%!PS-Adobe-2.0
%%Creator: dvipsk 5.58f Copyright 1986, 1994 Radical Eye Software
%%Title: crystina.dvi
%%Pages: 19
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
%%EndComments
%DVIPSCommandLine: /usr/TeX/bin/dvips -D 600 -o crystina.eps crystina
%DVIPSParameters: dpi=600, compressed, comments removed
%DVIPSSource:  TeX output 1998.01.20:1433
%%BeginProcSet: texc.pro
/TeXDict 250 dict def TeXDict begin /N{def}def /B{bind def}N /S{exch}N
/X{S N}B /TR{translate}N /isls false N /vsize 11 72 mul N /hsize 8.5 72
mul N /landplus90{false}def /@rigin{isls{[0 landplus90{1 -1}{-1 1}
ifelse 0 0 0]concat}if 72 Resolution div 72 VResolution div neg scale
isls{landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div
hsize mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul
TR[matrix currentmatrix{dup dup round sub abs 0.00001 lt{round}if}
forall round exch round exch]setmatrix}N /@landscape{/isls true N}B
/@manualfeed{statusdict /manualfeed true put}B /@copies{/#copies X}B
/FMat[1 0 0 -1 0 0]N /FBB[0 0 0 0]N /nn 0 N /IE 0 N /ctr 0 N /df-tail{
/nn 8 dict N nn begin /FontType 3 N /FontMatrix fntrx N /FontBBox FBB N
string /base X array /BitMaps X /BuildChar{CharBuilder}N /Encoding IE N
end dup{/foo setfont}2 array copy cvx N load 0 nn put /ctr 0 N[}B /df{
/sf 1 N /fntrx FMat N df-tail}B /dfs{div /sf X /fntrx[sf 0 0 sf neg 0 0]
N df-tail}B /E{pop nn dup definefont setfont}B /ch-width{ch-data dup
length 5 sub get}B /ch-height{ch-data dup length 4 sub get}B /ch-xoff{
128 ch-data dup length 3 sub get sub}B /ch-yoff{ch-data dup length 2 sub
get 127 sub}B /ch-dx{ch-data dup length 1 sub get}B /ch-image{ch-data
dup type /stringtype ne{ctr get /ctr ctr 1 add N}if}B /id 0 N /rw 0 N
/rc 0 N /gp 0 N /cp 0 N /G 0 N /sf 0 N /CharBuilder{save 3 1 roll S dup
/base get 2 index get S /BitMaps get S get /ch-data X pop /ctr 0 N ch-dx
0 ch-xoff ch-yoff ch-height sub ch-xoff ch-width add ch-yoff
setcachedevice ch-width ch-height true[1 0 0 -1 -.1 ch-xoff sub ch-yoff
.1 sub]/id ch-image N /rw ch-width 7 add 8 idiv string N /rc 0 N /gp 0 N
/cp 0 N{rc 0 ne{rc 1 sub /rc X rw}{G}ifelse}imagemask restore}B /G{{id
gp get /gp gp 1 add N dup 18 mod S 18 idiv pl S get exec}loop}B /adv{cp
add /cp X}B /chg{rw cp id gp 4 index getinterval putinterval dup gp add
/gp X adv}B /nd{/cp 0 N rw exit}B /lsh{rw cp 2 copy get dup 0 eq{pop 1}{
dup 255 eq{pop 254}{dup dup add 255 and S 1 and or}ifelse}ifelse put 1
adv}B /rsh{rw cp 2 copy get dup 0 eq{pop 128}{dup 255 eq{pop 127}{dup 2
idiv S 128 and or}ifelse}ifelse put 1 adv}B /clr{rw cp 2 index string
putinterval adv}B /set{rw cp fillstr 0 4 index getinterval putinterval
adv}B /fillstr 18 string 0 1 17{2 copy 255 put pop}for N /pl[{adv 1 chg}
{adv 1 chg nd}{1 add chg}{1 add chg nd}{adv lsh}{adv lsh nd}{adv rsh}{
adv rsh nd}{1 add adv}{/rc X nd}{1 add set}{1 add clr}{adv 2 chg}{adv 2
chg nd}{pop nd}]dup{bind pop}forall N /D{/cc X dup type /stringtype ne{]
}if nn /base get cc ctr put nn /BitMaps get S ctr S sf 1 ne{dup dup
length 1 sub dup 2 index S get sf div put}if put /ctr ctr 1 add N}B /I{
cc 1 add D}B /bop{userdict /bop-hook known{bop-hook}if /SI save N @rigin
0 0 moveto /V matrix currentmatrix dup 1 get dup mul exch 0 get dup mul
add .99 lt{/QV}{/RV}ifelse load def pop pop}N /eop{SI restore userdict
/eop-hook known{eop-hook}if showpage}N /@start{userdict /start-hook
known{start-hook}if pop /VResolution X /Resolution X 1000 div /DVImag X
/IE 256 array N 0 1 255{IE S 1 string dup 0 3 index put cvn put}for
65781.76 div /vsize X 65781.76 div /hsize X}N /p{show}N /RMat[1 0 0 -1 0
0]N /BDot 260 string N /rulex 0 N /ruley 0 N /v{/ruley X /rulex X V}B /V
{}B /RV statusdict begin /product where{pop product dup length 7 ge{0 7
getinterval dup(Display)eq exch 0 4 getinterval(NeXT)eq or}{pop false}
ifelse}{false}ifelse end{{gsave TR -.1 .1 TR 1 1 scale rulex ruley false
RMat{BDot}imagemask grestore}}{{gsave TR -.1 .1 TR rulex ruley scale 1 1
false RMat{BDot}imagemask grestore}}ifelse B /QV{gsave newpath transform
round exch round exch itransform moveto rulex 0 rlineto 0 ruley neg
rlineto rulex neg 0 rlineto fill grestore}B /a{moveto}B /delta 0 N /tail
{dup /delta X 0 rmoveto}B /M{S p delta add tail}B /b{S p tail}B /c{-4 M}
B /d{-3 M}B /e{-2 M}B /f{-1 M}B /g{0 M}B /h{1 M}B /i{2 M}B /j{3 M}B /k{
4 M}B /w{0 rmoveto}B /l{p -4 w}B /m{p -3 w}B /n{p -2 w}B /o{p -1 w}B /q{
p 1 w}B /r{p 2 w}B /s{p 3 w}B /t{p 4 w}B /x{0 S rmoveto}B /y{3 2 roll p
a}B /bos{/SS save N}B /eos{SS restore}B end
%%EndProcSet
%%BeginProcSet: special.pro
TeXDict begin /SDict 200 dict N SDict begin /@SpecialDefaults{/hs 612 N
/vs 792 N /ho 0 N /vo 0 N /hsc 1 N /vsc 1 N /ang 0 N /CLIP 0 N /rwiSeen
false N /rhiSeen false N /letter{}N /note{}N /a4{}N /legal{}N}B
/@scaleunit 100 N /@hscale{@scaleunit div /hsc X}B /@vscale{@scaleunit
div /vsc X}B /@hsize{/hs X /CLIP 1 N}B /@vsize{/vs X /CLIP 1 N}B /@clip{
/CLIP 2 N}B /@hoffset{/ho X}B /@voffset{/vo X}B /@angle{/ang X}B /@rwi{
10 div /rwi X /rwiSeen true N}B /@rhi{10 div /rhi X /rhiSeen true N}B
/@llx{/llx X}B /@lly{/lly X}B /@urx{/urx X}B /@ury{/ury X}B /magscale
true def end /@MacSetUp{userdict /md known{userdict /md get type
/dicttype eq{userdict begin md length 10 add md maxlength ge{/md md dup
length 20 add dict copy def}if end md begin /letter{}N /note{}N /legal{}
N /od{txpose 1 0 mtx defaultmatrix dtransform S atan/pa X newpath
clippath mark{transform{itransform moveto}}{transform{itransform lineto}
}{6 -2 roll transform 6 -2 roll transform 6 -2 roll transform{
itransform 6 2 roll itransform 6 2 roll itransform 6 2 roll curveto}}{{
closepath}}pathforall newpath counttomark array astore /gc xdf pop ct 39
0 put 10 fz 0 fs 2 F/|______Courier fnt invertflag{PaintBlack}if}N
/txpose{pxs pys scale ppr aload pop por{noflips{pop S neg S TR pop 1 -1
scale}if xflip yflip and{pop S neg S TR 180 rotate 1 -1 scale ppr 3 get
ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg TR}if xflip yflip
not and{pop S neg S TR pop 180 rotate ppr 3 get ppr 1 get neg sub neg 0
TR}if yflip xflip not and{ppr 1 get neg ppr 0 get neg TR}if}{noflips{TR
pop pop 270 rotate 1 -1 scale}if xflip yflip and{TR pop pop 90 rotate 1
-1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg
TR}if xflip yflip not and{TR pop pop 90 rotate ppr 3 get ppr 1 get neg
sub neg 0 TR}if yflip xflip not and{TR pop pop 270 rotate ppr 2 get ppr
0 get neg sub neg 0 S TR}if}ifelse scaleby96{ppr aload pop 4 -1 roll add
2 div 3 1 roll add 2 div 2 copy TR .96 dup scale neg S neg S TR}if}N /cp
{pop pop showpage pm restore}N end}if}if}N /normalscale{Resolution 72
div VResolution 72 div neg scale magscale{DVImag dup scale}if 0 setgray}
N /psfts{S 65781.76 div N}N /startTexFig{/psf$SavedState save N userdict
maxlength dict begin /magscale true def normalscale currentpoint TR
/psf$ury psfts /psf$urx psfts /psf$lly psfts /psf$llx psfts /psf$y psfts
/psf$x psfts currentpoint /psf$cy X /psf$cx X /psf$sx psf$x psf$urx
psf$llx sub div N /psf$sy psf$y psf$ury psf$lly sub div N psf$sx psf$sy
scale psf$cx psf$sx div psf$llx sub psf$cy psf$sy div psf$ury sub TR
/showpage{}N /erasepage{}N /copypage{}N /p 3 def @MacSetUp}N /doclip{
psf$llx psf$lly psf$urx psf$ury currentpoint 6 2 roll newpath 4 copy 4 2
roll moveto 6 -1 roll S lineto S lineto S lineto closepath clip newpath
moveto}N /endTexFig{end psf$SavedState restore}N /@beginspecial{SDict
begin /SpecialSave save N gsave normalscale currentpoint TR
@SpecialDefaults count /ocount X /dcount countdictstack N}N /@setspecial
{CLIP 1 eq{newpath 0 0 moveto hs 0 rlineto 0 vs rlineto hs neg 0 rlineto
closepath clip}if ho vo TR hsc vsc scale ang rotate rwiSeen{rwi urx llx
sub div rhiSeen{rhi ury lly sub div}{dup}ifelse scale llx neg lly neg TR
}{rhiSeen{rhi ury lly sub div dup scale llx neg lly neg TR}if}ifelse
CLIP 2 eq{newpath llx lly moveto urx lly lineto urx ury lineto llx ury
lineto closepath clip}if /showpage{}N /erasepage{}N /copypage{}N newpath
}N /@endspecial{count ocount sub{pop}repeat countdictstack dcount sub{
end}repeat grestore SpecialSave restore end}N /@defspecial{SDict begin}
N /@fedspecial{end}B /li{lineto}B /rl{rlineto}B /rc{rcurveto}B /np{
/SaveX currentpoint /SaveY X N 1 setlinecap newpath}N /st{stroke SaveX
SaveY moveto}N /fil{fill SaveX SaveY moveto}N /ellipse{/endangle X
/startangle X /yrad X /xrad X /savematrix matrix currentmatrix N TR xrad
yrad scale 0 0 1 startangle endangle arc savematrix setmatrix}N end
%%EndProcSet
TeXDict begin 39158280 55380996 1000 600 600 (crystina.dvi)
@start /Fa 1 16 df<EC3FE0903801FFFC010FEBFF804980017F14F090B67E48814881
4881481680A24816C0A24816E0A24816F0A3B812F8AB6C16F0A36C16E0A26C16C0A26C16
80A26C16006C5D6C5D6C5D6D5C011F14C06D5C010101FCC7FC9038003FE02D2F79B43C>
15 D E /Fb 19 90 df<387FFFC0A2B5FCA26C130012057A901A>45
D<16E01501821503A21507150FA2151FA2153B157B157315E382EC01C114031581EC0701
A2140EA2141C143C143802707F15005C13015C49B5FCA249C7FCA2130E131E131C498016
7E5B13F0485AA21203D80FF014FFD8FFFC011F13F0A22C2F7CAE35>65
D<011FB512FCEEFF80903A00FE000FC0EE03E04AEB01F017F80101140017FC5CA2130317
F84A1301A20107EC03F017E04AEB07C0EE0F80010FEC3F0016FE9138C007F891B512E049
14F89138C0007C4A7F82013F1580A291C7120FA25BA2017E141FA213FEEE3F005B167E00
015D4B5A49495A4B5A0003EC3F80B600FEC7FC15F82E2D7BAC32>I<DA01FE133091390F
FFC07091393F01E0F09138F80079D903E0133D4948EB1FE0D91F80130F49C7FC017E1407
4915C0485A485A5B00071680485AA2485A170048CAFCA25A127EA312FE5AA51638481578
16707E16F0007C5D15014B5A6C5D4BC7FC6C140E6C6C133C6C6C5B6C6C485A3900F80FC0
D97FFFC8FCEB0FF82C2F75AD33>I<011FB512FCEEFF80903A00FE000FC0EE03E04AEB01
F0EE00F80101157C173C4A143E171E0103151FA25CA21307A25CA2130FA24A143FA2131F
173E4A147EA2013F157C17FC91C8FC17F849EC01F0A2017EEC03E0A201FEEC07C0EE0F80
49EC1F00163E00015D5E49495AED07C00003023FC7FCB612FC15E0302D7BAC36>I<011F
B612FEA2903900FE0001EE007E4A143EA20101151E171C5CA21303A25C16E00107130117
0002E05B1503130F15074A485A91B5FC5BECC01F4A6CC7FCA2133FA2DA000E13E0A24914
01030013C0017E1403178001FE14071700495C161E12015E49147CED01FC0003EC0FF8B7
FC5E2F2D7CAC30>I<011FB612F8A2903900FE000716014A13001778130117705CA21303
A25C16E001071301170002E05B1503130F15074A485A91B5FC5BECC01F4A6CC7FCA2133F
A2EC000EA25B92C8FC137EA213FEA25BA21201A25BA21203B512F0A22D2D7CAC2E>I<90
3B1FFFF81FFFF8A2D900FEC7EAFE00A24A5CA2010114015F5CA2010314035F5CA2010714
075F5CA2010F140F5F5C91B6FC5B9139C0001F805CA2013F143F94C7FC91C7FCA2495C16
7E137EA201FE14FE5E5BA2000114015E5BA200031403B500C0B512C0A2352D7BAC35>72
D<90381FFFF8A2903800FE00A25CA21301A25CA21303A25CA21307A25CA2130FA25CA213
1FA25CA2133FA291C7FCA25BA2137EA213FEA25BA21201A25BA21203B512C0A21D2D7CAC
1B>I<90381FFFFEA2D900FEC7FCA25CA21301A25CA21303A25CA21307A25CA2130FA25C
A2131FA25CA2133FA291C7121CA249143C1638017E1478167001FE14F0A249EB01E0A200
011403ED07C049130FED3F80000314FFB7FC1600262D7BAC2D>76
D<D91FFFED0FFF600100EE3FC0A2F07F8018EF902601EF8014FF943801DF0014CFEF039F
01034B5A183E028F140E171C0107167EDA87C0EB387C14071770010FEDE0FC60010EEC01
C0EE0380011E158193380701F090381C03E0160E013CEC1C036001381438A20178EC7007
04E05B90387001F0EDF1C001F09038F3800F6001E0EBF700A2000102FE131F4B91C7FC13
C0486C6C5AD80FF05DD8FFFE9039F00FFFF815E0402D7BAC40>I<D91FFE903803FFF8A2
D900FF9038003F80EF1E00A26F131C49153C6F133814CFA201036D137802C714701487EC
83F0010715F06F5B1401A2010FEBFC0102005C130E157E011E1403037F5B011C133FA201
3C1487031F90C7FC1338ED0FC7017814CF16EE01701307A201F014FE6F5A5B150112015E
491300487E120FD8FFFE1470A2352D7BAC35>I<4AB4FC020F13C091383E03F09138F800
7CD903E07FD907807F011FC77E013E15804914074915C0485AEE03E0485A485AA2485A12
1F90C8FC5AA2003E1507127EA348ED0FC0A3EE1F80A217005E163E167E167C16FC4B5A00
7C5D4B5A6C4A5A4B5A6C4AC7FC6C6C133E6D13F83903E003F03901F80FC026007FFFC8FC
