P. 1
IS2

IS2

|Views: 1,576|Likes:
Published by Shailesh Dewan

More info:

Published by: Shailesh Dewan on Mar 21, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPTX, PDF, TXT or read online from Scribd
See more
See less

05/06/2013

pdf

text

original

Sections

  • Unit 2
  • PROGRAM SECURITY
  • Topics to be covered
  • Program related issues
  • Non malicious program errors
  • Security Implications
  • Incomplete mediation-Solution
  • errors
  • Security Implication
  • Viruses and other malicious code
  • Malicious code-possibilities
  • Formal Definition
  • Kinds of Malicious code
  • Malicious Code Taxonomy
  • Threats divided into two categories
  • Virus
  • Appended viruses
  • Viruses that surround a program
  • Integrated viruses & replacements
  • More Secure !!!
  • How viruses gain control
  • Desirable qualities in viruses
  • Homes for viruses
  • One-time execution
  • Boot sector viruses
  • Memory resident viruses
  • Other homes for viruses
  • Virus signatures
  • Storage Patterns
  • Transmission patterns
  • Polymorphic viruses
  • Prevention of virus infection
  • Salami attack
  • Covert channels
  • Conclusion
  • SRM
  • Controls against program threats
  • Development Controls
  • Modularity
  • Advantages of modularity
  • Encapsulation
  • Information hiding
  • Peer reviews
  • Hazard Analysis
  • Good Design
  • Lessons from mistakes
  • OS controls on use of program
  • Administrative controls
  • Program controls in general
  • End of program security

