (GIs), appellations of origin (AO), collective and certifications marks are intangible assets used as branding services to add value to products with unique characteristics derived from their geographical origin. Sello de Origen programme is a public certification trademark created in 2012 to preserve and stimulate the reputation and quality of traditional occupations and singular products in Chile using the IPRs mentioned. This research analysed the perceived impact of this programme as a branding service to add value to seven traditional products, through semi-structured interviews to key stakeholders from both private and public sectors. The programme has not achieved the expected benefits as small-scale producers do not know how to properly implement the seal, they are not working collaboratively. Therefore more coordination among public institutions is needed.

Privacy Enhanced Healthcare Information Sharing System for Home-Based Care Environments.

ObjectivesHome-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems.MethodsWe realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government.ResultsContext-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions.ConclusionsThe proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.