EB0FF02B2F75AD37>I<011FB512FCEEFF80903A00FE000FE0EE03F04AEB00F8A2010115
7CA25C177E130317FC5CA20107EC01F8A24AEB03F017E0010FEC07C0EE0F804AEB3F00ED
01FC91B512F04991C7FC0280C8FCA3133F91C9FCA35B137EA313FE5BA312015BA21203B5
12C0A22F2D7CAC30>I<011FB512E016FC903900FE003FEE0FC04AEB07E016030101EC01
F0A24A14F8A21303EE03F05CA20107EC07E017C04AEB0F80EE1F00010F143E16FC9138C0
07F091B512805B9138C00FE091388003F06F7E133F6F7E91C7FCA2491301A2017E5CA201
FE1303A2495C17080001163C17384914E0EEF07800031670B5D8C00113E09238007FC0C9
EA1F002E2E7BAC34>82 D<91380FF00C91383FFC1C9138F80F3C903903C007BC90390780
03FC90390F0001F8131E491300A24914F0A313F816E0A216007F7F6D7EEB7FF8ECFF806D
13E06D13F801077F01017FEB001FEC01FF6E7E8181A281121CA35D003C141EA25DA2007E
5C5D007F495A6D485A26F1F01FC7FC38E07FFC38C00FF0262F7BAD28>I<000FB712F0A2
3A1FE00FE00701001401001E02C013E0481500141F12380078EC8001A20070013F14C012
F0481400A25CC791C7FC147EA214FEA25CA21301A25CA21303A25CA21307A25CA2130FA2
5CA2131FA25CA2133F003FB57EA22C2D74AC33>I<3B3FFFF007FFF0A2D801FCC7EA7F00
163C5B16380003157816705BA2000715F05E5BA2000F14015E5BA2001F14035E5BA2003F
140793C7FC90C7FCA2485C150E127EA2151E00FE141C5A153C153815781570007C5C1401
007E495A003E495A6C49C8FC6C133C3807C0F83801FFE06C6CC9FC2C2E72AC35>I<B56C
EBFFFCA2D80FF8C7EA1FC06C4815000003151E6D5C5E000115706D5C4B5A00004A5A6D13
074BC7FC017E131E017F131C5D6D6C5A5D148190381FC3C0ECC780010F90C8FC14EE14FC
6D5AA25C5CA35C130FA35C131FA391C9FC5BA35B381FFFF8A22E2D72AC35>89
D E /Fc 1 14 df<ED7FF80207B57E021F14E091397FC00FF8D901FCC712FED903F0143F
D90FC0EC0FC049C8EA03E0013E6F7E0178ED0078498248488248488249820007188048CA
EA03C0000E1701001E18E0001C1700003C18F0003818700078187800701838A300F0183C
48181CA96C183C00701838A30078187800381870003C18F0001C18E0001E1701000E18C0
000F17036C6CEE0780000318006D5E6C6C161E6C6C5E01785E013E4B5A6D4B5AD90FC0EC
0FC0D903F0023FC7FCD901FC14FE903A007FC00FF8021FB512E0020714809126007FF8C8
FC3E3D7CAE47>13 D E /Fd 30 122 df<13E0EA01F01203A2EA07E0EA0FC0EA1F00121E
5A5A12E012400C0C72AD23>19 D<EB3FC0EBFFF03803E07C48487E48487E497E001EEB07
80A2003E14C0A248EB03E0A500FC14F0B0007C14E0A3007E1307003E14C0A36CEB0F806C
14006D5A3807C03E3803F0FC3800FFF0EB3FC01C2D7DAB23>48 D<130C133C137CEA03FC
12FFEAFC7C1200B3B113FE387FFFFEA2172C7AAB23>I<EB7F803801FFF0380780FC380E
003F48EB1F8048EB0FC05A0060EB07E012F000FC14F07E1403A3007C1307C7FCA215E014
0F15C0141F1580EC3F00147E147C5C495A495A495A495A011EC7FC5B5B4913305B485A48
48136048C7FC000E14E0001FB5FC5A4814C0B6FCA21C2C7DAB23>I<EB3FC03801FFF038
07C0FC380E007E487FEC1F80003F14C0A2EB800F1300A2000C131FC7FC1580A2EC3F0014
3E5C5CEB03F0EBFFC014F0EB00FC143FEC1F8015C0140F15E0A2EC07F0A21238127C12FE
A3EC0FE012F8006014C00070131F6C1480001EEB3F00380780FC3801FFF038007FC01C2D
7DAB23>I<140EA2141E143EA2147E14FEA2EB01BE1303143E1306130E130C1318133813
30136013E013C0EA0180120313001206120E120C5A123812305A12E0B612FCA2C7EA3E00
A9147F90381FFFFCA21E2D7EAC23>I<000CEB0180380FC01F90B512005C5C14F014C0D8
0C7EC7FC90C8FCA8EB1FC0EB7FF8380DE07C380F801F01001380000E130F000CEB07C0C7
13E0A2140315F0A4127812FCA448EB07E012E0006014C00070130F6C14806CEB1F006C13
3E380780F83801FFE038007F801C2D7DAB23>I<EB03F8EB0FFE90383E0780EBF8013901
F007C03803E00FEA07C0EA0F80A2391F00078091C7FC123EA2127EA2127CEB0FC038FC3F
F0EBF07C38FDC01EB4487E01001380EC07C04814E0A214034814F0A4127CA3127EA2003E
14E01407121E001F14C06CEB0F803907801F003803C03E6C6C5A38007FF0EB1FC01C2D7D
AB23>I<1230123C003FB512F8A215F05A15E039700001C000601480140348EB0700140E
140CC7121C5C143014705C495AA2495AA249C7FCA25B130E131EA2133EA3133C137CA413
FCA913781D2E7CAC23>I<EB1FC0EBFFF03803E07C3807801E48487E001EEB0780A248EB
03C0A4123E1407003F1480381FC00F01E01300EBF81E6C6C5A3807FFF86C13E0C6FCEB3F
F8EBFFFC3803C7FFD807831380D81F0013C0001E133F48EB1FE0007C13070078EB03F012
F84813011400A46C14E000781301007C14C0003C13036CEB0780390F800F003807E03C38
01FFF038003FC01C2D7DAB23>I<EB3F80EBFFF03803E0783807C03E48487E48487E003E
14801407007E14C0127C00FC14E01403A315F0A5007C1307127EA2003E130F7E6C131F38
07803B3803E0F33800FFC390383F03E013001407A215C0A2140F001E1480003F14005C14
3E143C003E5B001C5B380E03E03807FF80D801FEC7FC1C2D7DAB23>I<B712FEA23903F8
00010001EC003E828282A282A3178016011518A293C7FCA31538157815F890B5FCA2EBF8
00157815381518A21760A392C712C0A4160117801603A21607160F163F0003913801FF00
B8FCA22B2D7EAC30>69 D<B712FCA23903F800030001EC007C163E161E160EA21606A316
0716031518A21600A31538157815F890B5FCA2EBF800157815381518A592C7FCAB487EB5
12F8A2282D7EAC2E>I<B512F8A2D803FCC8FC6C5AB3A7160CA41618A41638A2167816F8
1501ED07F00003141FB7FCA2262D7EAC2C>76 D<B612FCEDFF803A03F8000FE00001EC03
F0ED00F882167E167F821780A617005E167E5E5EED03F0ED0FE090B6128003FCC7FC01F8
C9FCB2487EB512F0A2292D7EAC30>80 D<13FF000713C0380F01F0381C00F8003F137C80
A2143F001E7FC7FCA4EB07FF137F3801FE1FEA07F0EA1FC0EA3F80EA7F00127E00FE1406
5AA3143F7E007E137F007FEBEF8C391F83C7FC390FFF03F83901FC01E01F207D9E23>97
D<EB1FE0EB7FFC3801F01E3803E0073907C01F80EA0F80EA1F005A003EEB0F00007E90C7
FCA2127C12FCA9127EA215C07E6C130101801380380FC0033907E007003801F03E38007F
F8EB1FC01A207E9E1F>99 D<15F8141FA214011400ACEB0FE0EB7FF83801F81E3803E007
3807C003380F8001EA1F00481300123E127EA25AA9127C127EA2003E13017EEB8003000F
13073903E00EFC3A01F03CFFC038007FF090391FC0F800222F7EAD27>I<EB1F80EBFFF0
3803E0783807C03E380F801E381F001FEC0F80123E007E130715C0127C12FCA3B6FCA200
FCC8FCA5127EA2003E14C0123F6C1301390F80038001C013003803E00F3801F03C38007F
F8EB1FC01A207E9E1F>I<EA07C012FFA2120F1207AC14FE9038C3FF809038C703E09038
DE01F013F8496C7EA25BA25BB2486C487E3AFFFE1FFFC0A2222E7EAD27>104
D<EA0780EA0FC0EA1FE0A4EA0FC0EA0780C7FCA8EA07C012FFA2120F1207B3A5EA0FE0EA
FFFCA20E2E7EAD14>I<EA07C012FFA2120F1207B3B3A3EA0FE0EAFFFEA20F2E7EAD14>
108 D<3807C0FE39FFC3FF809038C703E0390FDE01F0EA07F8496C7EA25BA25BB2486C48
7E3AFFFE1FFFC0A2221E7E9D27>110 D<EB1FE0EB7FF83801F03E3803C00F3907800780
390F0003C04814E0003EEB01F0A248EB00F8A300FC14FCA9007C14F8A26CEB01F0A26CEB