unlL 2

Þ8CC8AM SLCu8l1?
1oplcs Lo be covered
W Secure proaramsţ
W non mallclous Þroaram Lrrorsţ
W vlruses and oLher mallclous code
W 1vpes of vlruses
W ALLack mechanlsm of vlruses
W 1araeLed Mallclous Code
W ConLrols AaalnsL Þroaram 1hreaLsŦ
Þroaram relaLed lssues
W Mallclous proaram errors
W nonŴmallclous proaram flaws
non mallclous proaram errors
W 8uffer overflow
W lncompleLe medlaLlon
W 1lmeŴofŴcheck Lo LlmeŴofŴuse errors
8uffer overflow
W char sampleż10Ž seLs aslde Len bvLes of
memorv
sampleż10Žƹ'A'Ť
sampleżlŽƹ'A'Ť
W All proaram and daLa resldes ln memorv
durlna execuLlonţ sharlna Lhe space wlLh Lhe
CSţ oLher code and resldenL rouLlnes
8uffer overflow
W lf Lhe exLra characLer overwrlLes user's daLaţ lL
mav affecL Lhe proaram's resulLs buL noL oLher
proarams
W lf lL overflows lnLo Lhe user's proaram areaţ
and overwrlLes an lnsLrucLlon Lo be execuLed
Lhe machlne wlll Lrv Lo execuLe 0x41
Places
where a
BuIIer
Can
OverIlow
SecurlLv lmpllcaLlons
W 1he aLLacker mav replace code ln svsLem space
bv oLher lnsLrucLlons whlch wlll cause conLrol
Lo be Lransferred Lo Lhe aLLacker wlLh CS
prlvlleaes
W 1he aLLacker could replace Lhe reLurn address
lncompleLe medlaLlon
W hLLpť//wwwŦsomeslLeŦcom/subpaae/userlnpuLƎp
aram1ƹ(808)333Ŵ212 Ǝparam2ƹ2002!an01
W WhaL lf param2 were 1800!an01?
Cr 1800leb30? Cr 2048Mln32? Cr
1Aardvark2Manv?
W A rouLlne could fall on a daLa Lvpe error
W 8ecelvlna proaram aeneraLes wrona resulL
W 1he recelvlna proaram mlahL have a defaulL
condlLlon
W Anv suaaesLlons??
lncompleLe medlaLlonŴSoluLlon
rrAnLlclpaLe poLenLlal problems
rrCllenL slde valldaLlon
rr8esLrlcL cholces Lo valld ones
rr8u1ţ Lhe user could sLlll edlL Lhe u8L
rr1he server has no wav Lo Lell lf Lhe u8L
was edlLed or came from Lhe web form
LxplolLed less ofLen Lhan buffer overflows
buL easllv explolLable
1lmeŴLoŴcheck Lo LlmeŴofŴuse
errors
rrlnvolves svnchronlzaLlon
rrModern CS's and processors usuallv chanae Lhe
order of lnsLrucLlon execuLlon Lo lncrease
performance
rrlnsLrucLlons LhaL appear Lo be ad[acenL mav noL be
execuLed lmmedlaLelv afLer each oLherţ because of
lnLenLlonallv chanaed order or Lhe effecLs of oLher
processes ln concurrenL execuLlon
1lmeŴLoŴcheck Lo LlmeŴofŴuse
errors
rrLverv requesLed access musL be aoverned bv an
access pollcv sLaLlna who ls allowed access whaLţ
Lhen Lhe requesL musL be medlaLed bv an access
pollcv enforcemenL aaenL
rrAn lncompleLe medlaLlon problem occurs lf Lhe
access ls noL checked unlversallv
1lmeŴLoŴcheck Lo LlmeŴofŴuse
errors
W A person draws LhlrLeen 8s 10 noLes from hls
pockeLţ carefullv counLs Lhem and places Lhem
ln fronL of Lhe sellerŦ
W When Lhe seller Lurns around Lo make hls blllţ
he Lakes back one 8s 10 noLeţ hands over Lhe
sLack of noLesţ Lakes hls buv and leaves
1lmeŴLoŴcheck Lo LlmeŴofŴuse
errors
An appllcaLlon requesLs access Lo a flle and
passes a daLa sLrucLureŦ 1he medlaLor sLores
Lhe fllename locallv Ǝ checks for access rlahLsŦ
Whlle Lhe medlaLor checks for accessţ Lhe user
mav modlfv Lhe locallv sLored flle name and
aaln access Lo a dlfferenL flle
ata Structure Ior File Access.
ModiIied ata.
SecurlLv lmpllcaLlon
rrChecklna one acLlon and performlna anoLher ls an
example of lneffecLlve access conLrol
SoluLlons??
rrulalLal slanaLures and cerLlflcaLesŦ 1lmeŴofŴcheck ls
when someone slans and LlmeŴofŴuse ls when
anvone verlfles Lhe slanaLureŦ lf Lhe prlvaLe kev ls
exposedţ Lhe kev musL be revoked (for lmaae use
WaLermarklna ŧuLMC)
vlruses and oLher mallclous code
W Much of Lhe work done bv proarams ls lnvlslble Lo
usersŦ Pow can vou Lell lf a aame proaram does
noLhlna ln addlLlon Lo lLs expecLed lnLeracLlon wlLh
vou?
W Mallclous people can make proarams serve as
vehlcles Lo access and chanae daLa and oLher
proarams
W unanLlclpaLed or undeslred effecLs ln proaram parLs
Mallclous codeŴposslblllLles
rr WrlLe a messaae Lo Lhe screen
rr SLopplna a runnlna proaram
rr CeneraLlna a sound
rr Lraslna a sLored flle
rr Lle dormanL unLll some evenL Lrlaaers Lhe
code
lormal ueflnlLlon
Anv code whlch
W modlfles or desLrovs daLaţ
W sLeals daLa ţ
W allows unauLhorlzed access LxplolLs or
damaaes a svsLemţ
W and does someLhlna LhaL user dld noL lnLend
Lo doţ ls called mallclous code
lnds of Mallclous code
rr vlrus
rr 1ro[an horse
rr Loalc bomb or 1lme 8omb
rr 8ackdoor/1rapdoor
rr Worm
rr 8abblL
Mallclous Code 1axonomv
1hreaLs dlvlded lnLo Lwo caLeaorles
W lndependenLsť are self conLalned proarams
LhaL can be scheduled and run bv Lhe CS
W needs hosL proaramť are essenLlallv fraamenLs
of proarams LhaL cannoL exlsL lndependenLlv
of some acLual appllcaLlon proaramţ uLlllLv or
svsLem proaramŦ
vlrus
W A proaram LhaL can pass on mallclous code Lo
oLher non mallclous proarams bv modlfvlna
Lhem
W vlrus can be
1ranslenL ť llfe depends on Lhe llfe of lL's
hosLť Lhe vlrus runs when Lhe hosL does
8esldenL ť vlrus locaLes lLself ln memorv
Pow vlruses aLLach
W A vlrus wlll do noLhlna and wlll noL spread unless lL ls
execuLedŦ
W 1here are manv wavs Lo ensure LhaL a vlrus ls
execuLed
W A seLup proaram mav call dozens or even hundreds
of oLher proaramsţ on Lhe dlsLrlbuLlon dlskţ alreadv
resldlna on Lhe compuLerţ or resldenL ln memorv
W Puman lnLervenLlon ls necessarv Lo sLarL Lhe process
Pow vlruses aLLach
W Lmall aLLachmenLs
W 1he vlrus code can be embedded ln an
execuLable flle aLLachmenL
Pow vlruses aLLach
W Appended vlruses
W vlruses LhaL surround a proaram
W lnLearaLed vlrus and replacemenLs
Appended vlruses
W usuallv a vlrus lnserLs a copv of lLself before
Lhe flrsL execuLable lnsLrucLlon ln a Þroaram
W Slmple and usuallv effecLlve
W 1vplcallv Lhe user does noL noLlce Lhe effecLs
of Lhe vlrus slnce Lhe proaram does lLs [ob as
usual
'irus Appended to a Program.
vlruses LhaL surround a proaram
W Pas conLrol before and afLer a proaram execuLlon
W A vlrus presence mav be alven awav bv Lhe flle
slze of Lhe proaramţ so Lhe vlrus wrlLer mav
lnfecL Lhe flle llsLlna dlsplav proaram Lo reaaln
conLrol afLer Lhe flle llsLlna ls aeneraLed buL
before lL ls dlsplaved
'irus Surrounding a Program.
lnLearaLed vlruses Ǝ replacemenLs
W vlrus replaces some of lLs LaraeL
W vlrus wrlLer has Lo know Lhe exacL sLrucLure of
Lhe proaram
W Could replace Lhe enLlre LaraeL
Original
Program
Virus
Code
Modified
Program
+ =
'irus Integrated into a Program.
More Secure !!!
W MosL popular!
W lmplemenLed wlLhln a formaLLed documenLţ
whlch conLalns noL onlv daLaţ buL also
commandsţ such as formulaeţ formaLLlna
conLrols and llnks eLc
W user sees onlv Lhe conLenLs of Lhe documenLţ
so Lhe vlrus wrlLers lncludes Lhe vlrus ln Lhe
commands parL of Lhe documenL
Pow vlruses aaln conLrol
W A vlrus has Lo be lnvoked lnsLead of Lhe LaraeL
W 1he vlrus has Lo elLher seem Lo be Lhe LaraeLţ or
has Lo push Lhe LaraeL ouL of Lhe wav and become
a subsLlLuLe
W A vlrus could replace a LaraeL bv assumlna lLs name
W 1he vlrus can overwrlLe Lhe LaraeL on dlsk
W 1he vlrus can chanae Lhe polnLers ln Lhe flle Lables
so LhaL Lhe vlrus ls locaLed lnsLead of Lhe LaraeL
(a) Overwriting T
(b) Changing Pointers
Before
After
File
Directory
T
T
V
File
Directory
T
T
V
File
Directory
T
V
File
Directory
T
T
V
'irus Completely Replacing a Program.
ueslrable quallLles ln vlruses
W Pard Lo deLecL
W noL easllv desLroved
W Spreads wldelv
W 8elnfecL lLs home proaram or oLher proarams