03E0A2390F8007C03907C00F803901F03E0038007FF8EB1FE01E207E9E23>I<90380FE0
1890387FF8383801F81C3903E00E783807C007390F8003F8001F1301EA3F00A2007E1300
A212FE5AA8127EA36C13017EEB8003380FC0073803E00E3801F03C38007FF0EB1FC090C7
FCA94A7E91381FFFC0A2222B7E9D25>113 D<380781F838FF87FEEB8E3FEA0F9CEA07B8
13B0EBF01EEBE000A45BB0487EB5FCA2181E7E9D1C>I<3801FE183807FFB8381E01F8EA
3C00481378481338A21418A27E7EB41300EA7FF06CB4FC6C13C06C13F0000113F838001F
FC130138C0007E143EA26C131EA27EA26C133CA26C137838FF01F038E3FFC000C0130017
207E9E1C>I<1360A413E0A312011203A21207121FB512F0A23803E000AF1418A7143838
01F03014703800F860EB3FE0EB0F80152A7FA81B>I<D807C013F800FF131FA2000F1301
00071300B21401A314033803E007EC0EFC3A01F81CFFC038007FF890391FE0F800221F7E
9D27>I<3AFFFC01FFC0A23A0FE0007E000007147C1538000314306D137000011460A26C
6C5BA2EBFC01017C5BEB7E03013E90C7FCA2EB1F06A2148EEB0F8CA2EB07D8A2EB03F0A3
6D5AA26D5AA2495AA2130391C8FC1278EAFC06A25B131CEA7838EA7070EA3FE0EA0F8022
2B7F9C25>121 D E /Fe 45 123 df<EA01E0EA07F0120F13F8121FA3120FEA07B0EA00
30A21370136013E013C0120113801203EA0700120E5A5A5A5A5A0D196EB919>39
D<EA03C0EA07F0120F121F13F8A313F0EA07B0EA003013701360A213E013C01201EA0380
13005A120E5A5A5A5A5A0D197A8819>44 D<387FFFF8A2B5FCA214F0150579941E>I<12
0EEA3F80127F12FFA31300127E123C0909778819>I<15181538157815F0140114031407
EC0FE0141F147FEB03FF90383FEFC0148FEB1C1F13001580A2143FA21500A25CA2147EA2
14FEA25CA21301A25CA21303A25CA21307A25CA2130FA25CA2131FA25CA2133FA291C7FC
497EB61280A31D3877B72A>49 D<010314186E13F8903907F007F091B512E016C0160049
5B15F8010E13E0020CC7FC011EC8FC131CA3133C1338A313781370A2147F9038F3FFC090
38EF83E09038FC01F0496C7E485A497F49137CC8FC157EA315FEA41401000C5C123F5A14
03485C5A4A5A12F800E05C140F4A5A5D6C49C7FC0070137E00785B387C01F8383E07F038
1FFFC06C90C8FCEA01F8253A77B72A>53 D<157F913803FFC0020F13E0EC3F8191387E00
F002F81370903903F003F0903807E007EB0FC0EB1F80020013E04914C0017E90C7FC13FE
5B485AA21203485AA2380FE07E9038E3FF809038E783E0391FCE01F09038DC00F813F848
48137C5B49137EA2485AA290C7FC15FE5A5AA214015D5AA214035DA348495A5D140F5D4A
5A6C49C7FC127C147C6C485A6C485A6CB45A6C1380D801FCC8FC243A76B72A>I<D9707C
130ED9F3FE131E496C133C48B5133816784815F0EC0F019039FC0703E03A07F00307C001
E0138F3A0FC001FF80497E48C7EA0F00001E5C48141E153E48143C157C485C5A4A5AC7FC
4A5AA24A5A140FA24A5AA24AC7FCA25C147E14FE5C1301A25C1303A2495AA3130F5CA213
1F5CA2133FA25C137FA391C8FC137E133C273A74B72A>I<EC01FCEC0FFF023F13809138
7E07C0903901F803E0EB03F0903907E001F0EB0FC0EB1F80013F14F814005B137E13FEA2
485AA2150312035BA2ED07F012075B150FA216E00003141FA2153FED7FC0120115FF6C6C
5A90397803BF8090383C0F3FD91FFC1300903807F07F90C7FC157E15FE5D14015D4A5AA2
003E495A007F495A5D4AC7FC00FE5B48137E007013F8387803F0387C0FE0383FFF806C48
C8FCEA03F8253A78B72A>57 D<EE01C01603A21607160FA2161F83163FA2167F16FF16EF
150116CFED038FA2ED070FA2150E151E151C1538A203707FA2EDE007A2EC01C014031580
EC0700A2140EA25CA25C027FB5FCA291B6FC9139E00007F849481303A2495A130791C7FC
5B130E5BA25B1378137013F0EA03F8486C4A7EB56C48B512F0A3343C7BBB3E>65
D<DB03FE130E92393FFF801E92B5EAE03C913903FE01F0913A0FF000787CDA3FC0EB3CFC
4AC7EA1FF802FE140FEB03FC49481407494815F049481403495A5C49C813E05B485A5B00
0317C0485AA2485A1880485A94C7FCA2485AA3127F5BA312FF90CBFCA41738A217784816
707E17F06C5E16015F16036C6C4A5A94C7FC001F150E6D141E000F5D6D5C6C6C495A6C6C
EB03C0D801FEEB0F8027007F807EC8FC6DB45A010F13E0010090C9FC373D74BA3B>67
D<0103B612FEEFFFC018F0903B0007F8000FF84BEB03FCEF00FE020F157FF03F804B141F
19C0021F150F19E05D1807143F19F05DA2147FA292C8FCA25C180F5CA2130119E04A151F
A2130319C04A153FA201071780187F4A1600A2010F16FEA24A4A5A60011F15034D5A4A5D
4D5A013F4B5A173F4A4AC7FC17FC017FEC03F84C5A91C7EA1FC04949B45A007F90B548C8
FCB712F016803C397CB83F>I<0107B8FCA3903A000FF000034BEB007F183E141F181E5D
A2143FA25D181C147FA29238000380A24A130718004A91C7FC5E13015E4A133E167E49B5
12FEA25EECF8000107147C163C4A1338A2010F147818E04A13701701011F16C016004A14
031880013F150718004A5CA2017F151E173E91C8123C177C4915FC4C5A4914070001ED7F
F0B8FCA25F38397BB838>I<0107B712FEA3903A000FF000074B1300187C021F153CA25D
A2143FA25D1838147FA292C8FCEE03804A130718004A91C7FCA201015CA24A131E163E01
0314FE91B5FC5EA2903807F800167C4A1378A2130FA24A1370A2011F14F0A24A90C8FCA2
133FA25CA2137FA291CAFCA25BA25B487EB6FCA337397BB836>I<DB03FE130E92393FFF
801E92B5EAE03C913903FE01F0913A0FF000787CDA3FC0EB3CFC4AC7EA1FF802FE140FEB
03FC49481407494815F049481403495A5C49C813E05B485A5B000317C0485AA2485A1880
485A94C7FCA2485AA3127F5BA312FF90CBFC0307B512E0A392390007FC00705A16075FA3
6C150F5FA36C6C141FA2001F5E6D143F6C7E167F6C6C4A5A6C6CEB03EFD801FEEB07C73A
007FC03F0790273FFFFC03C7FC010F01F0C8FC01001380373D74BA40>I<0103B512F8A3
90390007F8005DA2140FA25DA2141FA25DA2143FA25DA2147FA292C7FCA25CA25CA21301
A25CA21303A25CA21307A25CA2130FA25CA2131FA25CA2133FA25CA2137FA291C8FC497E
B6FCA25C25397CB820>73 D<902607FFF8923807FFF0614F13E0D9000FEFF0004F5AA202
1F167FF1EFC0141DDA1CFCEC01CF023C16DF9538039F800238ED071FA20278ED0E3F97C7
FC0270151CA202F04B5AF0707E14E0037E14E0010117FE4D485A02C0EC0380A20103ED07
01610280140EA20107ED1C0305385B14006F137049160705E05B010EEC01C0A2011E9138
03800F61011CEC0700A2013C020E131F4C5C1338ED1FB80178163F04F091C8FC01705CA2
01F04A5B187E00015DD807F816FEB500C09039007FFFFC151E150E4C397AB84A>77
D<902603FFF891B512E0A281D90007923807F8006F6E5A61020F5E81DA0E7F5DA2021E6D
1307033F92C7FC141C82DA3C1F5C70130EEC380FA202786D131E0307141C147082DAF003
143C70133814E0150101016E1378030014705C8201036E13F0604A1480163F010715C104
1F5B91C7FC17E149EC0FE360010E15F31607011E15FF95C8FC011C80A2013C805F133816
0013785F01F8157CEA03FC267FFFE0143CB51538A243397CB83E>I<ED03FE92383FFFC0
9238FC07F0913903E001F891390F80007C023FC77E027E8002F815804948EC0FC0EB07E0
4948EC07E0131F4A15F049C81203137E01FE16F8485AA2485AA2485AA2120F5B001F1607
5B123FA34848ED0FF0A448C9EA1FE0A3EF3FC0A21880177F18005F5F16015F6C4B5A4C5A
A24C5A6C4B5A6D4A5A001F93C7FC6D147E000F5D6C6CEB03F06C6C495A6C6CEB0F806C6C