W Lasv Lo creaLe
W Machlne lndependenL and CS lndependenL
Pomes for vlruses
W Cne Llme execuLlon
W 8ooL secLor vlruses
W MemorvŴresldenL vlruses
W CLher homes
CneŴLlme execuLlon
W Ma[orlLv of vlruses Lodav execuLe onlv onceţ
spreadlna Lhelr lnfecLlon and causlna Lhelr
effecL ln LhaL one execuLlon
W A vlrus ofLen arrlves as an emall aLLachmenL of
a documenL vlrus and ls execuLed [usL bv
openlna lLŦ
8ooL secLor vlruses
W 1he booL secLor conLalns a booL loader Lo load
Lhe parLlcular CS lnLo memorv and run lL
W 1o accommodaLe larae booL loadersţ chalnlna
ls used
W 1he vlrus mav break Lhe chaln anvwhere and
lnserL lLself
W Appealť vlrus aalns conLrol earlvţ when no
deLecLlon Lool ls runnlnaţ and ls lnvlslble Lo flle
llsLlna
Bootstrap
Loader
System
Initialization
Virus
Code
System
Initialization
Bootstrap
Loader
(a) Before infection
(b) After infection
Boot Sector
Boot Sector
chain
chain
chain
Other Sectors
Other Sectors
Boot Sector 'irus Relocating Code.
Memorv resldenL vlruses
W Some porLlons of Lhe CS and a few speclallzed
user proarams would Lake Loo lona Lo reload
each Llme Lhev are neededţ so Lhev are kepL ln
memorv and are called resldenL code
W eŦaŦţ rouLlnes LhaL lnLerpreL kevs pressed on
Lhe kevboardţ error conLrolţ alarm clock
W vlrus aeL aLLached Lo resldenL code
CLher homes for vlruses
W AppllcaLlon macros
W Llbrarles
W Compllersţ llnkers
W 8unLlme monlLorsţ runLlme debuaaers
W AnLlŴvlrus
vlrus slanaLures
W A vlrus can noL be compleLelv lnvlslble code musL be
sLored somewhere and musL be ln memorv
W A vlrus execuLes ln a parLlcular wav and uses a cerLaln
meLhod Lo spread
W Lach of Lhese characLerlsLlcs vlelds a paLLern called a
slanaLure
W vlrus slanaLures are lmporLanL for creaLlna a proaram
called as vlrus scannerŦ
W When Lhe scanner recoanlzes a known vlrus paLLern ţ lL
can Lhen block Lhe vlrusţ lnform Lhe user and deacLlvaLe
or remove Lhe vlrusŦ
W vlrus scanner ls effecLlve onlv lf lL ls been kepL up Lo daLe
wlLh Lhe laLesL lnformaLlon on currenL vlrusŦ
SLoraae ÞaLLerns
W 1he sLarL of Lhe vlrus code becomes a
deLecLable slanaLure because Lhe vlrus porLlon
of an lnfecLed proaram ls lnvarlanL
W 1he vlrus scanner can use a code or checksum
Lo deLecL chanaes Lo a flle
W lL can also check for susplclous code such as a
!uMÞ lnsLrucLlon as Lhe flrsL lnsLrucLlon of a
proaram
Original
Program
IF (--)
JUMP
Separate
Virus
Module
Original
Program
Attached
Virus Code
Recognizable
signature elements
Recognizable Patterns in 'iruses.
LxecuLlon paLLerns
W A vlrus wrlLer mav wanL a vlrus Lo do several
Lhlnas aL Lhe same Llme
Spread lnfecLlon
Avold deLecLlon
Cause harm
LxecuLlon paLLerns
rr MosL of Lhese ºwavs" are perfecLlv normal
and mav oLherwlse ao unnoLlced
rr 1he harm a vlrus can do mav ranae from
noLhlnaţ Lo soundlna muslcţ dlsplavlna a
messaae on Lhe screenţ erase flles or
enLlre dlsksţ prevenL compuLer from
booLlnaţ prevenL wrlLlna Lo dlsk
1ransmlsslon paLLerns
W vlruses can Lravel durlna Lhe booL process
W vlrus Lravel ls noL conflned Lo anv slnale
medlum or execuLlon paLLern
LŦať vlrus can arrlve on a dlskeLLe or from a
neLwork connecLlonţ Lravel durlna lLs hosL
execuLlon Lo a hard dlsk booL secLorţ reemerae
nexL Llme Lhe hosL compuLer ls booLedţ and
remaln ln memorv Lo lnfecL oLher dlskeLLes as Lhev
are accessedŦ
Þolvmorphlc vlruses
W vlrus slanaLure ls Lhe mosL rellable wav Lo
deLecL a vlrus
W A clever vlrus wrlLer can cause someLhlna
oLher Lhan speclflc sLrlnas Lo be ln porLlons
where a vlrus scanner would look for Lhose
sLrlnas
W SuaaesLlons?
W A vlrus LhaL can chanae lLs appearance ls
polvmorphlc vlrus
Þolvmorphlc vlruses
W 1woŴform polvmorphlc vlrus can be handled
easllv as Lwo lndependenL vlrusesŦ
W so Lhe vlrus wrlLer wlll wanL a larae or
unllmlLed number of forms
W A polvmorphlc vlrus has Lo randomlv
reposlLlon all parLs of lLself and randomlv
chanae all flxed daLa
W A vlrus mav randomlv lnserL superfluous
lnsLrucLlons or lnLerchanae Lhe order
LhrouahouL lLs code
Þolvmorphlc vlruses
W A slmple varleLv of polvmorphlc vlrus uses
encrvpLlon under dlfferenL kevs Lo make sLored
form of vlrus dlfferenL Ŧ
W 1hese vlrus are called encrvpLlna vlrusesŦ
W 1o avold deLecLlonţ noL everv copv of a
polvmorphlc vlrus has Lo be dlfferenLŦ
ÞrevenLlon of vlrus lnfecLlon
W use onlv commerclal sofLware acqulred from
rellableţ well esLabllshed vendorsŦ
W 1esL all new s/w on an lsolaLed compuLerŦ
W Cpen aLLachmenL onlv when vou know Lhem Lo
be safeŦ
W Make a recoverable svsLem lmaae Ǝ sLore lL safelvŦ
W Make and back up coples of execuLable svsLem
fllesŦ
W use vlrus deLecLors reaularlv and updaLe Lhem
dallvŦ
1A8CL1Lu MALlCCuS CCuL ť 1rapdoors
W An undocumenLed enLrv polnL lnLo a Module
W lnserLed durlna code developmenLţ perhaps Lo
LesL Lhe moduleţ or Lo provlde hooks bv whlch
Lo connecL fuLure modlflcaLlonsţ or
enhancemenLsţ or Lo allow access lf Lhe module
should fall ln Lhe fuLure
1rapdoorsŴLxamples
W Þroarams are prepared ln modulesţ
W Lach module ls LesLed ln ºunlL LesLlna" and
Lhen lnLearaLed and LesLed ln ºlnLearaLlon
LesLlna"ţ Lo see how Lhev funcLlon as Lhev
send messaaes and daLa from one Lo Lhe
oLher Ŧ
W 8aLher Lhan pasLe all modules LoaeLher ln a
bla bana approachţ Lhe modules are arouped
lnLo several loalcal clusLers of a few
componenLs eachŦ
1rapdoorsŴLxamples
W Lach clusLer ls LesLed ln a wav LhaL allows
LesLers Lo conLrol and undersLand whaL mlahL
make a componenL or lLs lnLerface fall
W uurlna componenL LesLlnaţ Lhe LesLer cannoL
use Lhe surroundlna rouLlnes LhaL prepare
lnpuL or work wlLh ouLpuLţ so Lhev wrlLe
ºsLubs" and ºdrlvers" Lo ln[ecL daLa ln and
exLracL resulLs
1rapdoorsŴLxamples
W 1hese sLubs and drlvers are laLer dlscarded
because Lhev are replaced bv Lhe acLual
componenLs
W 1he proarammers embed debuaalna code lnLo
susplclous componenLs Lo conLrol sLubs or
lnvoke debuaalna codeţ Lhe proarammer
embeds speclal conLrol sequences ln Lhe
componenL's deslanţ speclflcallv Lo supporL
LesLlna
CALL MODA;
CALL MODB(10);
CALL MODB(20);
END
X = 10;
RETURN;
IF(J=10) THEN RETURN(25);
ELSE RETURN(35);
CALL MAX(Y);
CALL SORT;
CALL OUTPUT;
END;
CALL GETINPUT(J);
CALL NEWLINE;
CALL SORT;
CALL OUTPUT;
END;
MAIN:
Driver
MODA: MODB:
SORT:
WRITE('SORT CALLED');
RETURN;
WRITE('OUTPUT CALLED');
RETURN;
WRITE(CHR$(13));
RETURN;
OUTPUT:
NEWLINE:
MAX(X):
GETINPUT(J):
Stubs
Stubs and rivers.
1rapdoorsŴLxamples
W Command lnserLlon ls a recoanlzed LesLlna
pracLlce
W lf lefL ln place afLer LesLlnaţ Lhe exLra
commands can become a problem
W 1he lnLerneL Worm spreads lLself due Lo such
klnd of a Lrapdoor ln an emall proaram
W Þoor error checklna ls anoLher source of
Lrapdoors
1rapdoorsŴLxamples
W noL all posslble Cpcode values represenL
machlne lnsLrucLlonsŦ 1he undeflned Cpcodes
mav lmplemenL pecullar lnsLrucLlons elLher for
LesLlnaţ or because of an overslahL
W 1rapdoors can be useful for svsLem audlLlna or
LesLlnaţ buL Lhev musL be documenLed and
access musL be proLecLed
1rapdoorsŴCauses
W 1rapdoors can perslsL ln proarams because Lhe
developerť foraoL Lo remove LhemŦ
W lnLenLlonallv lefL lL Lhere for LesLlna
W lnLenLlonallv lefL lL for malnLenance
Salaml aLLack
W Salaml ls odd blLs of meaL and faL fused
LoaeLher ln a sausaae or salaml
W A salaml aLLack meraes blLs of seemlnalv
lnconsequenLlal daLa Lo vleld powerful resulLs
W eŦaŦţ proarams ofLen dlscard small amounLs of
monev ln Lhelr compuLaLlonsŦ 1he amounLs
mav be deposlLed lnLo Lhe proarammer's bank
AccounLţ Annual lnLeresL calculaLed upLo Lwo
dlalLs
SoluLlonť
eŦaŦ uŴMarLţ ÞeLrol Þumps (seL amounL ln
advanceŧŧ)
CoverL channels
ptootoms tbot leok lofotmotloo
W Þroarams LhaL communlcaLe lnformaLlon Lo
people who shouldn'L recelve lLŦ
W 1he communlcaLlon accompanles oLher
perfecLlv proper communlcaLlons
eŦaŦ a sLudenL mav communlcaLe correcL
answer cholces bv couahlna once for 'a'ţ
clearlna her LhroaL for 'b' and so on
W Cne wav for Lhe proarammer Lo have a coverL
channel ls Lo wrlLe Lo a flleţ prlnL lL ouL
Figure 3-11 Covert Channel Leaking InIormation.
CoverL channels
W lf Lhe proarammer ls noL close Lo Lhe machlneţ
he can provlde a 1ro[an horse wlLh Lhe
proaramţ whlch LransmlLs Lhe daLa
W A proarammer should noL have access Lo daLa
once Lhe proaram ls ln operaLlon
Pow Lo creaLe coverL channels
W subLle channelsť
wavs Lo communlcaLe daLa values coverLlvŦ
A prlnLed reporL would be Loo obvlousŦ
W 1esLlnať access Lo Lhe real daLa
Lncode daLa values lnLo a dlfferenL reporL formaL reporL
bv varvlna Lhe formaL of Lhe o/pŦ
W Peadlna would noL be noLlcedť
W 1oLal Ŵƽ 1oLals ƹ 1blL coverL channelŴ (fla)
Figure 3-12 Covert Channels.
Pow Lo creaLe coverL channels
W 5torage channe|sť
Servlce proaram and Lhe spv need a common
Llmlna source broken lnLo lnLervals
W pass lnformaLlon bv uslna Lhe presence or
absence of ob[ecLs ln sLoraaeŦ
eŦaŦţ lock or noL lock a flle Lo slanal one blL of
lnformaLlon
CLher wavs would be consume dlsk quoLa bv
creaLlna larae slze flleţ LxlsLence of flle/resource
of a parLlcular name (no need a access Lo a flle) fla
Ŷ slanallna 100 bv Loaallna
Figure : File Lock Covert Channel.
Figure: File Existence Channel Used to Signal 100.
Concluslon
W Servlce proaram and spv need access Lo a
shared resource and a shared sense of Llme
W Common ln mulLlŴuser envlronmenL
W Shared Llme avallable ? Þroaram need access Lo
currenL svsLem Llme ť Lo seL Llmersţ Lo record
evenL Llmeţ svnchronlze acLlvlLles
W 1blL Lransfer aL a Llme ls slow? 1blL per ms ť
never noLlced buL easllv handled bv Lwo
processesŧŦŦnoL easv Lo flnd
CoverL channels
rr @¯ng channe|sť pass lnformaLlon bv Lhe speed aL whlch
Lhlnas happenŦ
Servlce proaram and Lhe spv need a common Llmlna
source broken lnLo lnLervals
rr eŦaŦţ uslna or noL uslna an asslaned amounL of compuLlna
Llme (quanLum) ldenLlfvlna coverL channels
rr Analvzlna shared resources
rr Source code
Figure 3-15 Covert Timing Channel.
Shared resource maLrlx
rr llnd all shared resources and processes LhaL
have access Lo Lhem
rr ConsLrucL a maLrlx of resources and processes
LhaL can access Lhem
rr 8esources are rowsţ processes are columns
rr 1he enLrles are 8 for can readţ and M for can
modlfv
rr Look for Lwo rows havlna Lhe Mţ 8 and Mţ Ŵ
arranaemenL
S8M
W 1
sL
process can pass Lhe lnfo Lo Lhe 2
nd
bv
readlna from Lhe 2
nd
8esource and slanallna
Lhe daLa Lhr' Lhe 1
sL
8esource
W Add lmplled lnfo flows ln S8M
W Spvs process can read Lhe confldenLlal daLa bv
uslna a coverL channel Lhr' Lhe flle lock
channel maLrlx
ConLrols aaalnsL proaram LhreaLs
W 1hree Lvpes of conLrols
uevelopmenL conLrols
CS conLrols
AdmlnlsLraLlve conLrols
uevelopmenL ConLrols
W uevelopmenL requlres people who can
Speclfv Lhe svsLem
ueslan Lhe svsLem
lmplemenL Lhe svsLem
1esL Lhe svsLem
8evlew Lhe svsLem
uocumenL Lhe svsLem
Manaae Lhe svsLem
MalnLaln Lhe svsLemŦ
W leaLures of a hlah quallLv secure sofLware
ModularlLv
LncapsulaLlon
lnformaLlon hldlna
ModularlLv
W ModularlzaLlon ls a process of dlvldlna a Lask lnLo
subLasksŦ
W 1hls dlvlslon ls done based on funcLlonal or loalcal
baslsŦ
W Lach componenL performs a separaLeţ lndependenL
parL of Lhe LaskŦ
W Coal ls Lo have each componenL meeL 4 condlLlons
Slnale purpose
Small
Slmple
lndependenL
Figure 3-16 Modularity.
AdvanLaaes of modularlLv
W MalnLenance
W undersLandablllLv
W 8euse
W CorrecLness
W 1esLlna
W A modular componenL usuallv has hlah coheslon
and low coupllnaŦ
Coheslon means LhaL all Lhe elemenLs of a componenL
have loalcal and funcLlonal reasons for belna LhereŦ
Coupllna refers Lo dearee wlLh whlch a componenL
depends
Figure 3-17 Coupling.
LncapsulaLlon
W Pldes a componenL's lmplemenLaLlon deLall ţ
blL lL does noL necessarllv mean compleLe
lsolaLlonŦ
W Manv componenLs musL share lnformaLlon
wlLh oLher componenLs ţ usuallv wlLh aood
reasonŦ
W 1hls sharlna ls carefullv documenLed so LhaL a
componenL ls affecLed onlv ln known wavs bv
Lhe oLhers ln Lhe svsLemŦ
lnformaLlon hldlna
W ls deslrableţ
W uevelopers cannoL easllv and mallclouslv alLer
Lhe componenLs of oLhers lf Lhev do noL know
how Lhe componenLs workŦ
Figure 3-18 InIormation Hiding.
W ev Lechnlques ln flndlna real and poLenLlal
securlLv flaws
Þeer revlews
Pazard analvsls
1esLlna
Cood deslan
ÞredlcLlon
SLaLlc analvsls
ConflauraLlon manaaemenL
Analvsls of mlsLakes
Þeer revlews
W 1vpes
8evlew
Walk Lhrouah
lnspecLlon
Pazard Analvsls
W 1echnlques supporL Lhe ldenLlflcaLlon and
manaaemenL of hazards
Pazard or operablllLv sLudles(PAZCÞ)
lallure modes and effecLs analvsls(lMLA)
laulL Lree analvsls(l1A)
1esLlna
W SLaaes
unlL LesLlna
lnLearaLlon LesLlna
luncLlon LesLlna
Þerformance LesLlna
AccepLance LesLlna
lnsLallaLlon LesLlna
8earesslon LesLlna
W 1wo perspecLlve of LesLs
8lack box
Clear box
Cood ueslan
W Þrocess acLlvlLles helpful ln bulldlna secure
sofLware
uslna a phllosophv of faulL Lolerance
Pavlna a conslsLenL pollcv for handllna fallures
CapLurlna Lhe deslan raLlonale and hlsLorv
uslna deslan paLLerns
W ÞredlcLlonť
We Lrv Lo predlcL Lhe rlsks lnvolved ln bulldlna and
uslna Lhe svsLem
W SLaLlc analvsls
Several aspecLs of deslan and code
W ConLrol flow sLrucLure
W uaLa flow sLrucLure
W uaLa sLrucLure
ConflauraLlon manaaemenL
W lL ls lmporLanL Lo know who ls maklna whlch chanaes Lo
whaL and when
CorrecLlve chanaes
AdapLlve chanaes
ÞerfecLlve chanaes
ÞrevenLlve chanaes
W lour acLlvlLles are lnvolved ln conflauraLlon
manaaemenL
ConflauraLlon ldenLlflcaLlon
ConflauraLlon conLrol and chanae manaaemenL
ConflauraLlon audlLlna
SLaLus accounLlna
Lessons from mlsLakes
W As we deslan and bulld svsLemsţ we can
documenL our declslons
W noL onlv whaL we declded Lo do and whvţ buL
also whaL we declded noL Lo do and whvŦ
W 1hen afLer Lhe svsLem ls up and runnlnaţ we
can use lnformaLlon abL Lhe fallures Lo alve us
beLLer undersLandlna of whaL leads Lo
vulnerablllLles and Lhelr explolLaLlonŦ
CS conLrols on use of proaram
W CperaLlna svsLem can proLecL aaalnsL some of Lhe
deslan and lmplemenLaLlon flaws
1rusLed sofLware
W 1o LrusL anv code ţ we base our LrusL on rlaorous analvsls
and LesLlna looklna for kev characLerlsLlcs
luncLlonal correcLnessŦ
LnforcemenL of lnLearlLvŦ
LlmlLed prlvlleaeŦ
ApproprlaLe confldence levelŦ
Mallclous susplclon
ConflnemenL
Access loa
AdmlnlsLraLlve conLrols
W SLandards of proaram developmenL
SLandards of deslan
SLandards of documenLaLlon
SLandards of proarammlna
SLandards of LesLlna
SLandards of conflauraLlon manaaemenLŦ
W SeparaLlon of duLles
Þroaram conLrols ln aeneral
W 8esL ls Lhe comblnaLlon of securlLv conLrols
W Pumans can learn from Lhelr mlsLakes and
shape Lhelr creaLlons Lo accounL for
fundamenLal prlnclplesŦ
Lnd of proaram securlLv