013FC8FC90383F01FC90381FFFE0010190C9FC353D74BA40>I<0107B612F817FF188090
3B000FF0003FE04BEB0FF0EF03F8141FEF01FC5DA2023F15FEA25DA2147FEF03FC92C7FC
A24A15F817074A15F0EF0FE01301EF1FC04AEC3F80EFFE0001034A5AEE0FF091B612C04C
C7FCD907F8C9FCA25CA2130FA25CA2131FA25CA2133FA25CA2137FA291CAFCA25BA25B12
01B512FCA337397BB838>I<92383FC00E913901FFF01C020713FC91391FC07E3C91393F
001F7C027CEB0FF84A130749481303495A4948EB01F0A2495AA2011F15E091C7FCA34915
C0A36E90C7FCA2806D7E14FCECFF806D13F015FE6D6D7E6D14E0010080023F7F14079138
007FFC150F15031501A21500A2167C120EA3001E15FC5EA3003E4A5AA24B5AA2007F4A5A
4B5A6D49C7FC6D133ED8F9F013FC39F8FC03F839F07FFFE0D8E01F138026C003FCC8FC2F
3D7ABA2F>83 D<0007B812E0A25AD9F800EB001F01C049EB07C0485AD900011403121E00
1C5C003C17801403123800785C00701607140700F01700485CA2140FC792C7FC5DA2141F
A25DA2143FA25DA2147FA292C9FCA25CA25CA21301A25CA21303A25CA21307A25CA2130F
A25CEB3FF0007FB512F8B6FCA2333971B83B>I<B5D8F80FB590381FFFF06102F018E0D8
07FEC7D87FE0903803FE00D803F8DA3F806D5AF100F0A24F5A621903621907047F92C7FC
190E16FF4B5DA2DB03BF5C7F0001DA073F5CA2030E5D83DB1C1F495A180303385D4EC8FC
157003F0140E15E0DA01C05CA2DA03805CA2DA07005CA2020E5D17C14A5DEFC3805C0278
02C7C9FC14704A14CE13FE6C6C4814DCA24A14F8A291C75B160F495D5F5B5F5B4992CAFC
A249140E4C3B6FB853>87 D<14F8EB07FE90381F871C90383E03FE137CEBF80112014848
6C5A485A120FEBC001001F5CA2EA3F801403007F5C1300A21407485C5AA2140F5D48ECC1
C0A2141F15831680143F1587007C017F1300ECFF076C485B9038038F8E391F0F079E3907
FE03FC3901F000F0222677A42A>97 D<133FEA1FFFA3C67E137EA313FE5BA312015BA312
035BA31207EBE0F8EBE7FE9038EF0F80390FFC07C013F89038F003E013E0D81FC013F0A2
1380A2123F1300A214075A127EA2140F12FE4814E0A2141F15C05AEC3F80A215005C147E
5C387801F8007C5B383C03E0383E07C0381E1F80D80FFEC7FCEA01F01C3B77B926>I<14
7F903803FFC090380FC1E090381F0070017E13784913383901F801F83803F003120713E0
120FD81FC013F091C7FC485AA2127F90C8FCA35A5AA45AA3153015381578007C14F0007E
EB01E0003EEB03C0EC0F806CEB3E00380F81F83803FFE0C690C7FC1D2677A426>I<ED01
F815FFA3150316F0A21507A216E0A2150FA216C0A2151FA21680A2153FA202F81300EB07
FE90381F877F90383E03FF017C5BEBF80112013803F00048485B120FEBC001121F5DEA3F
801403127F01005BA214075A485CA2140FA248ECC1C0A2141F15C3ED8380143F1587007C
017F1300ECFF076C485B9038038F8E391F0F079E3907FE03FC3901F000F0253B77B92A>
I<147F903803FFC090380FC1E090383F00F0017E13785B485A485A485A120F4913F8001F
14F0383F8001EC07E0EC1F80397F81FF00EBFFF891C7FC90C8FC5A5AA55AA21530007C14
381578007E14F0003EEB01E0EC03C06CEB0F806CEB3E00380781F83803FFE0C690C7FC1D
2677A426>I<ED07C0ED1FF0ED3E38ED7C3CEDF8FC15F9140115F1020313F8EDF0F01600
14075DA4140F5DA4141F5D010FB512C05B16809039003F800092C7FCA45C147EA414FE5C
A413015CA413035CA413075CA4130F5CA3131F5CA391C8FC5B121CEA7E3EA2EAFE3C137C
1378EAF8F01278EA3FC0EA0F80264C82BA19>I<EC07C0EC3FF09138FC38E0903901F01F
F0EB03E0903807C00FEB0F80011F1307D93F0013E05B017E130F13FE4914C01201151F12
03491480A2153F1207491400A25DA249137EA215FEA25D00031301140314076C6C485A00
00131FEB787BEB3FF390380FC3F0EB00031407A25DA2140F5D121C007E131F5D00FE49C7
FC147E5C387801F8387C07E0381FFF80D803FEC8FC24367CA426>I<EB03F0EA01FFA3EA
00075CA3130F5CA3131F5CA3133F91C8FCA35B90387E07F0EC1FFCEC783E9038FFE01F02
C01380EC800F1400485A16C05B49EB1F8012035BA2153F000715005BA25D000F147E5B15
FE5D121FD98001131C15F8163C003F01031338010013F0A216704814E0007E15F016E0ED
E1C000FE903801E38048903800FF000038143C263B7BB92A>I<EB01C0EB07E014F0130F
14E01307EB038090C7FCAB13F0EA03FCEA071EEA0E1F121CA212385B1270A25BEAF07E12
E013FEC65AA212015B1203A25B12075BA2000F13E013C013C1001F13C01381A2EB838013
03EB0700A2130E6C5AEA07F8EA01E0143879B619>I<EB03F0EA01FFA3EA00075CA3130F
5CA3131F5CA3133F91C8FCA35B017EEB0F80ED3FE015F09039FE01C1F09038FC0387EC07
07140E0001011C13E0EBF83891383003800270C7FC00035BEBF1C0EBF38001FFC8FCEA07
FC7FEBFFC0EBE7F8380FE1FCEBC07E147F80001F809039801F81C0A21583003F013F1380
01001303A21507481500007E133EEC1E0E151E00FE6D5A48EB07F80038EB01E0243B7BB9
26>107 D<EB0FC0EA07FFA3EA001F1480A2133FA21400A25BA2137EA213FEA25BA21201
A25BA21203A25BA21207A25BA2120FA25BA2121FA25BA2123FA290C7FCA25AA2EA7E0EA2
12FE131EEAFC1CA2133C133812F81378EA7870EA7CE0121FEA0F80123B79B915>I<D801
E001FEEB07F03C07F803FF801FFC3C0E3C0F07C0783E3C1E3E3C03E1E01F261C1F78D9F3
C013803C383FF001F7800F02E01400007801C013FE007018C002805B4A4848EB1F80EAF0
7FD8E07E5CA200000207143F01FE1700495CA2030F5C0001177E495C18FE031F5C120349
DA8001131C18F8033F153C00070403133849020013F0A24B1570000F17E049017E15F019
E003FEECE1C0001FEE01E34949903800FF000007C70038143C3E2679A444>I<D801E013
FE3A07F803FF803A0E3C0F07C03A1E3E3C03E0261C1F787F39383FF00114E0007813C000
708114804A485AEAF07FEAE07EA20000140701FE5C5BA2150F00015D5B151F5E12034990
383F8380160316070007027F130049137EA2160E000F147C49141E161C5E001FEC3C7849
EB1FE00007C7EA0780292679A42F>I<147F903803FFC090380FC1F090381F00F8017E13
7C5B4848137E4848133E0007143F5B120F485AA2485A157F127F90C7FCA215FF5A4814FE
A2140115FC5AEC03F8A2EC07F015E0140F007C14C0007EEB1F80003EEB3F00147E6C13F8
380F83F03803FFC0C648C7FC202677A42A>I<9039078007C090391FE03FF090393CF078
7C903938F8E03E9038787FC00170497EECFF00D9F0FE148013E05CEA01E113C15CA2D800
03143FA25CA20107147FA24A1400A2010F5C5E5C4B5A131F5EEC80035E013F495A6E485A
5E6E48C7FC017F133EEC70FC90387E3FF0EC0F8001FEC9FCA25BA21201A25BA21203A25B
1207B512C0A3293580A42A>I<3903C003F0390FF01FFC391E783C0F381C7C703A3C3EE0
3F8038383FC0EB7F800078150000701300151CD8F07E90C7FCEAE0FE5BA2120012015BA3
12035BA312075BA3120F5BA3121F5BA3123F90C9FC120E212679A423>114
D<14FE903807FF8090380F83C090383E00E04913F00178137001F813F00001130313F0A2
15E00003EB01C06DC7FC7FEBFFC06C13F814FE6C7F6D13807F010F13C01300143F141F14
0F123E127E00FE1480A348EB1F0012E06C133E00705B6C5B381E03E06CB45AD801FEC7FC
1C267AA422>I<EB0380EB07C0130FA4131F1480A3133F1400A35B137E007FB5FCA2B6FC
3800FC00A312015BA312035BA312075BA3120F5BA3121FEB801CA2143C003F1338EB0078
147014F014E0EB01C0EA3E03381F0780380F0F00EA07FCEA01F0183579B31C>I<13F8D8