D@

@½n¾ 
n 
W W W W W W W  n ½–f¯¾  -°¯fn¾9–f¯¾  I¾ ¾f°  ¯fn¾n @½ ¾€¾ ¾ fn¯ nf°¾¯€¾ ¾ @f–  ,fn¾

  .

°¾–f°¾9–f¯@ f¾

9–f¯ f ¾¾ ¾
W ,fn¾½–f¯ ¾ W -° ¯fn¾½–f¯€f¾

-°¯fn¾½–f¯ ¾
W €€  € W °n¯½  ¯ f° W @¯ € n n¯ € ¾  ¾

€€  € W nf¾f¯½  ¾ ¾f¾  °  ¾€ ¯ ¯ ¾f¯½  ## ¾f¯½  ## W ½–f¯f°  ff ¾ ¾°¯ ¯ °–  n° ¾f°– ¾½fn     n f°  ¾ °° ¾ .

€€  € W €  fnffn   ¾¾ #¾ ff  ¯ff€€ n ½–f¯#¾ ¾¾ °  ½–f¯¾ W € €¾° ¾ #¾½–f¯f f  f°   ¾f°°¾n°   n   ¯fn°   n  .

. :1107 .3 .!.08 070.0714 .

 n¯½nf°¾ W @ ffn ¯f ½fn n °¾¾ ¯¾½fn   °¾n°¾nnf¾ n°  f°¾€   ffn  ½ – ¾ W @ ffn n  ½fn   °f  ¾¾ .

°" f f.°n¯½  ¯ f° W ½ $$ ¾¯ ¾ n¯$¾ ½f– $¾ °½ ½ ff¯ %%  ½ff¯ f° W Jf€½ff¯  f°"  " .f°" W ° n €f°f ff½   W  n °–½–f¯– ° f ¾°– ¾ W @  n °–½–f¯¯–f f €f n° ° W °¾–– ¾°¾"" .

°n¯½  ¯ f° ° °n½f ½ °f½  ¯¾ .

 °¾ f f°  ¾nnn ¾f ° ¾ D@  ¾ n ¾  D @ ¾  f¾°f € D f¾  nf¯ €¯  €¯ ½  ¾¾€ °f° €€  €¾  f¾ ½f  .

@¯  n n¯ € ¾  ¾ ° ¾¾°n°f° . °#¾f° ½n ¾¾¾¾fnf°–    €°¾n°  n°°n f¾  ½ €¯f°n °¾n°¾ff½½ f f ©fn °¯f°   n ¯¯ f f€  fn   nf¾ € ° °°fnf°–    €€ n¾€  ½n ¾¾ ¾°n°n °  n° .

@¯  n n¯ € ¾  ¾    ¾ fnn ¾¾¯¾ – °  f° fnn ¾¾½n¾f°–¾f fnn ¾¾f   °   ¾¯¾ ¯ f  f°fnn ¾¾ ½n °€n ¯ °f– ° °°n¯½  ¯ f°½  ¯nn¾€  fnn ¾¾¾°n n ° ¾f .

@¯  n n¯ € ¾  ¾ W ½ ¾° f¾ °¾° ¾€¯¾ ½n  nf €n°¾ ¯f° ½fn ¾ ¯ °€°€ ¾    W J ° ¾  °¾f° ¯f ¾    f ¾ fn° ¾° f° ¾   ¾fn€° ¾ f ¾¾ f°  f ¾ .

@¯  n n¯ € ¾  ¾ °f½½nf°  ¾¾fnn ¾¾f€ f° ½f¾¾ ¾f ff¾n @ ¯ f¾ ¾  € °f¯ nf n n¾€fnn ¾¾–¾  J  ¯ fn n¾€fnn ¾¾  ¾  ¯f¯ € nf¾ € °f¯ f°  –f°fnn ¾¾f €€  °€ .

.9.9:701470.088 4/10/..9..$97:.

 n¯½nf° .

 n°–° fn°f° ½ €¯°–f° ¾f° f¯½ €° €€ n fnn ¾¾n° °¾"" –f¾–°f ¾f° n €nf ¾ @¯ € n n¾  °¾¯ ° ¾–°¾f° ¯ € ¾ ¾ ° f°°  € ¾ ¾–°f € ½f  ¾ ½¾   ¯¾   %€¯f– ¾  Jf ¯f°– .% .

I¾ ¾f°  ¯fn¾n W .n€  °  ½–f¯¾¾°¾   ¾ ¾ nf° €f–f¯ ½–f¯  ¾ °°–°f °¾ ½ n ° fn° " W .fn¾½ ½ nf°¯f ½–f¯¾¾  f¾  n ¾fnn ¾¾f° nf°–  fff°   ½–f¯¾ W D°f°n½f ° ¾  €€ n¾°½–f¯½f¾ .

fn¾n ½¾¾  ¾ J f¯ ¾¾f–  ¾n ° ½½°–f°°°–½–f¯  ° f°–f¾° f¾°–f¾ €   ¯f°°¾¯   °–– ¾ n ..

¯f €°° °n n W ¯ € ¾ ¾¾ ff  W ¾ f¾ ff  W f¾°f fnn ¾¾½¾ f¯f– ¾f¾¾ ¯ W f°   ¾¾¯ °–f¾   °° °    ¾nf ¯fn¾n  .

° ¾€.fn¾n I¾ @©f°¾ –n ¯ @¯  ¯ fn $@f½  J¯ f  .

.fn¾.

 @f°¯ .

@ f¾  °nf – ¾ W ° ½ ° °¾ f ¾ €n°f° ½–f¯¾ fnf° ¾n  f° °   W - ¾¾½–f¯ f  ¾¾ °f€f–¯ °¾ €½–f¯¾fnf°° ¾° ½ ° ° €¾¯ fnff½½nf°½–f¯  ¾¾ ¯½–f¯  .

I¾ W ½–f¯fnf°½f¾¾°¯fn¾n   °°¯fn¾½–f¯¾ ¯ €°–  ¯ W I¾nf°  @f°¾ ° €  ½ ° ¾° € €#¾ ¾  ¾°¾ ° ¾  ¾  ¾ ° ¾nf ¾¾ €°¯ ¯ .

.

¾ ¾ffn W ¾ °°–f° °¾½ f ° ¾¾¾  n W @  f ¯f°f¾ °¾ ff¾¾  n W ¾ ½½–f¯¯fnf  °¾  °°  ¾ € ½–f¯¾ °  ¾ ° ¾ f f   ¾ °–° n¯½   ¾ °°¯ ¯ W ¯f°°  °°¾° n ¾¾f¾f ½n ¾¾ .

¾ ¾ffn W ¯fffn¯ °¾ W @ ¾n nf°  ¯ °f°  nf  € ffn¯ ° .

¾ ¾ffn W ½½ ° ¾ ¾ W I¾ ¾f¾° f½–f¯ W ° –f ¾f°  ½fn ¯ °¾ .

½½ ° ¾ ¾ W D¾ff¾°¾ ¾fn½€¾ € €   €¾  nf  °¾n° °f9–f¯ W ¯½ f° ¾f €€ n W @½nf ¾   ¾°°n   €€ n¾ € ¾¾°n  ½–f¯  ¾¾© f¾ ¾f .

'7:85503/0/94.2 .!747.

I¾ ¾f¾° f½–f¯ W f¾n° € f° f€ f½–f¯  n° W ¾½ ¾ °n ¯f – °ff  €  ¾ € ½–f¯ ¾ ¾ ¯f °€ n € ¾°– ¾½f½–f¯ –f° n°f€  € ¾°–¾– ° f   € ¾ ¾½f .

!747.2 .'7:8$:774:3/3.

° –f ¾ ¾  ½fn ¯ °¾ W I¾ ½fn ¾¾¯ €¾f–  W I¾ f¾°  fn¾n €  ½–f¯ W .

  ½fn   ° f– 

Original Program

+

Virus Code

=

Modified Program

'7:83907,90/394,!747,2

,  n """
W ,¾ ½½f" W ¯½ ¯ ° ° f €¯f n¯ ° n n°f°¾ ° ° ff 
f¾ n¯¯f° ¾ ¾n f¾ €¯f €¯f°– n°¾ f° °¾ n W D¾  ¾ ¾ °  n° °¾ €  n¯ ° ¾  ¾  ¾ °n ¾  ¾ °  n¯¯f° ¾ ½f €  n¯ °

¾ ¾–f°n° W ¾f¾ ° °¾ f € f–  W @ ¾f¾  ¾ ¯  f–   f¾½¾ f– € ff°  n¯  f¾ ¾ W ¾n  ½fn ff–  f¾¾¯°–¾°f¯ W @ ¾nf°   f– ° ¾ W @ ¾nf°nf°–  ½° ¾ ° € f  ¾ ¾f ¾¾nf °¾ f € f–  .

!747..3.2 .Before File Directory File Directory After T T V T V (a) Overwriting T File Directory File Directory T T V T T V (b) Changing Pointers '7:8425090#05.

fn° ° ½ ° °f° ° ½ ° ° . ¾f  f ¾°¾ ¾ W W W W W W f   n - f¾ ¾ ½ f ¾   °€ n¾¯ ½–f¯ ½–f¯¾ f¾n f .

¯  ¾ °¾ ¾  ¯ ¾ .¯ ¾€¾ ¾ W W W W ° ¯   n° ¾ n¾ ¾ .

° ¯   n° W .f©€¾ ¾ f  n °°n  ¾½ f °– °€ n°f° nf¾°–  €€ n°f°   n° W ¾€ °f ¾f¾f° ¯fffn¯ ° € f n¯ °¾f° ¾  n ©¾  ½ °°–  .

¾ n¾ ¾ W @  ¾ nn°f°¾f f  f   ½fnf°¯ ¯f° ° W @fnn¯¯ f f–  f ¾ nf°°– ¾¾ W @ ¾¯f  f nf° f°  f°  °¾ ¾ € W ½½ f ¾–f°¾n° f  °°  n°¾°°°– f° ¾°¾  €  ¾°– .

934/0 ..Boot Sector Bootstrap Loader Other Sectors System Initialization chain (a) Before infection Boot Sector Virus Code Other Sectors System Initialization chain chain (b) After infection Bootstrap Loader 449$0.947'7:8#04.

¯ ¾ °¾ ¾ W ¯ ½°¾€ f° f€ ¾½ nf  ¾ ½–f¯¾ f °– f fn¯  f ° ¾ f  ½° ¯ ¯f° f nf  ¾ °n W – ° ¾f° ½  ¾½ ¾¾ °    f  n° ff¯nn W I¾– ffn  ¾ °n ..

 ¯ ¾€¾ ¾ W W W W W ½½nf°¯fn¾  f ¾ .

¯½ ¾ ° ¾ °¯ ¯°¾ °¯  –– ¾ ° ¾ .

I¾¾–°f ¾ W ¾nf°° n¯½  °¾  n ¯¾  ¾ ¾¯   f° ¯¾ °¯ ¯ W ¾  n ¾°f½fnff f° ¾ ¾fn f° ¯  ¾½ f W fn€ ¾ nffn ¾n¾  ¾f½f °nf f ¾–°f W I¾¾–°f ¾f ¯½f°€n f°–f½–f¯ nf f¾¾¾nf°°  W J ° ¾nf°°  n–° ¾f°°¾½f °  nf° ° n ¾ °€¯ ¾ f°  fnf   ¯  ¾ W I¾¾nf°° ¾ €€ n °€¾ ° ½½ f   f ¾°€¯f°°n °¾ .

f– 9f °¾ W @ ¾f€ ¾n n¯ ¾f  nf  ¾–°f  nf¾  ¾½° €f°°€ n ½–f¯¾°ff° W @ ¾¾nf°°  nf°¾ fn n n¾¯   nnf°– ¾f€  W nf°f¾n n€¾¾½n¾n ¾nf¾f D.9°¾n°f¾ €¾°¾n°€f ½–f¯ .

9907383'7:808 .43.Attached Virus Code Recognizable signature elements IF (--) JUMP Original Program Original Program Separate Virus Module #0.-0!.

 n°½f °¾ W ¾ ¯ff°f¾ ¾  f °–¾f ¾f¯ ¯ ½ f °€ n°    n° .

f¾ f¯ .

 n°½f °¾ .¾€ ¾ #f¾#f ½ € n°¯f f° ¯f ¾ –°°n @ f¯f¾nf° ¯ff°– €¯ °°– ¾° °–¯¾n  ¾½f°–f ¯ ¾¾f– ° ¾n °  f¾ € ¾ °  ¾¾ ½  °n¯½ €¯ °– ½  °°– ¾ .

@f°¾¯¾¾°½f °¾ W I¾ ¾nf°f  °–  ½n ¾¾ W I¾f ¾°n°€° f°¾°–  ¯ ¯  n°½f °  – ¾nf°f °f ¾  €¯f ° n°° n° f  °–¾¾  n°ff  ¾ ¾ n  ¯ –  ° ¯  ¾n¯½ ¾  f°   ¯f°°¯ ¯°€ n  ¾  ¾f¾  f fnn ¾¾ .