03FEEB01C0D8078FEB03E0390E0F8007121E121C0038140F131F007815C01270013F131F
00F0130000E015805BD8007E133FA201FE14005B5D120149137EA215FE120349EBFC0EA2
0201131E161C15F813E0163CD9F003133814070001ECF07091381EF8F03A00F83C78E090
393FF03FC090390FC00F00272679A42D>I<01F01507D803FC903903801F80D8071E9039
07C03FC0D80E1F130F121C123C0038021F131F49EC800F00701607A249133FD8F07E1680
00E0ED000313FEC64849130718000001147E5B03FE5B0003160E495BA2171E0007010114
1C01E05B173C1738A217781770020314F05F0003010713016D486C485A000190391E7C07
802800FC3C3E0FC7FC90393FF81FFE90390FE003F0322679A437>119
D<13F0D803FCEB01C0D8071EEB03E0D80E1F1307121C123C0038140F4914C01270A24913
1FD8F07E148012E013FEC648133F160012015B5D0003147E5BA215FE00075C5BA214015D
A314035D14070003130FEBF01F3901F87FE038007FF7EB1FC7EB000F5DA2141F003F5C48
133F92C7FC147E147C007E13FC387001F8EB03E06C485A383C1F80D80FFEC8FCEA03F023
3679A428>121 D<903903C0038090380FF007D91FF81300496C5A017F130E9038FFFE1E
9038F83FFC3901F007F849C65A495B1401C7485A4A5A4AC7FC141E5C5C5C495A495A495A
49C8FC131E5B49131C5B4848133C48481338491378000714F8390FF801F0391FFF07E038
3E1FFFD83C0F5B00785CD8700790C7FC38F003FC38E000F021267BA422>I
E /Ff 29 90 df<B512FEA617067F961E>45 D<EB01C013031307131F137FEA07FFB5FC
139FEAF81F1200B3B3ACEB7FF0B612F8A31D3D78BC2D>49 D<EB07FC90383FFF8090B512
E03903F01FF83907C007FC390F0001FE001E6D7E001C1580003CEC7FC05AED3FE01270B4
FC6DEB1FF07FA56C5A6CC7FC120CC813E0153FA216C0157F168015FF16004A5A5D4A5A4A
5A5D4A5A4A5A4AC7FC147E147C5C495A495A495A495A49C71270133E133C5B4914E0485A
485A485A48C7120148B6FCA25A4815C0B7FCA3243D7CBC2D>I<EB07FC90383FFF809038
F80FE03901E003F839078001FCD80F007F000E6D7E001E1580D81F80137F486C14C07FA2
7F5BA2121F6C5AC8138015FF1600A24A5AA24A5A5DEC07E04A5A023FC7FCEB1FFCECFF80
9038000FE0EC07F86E7E6E7E6E7E1680ED7FC0A216E0153FA216F0A2120C123F487E487E
A316E0A249137F6CC713C01278EDFF807E6C4913006C495A3907C007FC3903F80FF0C6B5
5A013F1380D907F8C7FC243F7CBC2D>I<150E151E153EA2157EA215FE1401A21403EC07
7E1406140E141CA214381470A214E0EB01C0A2EB0380EB0700A2130E5BA25B5BA25B5B12
01485A90C7FC5A120E120C121C5AA25A5AB8FCA3C8EAFE00AC4A7E49B6FCA3283E7EBD2D
>I<00061403D80780131F01F813FE90B5FC5D5D5D15C092C7FC14FCEB3FE090C9FCACEB
01FE90380FFF8090383E03E090387001F8496C7E49137E497F90C713800006141FC813C0
A216E0150FA316F0A3120C127F7F12FFA416E090C7121F12FC007015C012780038EC3F80
123C6CEC7F00001F14FE6C6C485A6C6C485A3903F80FE0C6B55A013F90C7FCEB07F8243F
7CBC2D>I<EC1FE0ECFFF8903803F03E90380FC00F90391F000780133E017EEB1FC04913
3F4848137F12035B12074848EB3F80ED1F00001F91C7FC5BA2123FA3485AA214FE903887
FF8039FF8F07E090389C01F09038B800FC01B0137E13F0497F16804914C0A2ED1FE0A349
14F0A5127FA6123F6D14E0A2121FED3FC0A26C6C1480A20007EC7F006C6C137E6C6C5B6C
6C485A90387E07F06DB45A010F1380D903FCC7FC243F7CBC2D>I<1238123C123F90B612
FCA316F85A16F016E00078C712010070EC03C0ED078016005D48141E151C153C5DC81270
15F04A5A5D14034A5A92C7FC5C141EA25CA2147C147814F8A213015C1303A31307A3130F
5CA2131FA6133FAA6D5A0107C8FC26407BBD2D>I<15074B7EA34B7EA34B7EA34B7EA34B
7E15E7A2913801C7FC15C3A291380381FEA34AC67EA3020E6D7EA34A6D7EA34A6D7EA34A
6D7EA34A6D7EA349486D7E91B6FCA249819138800001A249C87EA24982010E157FA2011E
82011C153FA2013C820138151FA2017882170F13FC00034C7ED80FFF4B7EB500F0010FB5
12F8A33D417DC044>65 D<B712FCEEFF8017F00001903980000FF86C6CC7EA03FE707E70
1380EF7FC0EF3FE0A2EF1FF0A218F8A3170F171FA318F0A2EF3FE0177F18C0EFFF804C13
00EE03FCEE0FF8EE7FE091B6C7FC17E091C7EA07FCEE01FE933800FF80EF7FC0EF3FE0EF
1FF018F8170F18FC1707A218FEA718FC170FA2EF1FF818F0173FEF7FE0EFFFC004031380
48486C90380FFE00B85A17E094C7FC373E7DBD40>I<DB3FF01306912603FFFE130E020F
9038FF801E913A3FF007E03E9139FF8000F8D903FEC7EA7C7ED907F8EC1EFE4948140FD9
3FE0140749481403495A91C812014848150012034848167E5B000F173EA24848161EA212
3F5B180E127FA349160012FFAC127F7F180EA2123FA27F001F171E181C6C7EA20007173C
6D16386C6C1678000117706C6C16F06EEC01E06D6C15C06D6C1403D90FF0EC07806D6CEC
1F00D903FE143E902600FF8013F891393FF007F0020FB512C0020391C7FC9138003FF037
427BBF42>I<B712FCEEFF8017E000019039C0001FF86C6C48EB03FEEE00FF717E717EEF
0FE084717E717E170184717EA21980187F19C0A3F03FE0A519F0AB19E0A5F07FC0A21980
A218FF19004D5AA24D5A6017074D5A4D5AEF7FC04DC7FCEE03FE48486CEB1FF8B85A1780
04FCC8FC3C3E7DBD45>I<B912E0A300019038C000016C6C48EB001FEF0FF01703A21701
1700A31870A41838161CA41800A2163CA2167C16FC150391B5FCA3EC80031500167C163C
A2161CA21807A3180E93C7FCA4181E181CA2183CA2187CA218F8170117031707171F4848
6CEB01FFB912F0A3383E7DBD3E>I<B91280A300019038C000036C6C48EB007FEF1FC017
0F1707A21703A31701A4EF00E0A21638A31800A31678A216F81501150791B5FCA3EC8007
150115001678A21638A693C8FCAF3801FFE0B612F0A3333E7DBD3B>I<DB3FE0130C9126
03FFFE131C021F9038FF803C913A7FF00FC07C9139FF0001F0D903FC90380078FC494814
3DD91FE0141F4948140F4948140701FF15034890C8FC491501485A000716005B000F177C
5B001F173CA2485AA2181C127FA25B95C7FC12FFAB041FB512F0127FA26D9139000FFE00
EF03FC123FA27F121FA26C7EA212077F12036C7E7F6C7F6D6C14076D7E6D6C140FD907F8
141ED903FEEC3C7C902600FF80EBF83C913A7FF007F01C021FB5EAC00C020391C8FC9138
003FF03C427BBF47>I<B6D8C01FB512F8A3000101E0C7383FFC0026007F80EC0FF0B3A6
91B7FCA30280C7120FB3A92601FFE0EC3FFCB6D8C01FB512F8A33D3E7DBD44>I<B612F0
A3C6EBF000EB3FC0B3B3B2EBFFF0B612F0A31C3E7EBD21>I<B600C090387FFFFCA30001
01E0C7000F138026007F80913807FE0018F818E0604D5A4DC7FC173E5F5F4C5A4C5A4C5A
4C5A4CC8FC163E5E5E4B5A4B5AED07804B7E151F4B7E4B7E15FF913881EFF8913883C7FC
EC878791388F03FE91389E01FF14BCDAF8007F4A6D7E5C4A6D7E4A6D7EA2707E707EA270
7E707EA2707F717E84173F717E717EA2717E848419802601FFE04A13C0B600C090B6FCA3
403E7DBD47>75 D<B612F8A3000101E0C9FC38007F80B3B0EF0380A517071800A45FA35F
A25F5F5F4C5A160748486C133FB8FCA3313E7DBD39>I<B500C093383FFFF0A300016D93
387FF800D8007F18E0D977F016EFA3D973F8ED01CFA2D971FCED038FA3D970FEED070FA2
6E150E80A26E6C141CA36E6C1438A26E6C1470A36E6C14E0A26E6CEB01C0A36E6CEB0380
A36E6CEB0700A2037F130EA36F6C5AA26F6C5AA36F6C5AA25FED07F0A2923803F9C0A36F
B45AA26F90C7FCA213F8486C147ED807FFEF3FF8B500F8013C011FB512F0A34C3E7DBD53
>I<B56C91B512F88080D8007F030713006EEC01FC6E6E5A1870EB77FCEB73FEA2EB71FF
01707FA26E7E6E7EA26E7E6E7EA26E7E6E7EA26E7E6E7FA26F7E6F7EA26F7E6F7EA26F7E
6F7EA26F7E6F1380A2EE7FC0EE3FE0A2EE1FF0EE0FF8A2EE07FCEE03FEA2EE01FF7013F0
A2177F173FA2171F170FA2170701F81503487ED807FF1501B500F81400A218703D3E7DBD
44>I<ED7FE0913807FFFE91391FC03F8091397E0007E04948EB03F8D907F0EB00FE4948
147F49486E7E49486E7E49C86C7E01FE6F7E00018349150300038348486F7EA248486F7E
A2001F188049167F003F18C0A3007F18E049163FA300FF18F0AC007F18E06D167FA4003F
18C0A26C6CEEFF80A36C6C4B1300A26C6C4B5A00035F6D150700015F6C6C4B5A6D5E6D6C
4A5A6D6C4A5A6D6C4AC7FC6D6C14FED901FCEB03F8D9007FEB0FE091391FC03F80912607
FFFEC8FC9138007FE03C427BBF47>I<B712F8EEFF8017E000019039C0003FF86C6C48EB
07FCEE01FE707EEF7F80EF3FC018E0A2EF1FF0A218F8A818F0A2EF3FE0A218C0EF7F80EF
FF004C5AEE07FCEE3FF091B612C04CC7FC0280C9FCB3A73801FFE0B612C0A3353E7DBD3E
>I<B712C016FCEEFF800001D9C00013E06C6C48EB1FF0EE07FCEE01FE707E84717EA271
7EA284A760177F606017FF95C7FCEE01FCEE07F8EE1FE0EEFF8091B500FCC8FC16F09138
8001FCED003FEE1FC0707E707E83160383160183A383A484A4F0C004190EA28218E0057F
131E2601FFE0161CB600C0EB3FF094381FF83805071370CA3801FFE09438003F803F407D
BD43>82 D<D907FC130C90391FFF801C017FEBF03C3901FC03F83A03F0007E7CD807C0EB
1FFC4848130F001F140748C71203003E1401007E1400A2007C157C12FCA2163CA36C151C
A27EA26C6C14007F7FEA3FF8EBFF806C13F86CEBFF806C14F06C14FC6C14FF6C15C0013F
14E0010714F0EB007F020713F89138007FFC150FED07FE15031501ED00FFA200E0157FA3
163FA27EA3163E7E167E6C157C6C15FC6C15F86D13016DEB03F06DEB07E0D8F9FCEB0FC0
3AF07F803F8090391FFFFE00D8E00713F839C0007FC028427BBF33>I<003FB91280A390
3AF0007FE001018090393FC0003F48C7ED1FC0007E1707127C00781703A300701701A548
EF00E0A5C81600B3B14B7E4B7E0107B612FEA33B3D7DBC42>I<B600C090B512F8A30001
01E0C70007130026007F80EC01FC715A1870B3B3A4013F16F06E5DA21701011F5E80010F
15036E4A5A010793C7FC6D6C5C6D6C141E6D6C5C027F14F86E6C485A91390FF00FE00203
B51280020049C8FCED1FF03D407DBD44>I<B500FE017FB5D88007B5FCA3000301C00101
01E0C713F86C90C849EC3FE07148EC0F807E7215006E143F017F190E84A26D6C60A24D7E
6D6C60A2EFE7F86D6C60A2933801C3FC6E18F001076104037F6E0281140101036104077F
17006D6C4D5AA2040EEB7F806D6C4DC7FCA24CEB3FC0DA7F80160EA24CEB1FE003C0161E
023F171C047814F0DBE070010F133C021F173804F014F84C1307DA0FF05EA2DBF1C0EB03
FCDA07F95EA2DBFB80EB01FEDA03FF6F5AA293C8FCA26E5FA24B157F020094C8FCA24B81
037C153EA20378151E0338151C58407EBD5D>87 D<B66C0103B51280A3000101F0C8EBF8
006C6C48ED3FC0725A013F041EC7FC6D7E606D6C15386D6C1578606D6C5D6E14016D5E6D
6D1303606E6C49C8FC6E6C5B170E6E6C131E171C6E6C5B6E6C137817706E6C13F06F5B6E
13016EEB83C05FED7FC7DB3FE7C9FC16EFED1FFE5E150F6F5AB3A4ED1FFC020FB512FCA3
413E7FBD44>89 D E /Fg 77 124 df<DA0FF813FC91397FFF07FF903B01F8078F838090
3B07E001DE0FC090270F8003FC13E090261F0007131F013EEB0FF85B01FCED0FC0923907
F007804848010390C7FCADB812F8A32801F80003F0C7FCB3AB486C497E267FFFE0B512F0
A3333B7FBA30>11 D<EC0FF8EC7FFE903901F80780903907E001C090390F80006090391F
0003E0013E497E49130F13FCA248486D5A6F5A6F5A92C8FCA9ED03F0B7FCA33901F8000F
1503B3AA486C497E267FFFE0B512C0A32A3B7FBA2E>I<EC0FFC91387FFF70903901F803
F0903807E00790380F800FEB1F00133E5B01FC13071503485AADB7FCA33901F80003B3AB
486C497E267FFFE0B512C0A32A3B7FBA2E>I<DA0FF0EB1FF0DA7FFEEBFFFC903B01F80F
03F00F903C07E0018FC0038090270F8000DFC77E90271F0003FE1307013E4948497E4949
48131F13FCA248484A6D5A03076E5A03036EC7FC95C8FCA9F007E0BAFCA33C01F80003F0
001F1807B3AA486C496C497E267FFFE0B500C1B51280A3413B7FBA45>I<133C137EA213
FE1201EA03FC13F0EA07E0EA0FC0EA1F80EA1E005A5A5A12C00F0F6FB92A>19
D<141FEC7F80903801E0C0903803C06049487E130FEC0038491318A25B133EA2133F5DA2
5DA25D4A5A131F0283CAFC1486148C02D849B51280130F14F04A9039003FF8000107ED0F
C0715A6D6C92C7FC01071506496C5C1319D931FC5C01605D497E0001017F5C48487ED807
006D5B6E6C485A5A001E6D6C48C8FC003E6D6C5A007E010313066F5A00FE6D6C5AEC00FE
ED7E30ED7F606C6E481303151F6C6E7E6D6D6C1306003FDA1FF8130E6C6CEB39FC280FE0
01F07F133C3C07F80FE03FC0F86CB539800FFFF0C69026FE00035BD91FF0D9007FC7FC39
3C7DBA41>38 D<121C127E127FEAFF80A213C0127FA2121C1200A4EA0180A3EA0300A312
065AA25A5A12200A1979B917>I<146014E0EB01C0EB0380EB0700130E5B133C13385B13
F05B1201485AA2485AA348C7FCA25A121EA2123EA2123CA2127CA5127812F8B01278127C
A5123CA2123EA2121EA2121F7EA26C7EA36C7EA26C7E12007F13707F133C131C7F7FEB03
80EB01C0EB00E01460135278BD20>I<7E7E7E12707E7E7E120F7E6C7E7F12017F6C7EA2
1378A37FA2133E131EA2131FA27FA21480A5130714C0B01480130FA51400A25BA2131EA2
133E133CA25BA35BA2485A5B12035B48C7FC5A120E5A5A5A5A5A5A12527BBD20>I<121C
127E127FEAFF80A213C0127FA2121C1200A4EA0180A3EA0300A312065AA25A5A12200A19
798817>44 D<B512FCA516057F941C>I<121C123E127FEAFF80A3EA7F00123E121C0909
798817>I<150C151EA2153E153CA2157C1578A215F815F0A2140115E0A2140315C0A214
071580A2140F15005C141EA2143E143CA2147C1478A214F85CA213015CA213035CA21307
5CA2130F91C7FCA25B131EA2133E133CA2137C1378A213F85BA212015B12035BA212075B
A2120F90C8FCA25A121EA2123E123CA2127C1278A212F85AA212601F537BBD2A>I<EB03
F8EB1FFF90387E0FC09038F803E03903E000F84913780007147C48487FA248C77EA24815
80A3007EEC0FC0A500FE15E0B2007E15C0A4007F141F6C1580A36C1500A26C6C133EA26C
6C5B6C6C5BA23900F803E090387E0FC0D91FFFC7FCEB07FC23387DB62A>I<497E130713
0F133FEA01FFB5FC13DFEAFE1F1200B3B3A7497E007FB512E0A31B3779B62A>I<EB1FF0
EB7FFE48B57E3903E03FE03907000FF0000CEB03F84880486D7E00701300006080127CB4
8016807FA36CC7FCA2121CC81300A25D5DA24A5A5D14035D4A5A4A5A5D4AC7FC143E5C5C
5CEB01C0495A49C8FC130E5B49EB01805B5B49EB0300485A48C7FC1206485C001FB6FC5A
485CB6FCA321377CB62A>I<EB07F8EB3FFF90B512C03901F00FE039038003F048486C7E
488001C07F381FE00081A3120F5BEA0380C85AA214015D5D4A5A5D4A5A4A5A027FC7FCEB
1FFCECFF809038000FE0EC03F0EC01FC6E7E8181168016C0153FA216E0A2123E127F487E
A316C090C7127F007E1580127C0030ECFF0000385C6C495A000F495A3907F00FF00001B5
12C06C6C5BD90FFCC7FC23387DB62A>I<1570A215F01401A214031407A2140F141F141B