9¯½n¾ ¾ W I¾¾–°f ¾ ¯¾ f  f  nf¾ W n  ¾ nf°nf¾ ¾¯ °–  f°¾½ n€n¾°–¾  °½°¾   f¾¾nf°°  €¾  ¾°–¾ W –– ¾°¾" W ¾fnf°nf°– ¾f½½ ff°n ¾ ½¯½n¾ .

9¯½n¾ ¾ W @ €¯½¯½n¾nf° f°   f¾f¾° ½ ° °¾ ¾ W ¾ ¾ f°ff–  °¯ °¯ €€¯¾ W ½¯½n¾f¾f° ¯  ½¾°f½f¾€¾ € f° f° ¯ nf°– f€  ff W ¾¯ff° ¯°¾ ¾½ €¾ °¾n°¾ ° nf°–    –¾n .

9¯½n¾ ¾ W ¾¯½ f €½¯½n¾¾ ¾ °n½°°  €€  ° ¾¯f ¾  €¯€¾ €€  ° W @ ¾ ¾f nf  °n½°–¾ ¾ W @f   n° °  n½€f ½¯½n¾f¾  €€  ° .

f f n f  ¾¾ ¯¯f–  ¾ ¾f€  W .9  °°€¾°€ n° W D¾ °n¯¯ nf¾€f fn €¯  f    ¾f ¾  ° ¾ W @ ¾f° ¾$°f°¾f n¯½  W ½ °ffn¯ °° °° ¯ ¾f€ W .f f°  fn½n½ ¾€  nf  ¾¾ ¯ € ¾ W D¾ ¾  n¾ –ff° ½ f  ¯ f .

.@@.

D.

  W °¾  °– n  ½¯ ° ½ f½¾   ¾  ¯    ½ ¾  n  n°° n € ¯ €nf°¾  °f°n ¯ °¾   f fnn ¾¾ €  ¯  ¾ €f °  € . @f½ ¾ W ° ° n¯ ° ° ½° ° f .

@f½ ¾ f¯½ ¾ W 9–f¯¾f ½ ½f °¯  ¾  W fn¯  ¾ ¾ °#° ¾°–#f°   °° –f f°  ¾ °#° –f°  ¾°–# ¾  €°n°f¾  ¾ ° ¯ ¾¾f– ¾f°  ff€¯°     W f f°½f¾ f¯  ¾–  °f – f°–f½½fn  ¯  ¾f –½  °¾  f–nfn¾ ¾€f€  n¯½° °¾ fn .

@f½ ¾ f¯½ ¾ W fnn¾ ¾ ¾ °ffff¾  ¾ ¾n°f° ° ¾f° f¯– ¯f fn¯½° °¾° €fn €f W °–n¯½° ° ¾°–   ¾ nf°° ¾  ¾° °–° ¾f½ ½f  °½½ ¾   #¾ ¾#f° #  ¾#°© n ff°f°  fn ¾¾ .

@f½ ¾ f¯½ ¾ W @ ¾ ¾ ¾f°   ¾f f  ¾nf  nf¾  f  ½fn   fnf n¯½° °¾ W @ ½–f¯¯ ¾ ¯  ––°–n ° ¾¾½n¾n¯½° °¾n°¾ ¾ °  ––°–n  ½–f¯¯  ¯ ¾¾½ nfn°¾  °n ¾°  n¯½° °#¾ ¾–° ¾½ n€nf¾½½  ¾°– .

MAIN: Driver CALL MODA. END. RETURN. RETURN. SORT.3/7. CALL MODB(10). RETURN. NEWLINE: WRITE(CHR$(13)). NEWLINE. CALL OUTPUT. MAX(X): X = 10. CALL SORT. CALL MAX(Y).078 . ELSE RETURN(35). GETINPUT(J): IF(J=10) THEN RETURN(25). END MODA: MODB: CALL CALL CALL CALL G ETINPUT(J). OUTPUT. SORT: WRITE('SORT CALLED'). CALL MODB(20). RETURN. END. OUTPUT: Stubs WRITE('OUTPUT CALLED'). $9:-8.

@f½ ¾ f¯½ ¾ W .

¯¯f° °¾ °¾f n–°  ¾°– ½fnn W € €°½fn f€  ¾°–   f n¯¯f° ¾nf° n¯ f½  ¯ W @ ° ° J¯¾½ f ¾¾ €  ¾n ° €ff½  °f° ¯f½–f¯ W 9 n n°– ¾f° ¾n € f½ ¾ .

@f½ ¾ f¯½ ¾ W -f½¾¾  ½n f ¾ ½ ¾ ° ¯fn° °¾n°¾ @ ° €° ½n ¾ ¯f¯½ ¯ °½ nf°¾n°¾  €  ¾°–  nf¾ €f° ¾– W @f½ ¾nf° ¾ €€¾¾ ¯f °–  ¾°–   ¯¾  n¯ ° f°  fnn ¾¾¯¾ ½ n .

@f½ ¾ .

f¾ ¾ W @f½ ¾nf°½ ¾¾°½–f¯¾ nf¾    ½  €– ¯  ¯ W ° °°f €  € ¾°– W ° °°f €€¯f° °f°n .

ff¯ffn W ff¯¾  ¾€¯ ff° €f€¾  –  °f¾f¾f– ¾ff¯ W ¾ff¯ffn¯ – ¾ ¾€¾ ¯°– °n°¾  °f ff  ½ € ¾¾ W – ½–f¯¾€ ° ¾nf ¾¯ff¯°¾€ ¯° ° n¯½f°¾ @ f¯°¾ ¯f  ½¾ ° ½–f¯¯ #¾ f° nn° °°f°  ¾nfnf ½ –¾ °  –  .f 9 9¯½¾%¾ f¯°° f f°n % .

.

 nf°° ¾ ½–f¯¾f f°€¯f° W 9–f¯¾fn¯¯°nf °€¯f° ½ ½ ¾ °# n   W @ n¯¯°nf°fnn¯½f° ¾  ½ € n½½ n¯¯°nf°¾ – f¾ °¯fn¯¯°nf n n f°¾ nn ¾ n–°–°n €#f#  n f°– f€# #f° ¾° W ° f€ ½–f¯¯ f fn  nf°° ¾ f€ ½° .

331472.:70  4.079.943 .3300.

.

 nf°° ¾ W € ½–f¯¯ ¾°n¾  ¯fn°   nf°½ f@©f°¾   ½–f¯ nf°¾¯¾  ff W ½–f¯¯ ¾ °f fnn ¾¾ ff °n  ½–f¯¾°½ f° .

n f n nf°° ¾ W ¾  nf°° ¾ f¾n¯¯°nf  fff ¾n  ½°  ½   ¾ W @ ¾°– fnn ¾¾  f ff °n  fff ¾°f €€  ° ½€¯f ½ f°– €¯f€ $½  W  f °– ° °n  W @f @f¾  n nf°°  %€–% .

3308 .079.:70  4.

n f n nf°° ¾ W f– nf°° ¾  n ½–f¯f°  ¾½° fn¯¯° ¯°–¾n   °°° f¾ W ½f¾¾°€¯f° ¾°– ½ ¾ °n  f ¾ °n € © n¾°¾f–  – n°n f€ ¾–°f°  € °€¯f°  f¾  n°¾¯  ¾f  n f°–f– ¾ € ¾ °n €€ $ ¾n  €f½fnf°f¯ %°° ffnn ¾¾f€ %€– ¾–°f°– ––°– .

079.330 .4.:70 04.

0.:70 08903.330&80/94$3. .

.

°n¾° W  n ½–f¯f° ¾½° fnn ¾¾f ¾f  ¾n f° f¾f ¾ °¾ €¯  W .

¯¯°°¯ ¾  °°¯ ° W f ¯ fff  "9–f¯° fnn ¾¾ n °¾¾ ¯¯  ¾ ¯ ¾  n   °¯ ¾°n° fn ¾ W  f°¾€ ff¯ ¾¾" ½ ¯¾  °  °n   f¾f°    ½n ¾¾ ¾ ° f¾€°  .

.

 nf°° ¾ @¯°–nf°° ¾ ½f¾¾°€¯f°  ¾½ fn °–¾f½½ °  n ½–f¯f°  ¾½° fn¯¯°¯°– ¾n   °°° f¾ – ¾°–°¾°–f°f¾¾–° f¯°€n¯½°– ¯ %f°¯% °€°–n nf°° ¾ °f°–¾f  ¾n ¾ n n .

:70  4.079%23.330 .

f  ¾n ¯f ° f¾f  ¾n ¾f° ½n ¾¾ ¾f f fnn ¾¾ ¯ .

€nf° ¯ € €¾f°– .°¾nf¯f€ ¾n ¾f° ½n ¾¾ ¾ fnf°fnn ¾¾ ¯  ¾n ¾f ¾ ½n ¾¾ ¾f n¯°¾ @  ° ¾f €nf° f f° .  ff°– ¯ ° . f° .

.

.

. W ½¾½n ¾¾nf° f  n°€ °f ff  ¾°–fn nf°° # € n nf°° ¯f . W ¾ ½n ¾¾nf°½f¾¾ °€ °   f °–€¯ °  ¾n f° ¾–°f°–   ff# ¾  ¾n W  ¯½ °€€¾°.

.

°¾f–f°¾½–f¯ f¾ W @ ½ ¾€n°¾   ½¯ °n°¾ n°¾  ¯°¾f n°¾ .

  ½¯ °.

f°f–  ¾¾ ¯ .°¾ W   ½¯ °  ¾½ ½ nf° ½ n€ ¾¾ ¯  ¾–° ¾¾ ¯ ¯½ ¯ ° ¾¾ ¯ @ ¾ ¾¾ ¯    ¾¾ ¯ n¯ ° ¾¾ ¯ .f°f° ¾¾ ¯ .

W  f ¾€f–f¾ n ¾€f . f °nf½¾f° °€¯f° °– .

 f W .. ff°¾f½n ¾¾€  °–ff¾° ¾ f¾¾ W @¾ ¾°¾ °  f¾ °€°n°f–nf f¾¾ W fnn¯½° °½ €¯¾f¾ ½ff ° ½ ° ° ½f€ f¾ W f¾f  fnn¯½° °¯ n° °¾ °– ½½¾ ¯f ¯½ ° ½ ° ° .

79 .:70  4/:.

f° °f°n D° ¾f° f   ¾ . f°f– ¾€¯ f W W W W W W .

 n° ¾¾ @ ¾°– ¯ fn¯½° °¾ff¾–n ¾° f° n½°– .

 ¾°¯ f°¾ff   ¯ °¾€fn¯½° ° f –nff° €°n°f f¾°¾€ °–  .

½°– € ¾ – nfn¯½° ° ½ ° ¾ .

:70  4:53 .

f°n¯½° °¾¯¾¾f °€¯f°  n¯½° °¾ ¾f–   f¾° W @¾¾f°–¾nf € n¯ ° ¾ff n¯½° °¾f€€ n °°°°f¾    ¾° ¾¾ ¯ .°nf½¾f° W  ¾fn¯½° °#¾¯½ ¯ °f° f    ¾°° n ¾¾f¯ f°n¯½   ¾f° W .

°€¯f° °– W ¾ ¾f  W   ½ ¾nf°° f¾f° ¯fn¾f   n¯½° °¾€ ¾€  °°  n¯½° °¾ .

943/3 .:70  31472.

W   n° ¾°€° °– ff° ½ °f ¾ n€f¾ 9   ¾ ff f°f¾¾ @ ¾°–   ¾–° 9 n° fnf°f¾¾ .

°€–f°¯f°f– ¯ ° °f¾¾€¯¾f ¾ .

9   ¾ W @½ ¾    Jf– °¾½ n° .

ff °f¾¾ W @ n° ¾¾½½  °€nf°f°  ¯f°f– ¯ °€ff ¾ ff ½ f ¾  ¾%9% f ¯ ¾f°  €€ n¾f°f¾¾%.% f f°f¾¾%@% .

@ ¾°– W f– ¾ D° ¾°– ° –f° ¾°– °n° ¾°– 9 €¯f°n  ¾°– nn ½f°n  ¾°– °¾ff° ¾°–  – ¾¾° ¾°– W @½ ¾½ n € ¾¾ fn  .

 f  .

  ¾–° W 9n ¾¾fn ¾ ½€°  °–¾ n  ¾€f D¾°–f½¾½€€f f°n f°–fn°¾¾ °½n€f° °–€f ¾ .

f½°–  ¾–°f°f f° ¾ D¾°– ¾–°½f °¾ .

W 9 n° J ½ n ¾¾° °  °–f°  ¾°– ¾¾ ¯ W fnf°f¾¾   ff¾½ n¾€ ¾–°f° n W .

°€¾n W ff€¾n W ff¾n .

°€–f°¯f°f– ¯ ° W ¾¯½f°°¾¯f°–nnf°– ¾ ff°  ° .

 n nf°– ¾  f½ nf°– ¾ 9 € n nf°– ¾ 9  ° nf°– ¾ .

W fn ¾f ° °n°€–f° ¯f°f– ¯ ° .

°€–f° °€nf° .

°€–f°n°f° nf°– ¯f°f– ¯ ° .

°€–f°f °– f¾fnn°°– .

 ¾¾°¾€¯¯¾f ¾ W ¾  ¾–°f°   ¾¾ ¯¾  nf° n¯ ° n¾°¾ W -°f  n  f°    f¾f  n ° f°  W @ °f€  ¾¾ ¯¾½f° °°°–   nf°¾ °€¯f°f   €f ¾– ¾  ° ¾f° °–€f f ¾ ° f  ¾f°   ½f° .

fn¾¾¾½n° .n°¾°¾ €½–f¯ W ½ f°–¾¾ ¯nf°½ nf–f°¾¾¯ €  ¾–°f° ¯½ ¯ °f°€f¾ @¾ ¾€f W @¾f°n    f¾ ¾°–¾f°f¾¾ f°  ¾°–°–€ nffn ¾n¾ °n°fn n° ¾¾ °€n ¯ °€° – ¯ ½ – ½½½f n°€ °n    .

°€° ¯ ° nn ¾¾– .

 ¯°¾f n°¾ W f° f ¾€½–f¯  ½¯ ° f° f ¾€ ¾–° f° f ¾€ n¯ °f° f° f ¾€½–f¯¯°– f° f ¾€ ¾°– f° f ¾€n°€–f°¯f°f– ¯ ° W  ½ff°€  ¾ .

9–f¯n°¾°– ° f W ¾¾ n¯ °f°€¾ nn°¾ W ¯f°¾nf° f°€¯ ¯¾f ¾f°  ¾f½  n f°¾fnn°€ €° f¯ °f½°n½ ¾ .

° €½–f¯¾ n .

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->