1433147314E314C31301EB038314031307130E130C131C13381330137013E013C0EA0180
120313001206120E120C5A123812305A12E0B712F8A3C73803F000AB4A7E0103B512F0A3
25387EB72A>I<0006140CD80780133C9038F003F890B55A5D5D5D92C7FC14FC38067FE0
90C9FCABEB07F8EB3FFF9038F80F803907C003C090380001F000066D7E1204C8127C157E
A281A31680A3123C127EB4FCA316005A485C0060147EA26C5C00385C00181301000E495A
6C495A3903E03F806CB5C7FC38007FFCEB1FE021387CB62A>I<EC3FC0903801FFF00107
13FC90380FE03E90383F0007017E131F01F8EB3F800001147F485A5B12074848EB3F0015
1E001F91C7FC5B123FA348C9FCA2EB01FC903807FF8039FF0E07E090381801F0496C7E49
137C49137E815B1680ED1FC0A290C7FC16E0A37EA57E6D14C0A2121F1680000F143F6D14
000007143E6D137E6C6C5B6C6C485A3900FE07F090383FFFC06D5BD903FCC7FC23387DB6
2A>I<12301238123E003FB612E0A316C048158016000070C71203006014065DA25D485C
5DA2C85A4A5A4AC7FCA214065CA25C143814301470A25C1301A213035C1307A3130FA249
5AA4133FA5137FA86DC8FC131E233A7BB82A>I<EB03FCEB1FFF017F13C09038FC07E039
01E001F0390380007848C77E81120E81121EA4121F150E6D131ED80FE0131C6D133CD807
FC5B6D13703903FF81E06CEBC3C06C01FFC7FCEB7FFCEB1FFE6D6C7E497F017913F09038
F07FF83901C01FFC3907800FFE390F0003FF001E6D1380001CEB007F003CEC3FC048140F
ED07E00070140312F01501A416C012781503007C1580003CEC07006C5C6C6C131E6C6C13
7C3903F803F0C6B55A013F1380D907FCC7FC23387DB62A>I<EB07F8EB1FFF017F13C090
38FC07E03901F001F048486C7E48487F000F147C4848137E003F80A248C7FC1680A24814
1F16C0A416E0A47E153FA26C7E121F157F6C7E000714DF3903E0019F3901F0031F3800FC
0ED93FFC13C0EB07F090C7FCA2ED3F80A31600A2000F147E487E486C137C15FC4A5A5D49
485A6C48485A001CEB1F80260F807FC7FC3807FFFC00015B38003FC023387DB62A>I<12
1C123E127FEAFF80A3EA7F00123E121CC7FCB2121C123E127FEAFF80A3EA7F00123E121C
092479A317>I<121C123E127FEAFF80A3EA7F00123E121CC7FCB2121C127E127F5A1380
A2127FA2121D1201A4EA0300A41206A25AA25A5AA21220093479A317>I<1538A3157CA3
15FEA24A7EA34A7F153FA202077FEC061FA2020C7F150FA24A6C7EA34A6C7EA34A6C7EA3
4A6C7EA34948137FA201038191C7123FA249B67EA3010EC7EA1FE0010C140FA249811607
A2496E7EA3496E7EA301E06E7E1201486C81D80FFC02031380B56C017F13FEA3373B7DBA
3E>65 D<B712E016FC16FF000190C7EA7FC06C48EC1FE0707E707E707EA2707EA283A75F
16035F4C5A4C5A4C5A4C5A04FFC7FC90B612FCA249C7B47EEE1FE0EE07F0707E83707E70
7EA21880177F18C0A7188017FFA24C13005F16034C5AEE1FF8486CEC7FE0B85A94C7FC16
F832397DB83B>I<913A01FF800180020F13E0027FEBF803903A01FF807E07903A03FC00
0F0FD90FF0EB038FD91FC0EB01DF4948EB007F49C8123F13FE4848151F4848150F120749
1507120F491503121FA2485A1701127FA25B94C7FC12FFAB127FA26DED0180A2123FA26C
7E1703000F17007F00075E6D150612036C6C5D6C6C5D017F15386D6C5C6D6C5CD90FF049
5AD903FCEB0780902701FF803EC7FC9039007FFFFC020F13F002011380313B7BB93C>I<
B712C016F816FE000190390001FF806C489038003FE0EE0FF0EE03F8707E707E177FA2EF
3F8018C0171F18E0170F18F0A3EF07F8A418FCAC18F8A4EF0FF0A218E0A2171F18C0EF3F
80A2EF7F0017FE4C5A4C5AEE0FF0EE3FE0486CECFF80B8C7FC16F816C036397DB83F>I<
B812FCA3000190C7120F6C481401EE007E173E171E170EA31706A317078316C0A394C7FC
A31501A21503150F90B6FCA39038FE000F15031501A21500A21860A318E093C712C0A417
01A3EF0380A21707A2170F173F177F486C913807FF00B9FCA333397DB839>I<B812F8A3
000190C7121F6C481401EE00FC177C173C171CA3170CA3170E1706A2ED0180A21700A415
03A21507151F90B6FCA39038FE001F15071503A21501A692C8FCAD486C7EB67EA32F397D
B836>I<DBFF8013C0020F13F0023FEBFC019139FF803F03903A03FC000787D90FF0EB01
C7D91FC0EB00EF4948147F49C8123F01FE151F4848150F48481507A248481503120F5B00
1F1601A2485A1700127FA25B180012FFAA047FB5FC127FA26D9138003FE0EF1FC0123FA2
6C7EA2120F7F12076C7E7F12016C7E137F6D6C143FD91FE0147F6D6C14E7D903FEEB03C3
903A00FFC01F8391393FFFFE01020FEBF800020001C01300383B7CB941>I<B500FE90B5
12FEA3000190C7000113006C486E5AB3A490B7FCA349C8FCB3A6486C4A7EB500FE90B512
FEA337397DB83E>I<B61280A3C6EB80006DC7FCB3B3AD497EB61280A319397EB81E>I<01
3FB512C0A39039001FF800EC07F0B3B3A3121C127FA2EAFF80A25DEB000F6C5C127C0030
495A6C49C7FC6C137E380781F86CB45A38007F80223A7CB82B>I<B500FE49B5FCA30001
90C8EA7FF06C48ED3F80051EC7FC17185F5F5F4C5A4CC8FC16065E5E5E5E5E4B5A4BC9FC
15065D151C153C157E4AB4FC5C9138063F80020C7FEC181F4A6C7E02607FECC0076D486C
7E02007F4913016F7E8282707E83161F707E831607707E831601707E83838484486CEDFF
F0B500FE010FEBFF80A339397DB841>I<B612C0A300010180C8FC6C48C9FCB3AD1718A5
17381730A31770A317F0A216011603160FEE1FE0486CEB01FFB8FCA32D397DB834>I<D8
FFFE93380FFFE06D5EA20001F0F0002600DF80ED37E0A3D9CFC01567A2D9C7E015C7A3D9
C3F0EC0187A3D9C1F8EC0307A2D9C0FC1406A3027E140CA36E1418A26E6C1330A36E6C13
60A26E6C13C0A3913903F00180A3913901F80300A2913800FC06A3ED7E0CA36F5AA2ED1F
B0A3ED0FE0A2487E486C6D5AD80FFC4C7EB527C0038007B512E0A343397CB84C>I<D8FF
FE913807FFFE7FA2C66D9038007FE06EEC1F8001DFED0F00D9CFE014068013C7EBC3F880
13C1EBC0FE80806E7E81141F6E7E8114076E7E8114016E7E8181ED3F8016C0151FED0FE0
ED07F0A2ED03F8ED01FCA2ED00FE167FA2EE3F86EE1FC6A2EE0FE6EE07F6A2EE03FE1601
A21600177EA2486C153E486C151EEA0FFCB500C0140E1706A237397DB83E>I<EC03FF02
1F13E09138FE01FC903903F8007FD907E0EB1F80D91FC0EB0FE049C7EA03F0017E6E7E01
FE8148486E7E4848157FA24848ED3F80000F17C049151F001F17E0A24848ED0FF0A3007F
17F8491507A300FF17FCAB007F17F86D150FA3003F17F0A26D151F001F17E0A26C6CED3F
C0A2000717806C6CED7F006D5D00015E6C6C4A5A017F4A5A6D6C495A6D6C495AD907E0EB
1F80D903F8017FC7FC903900FE01FC91383FFFF0020390C8FC363B7BB941>I<B712C016
F816FE000190390001FF806C489038003FC0EE0FE0EE07F0EE03F817FC17FE1601A217FF
A717FEA2EE03FCA2EE07F817F0EE0FE0EE3FC0923801FF0090B612FC16F049C9FCB3A548
7EB512FEA330397DB839>I<B612FEEDFFE016F8000190380007FE6C48903800FF80EE3F
C0707E707E707EA2707EA283A65FA24C5AA24C5A4C5AEE3F8004FFC8FCED07FC90B612E0
93C9FC9039FE000FC0ED01F06F7E167C82163FA2707EA283A383A483A3F0018017F8160F
A2933907FC0300486C1403B500FE903801FE06706C5AEF3FF8CAEA07F0393A7DB83D>82
D<D90FF813C0EB3FFF90B512813903F807E33907C000F74848133F001EC7121F150F4814
07127C00781403A200F81401A315007EA3007E1500127F7FEA3FE013FE381FFFE06C13FE
6CEBFFC06C14F06C14FC6C6C7F010F7F01011480D9001F13C014019138003FE0ED0FF015
07150316F81501124000C01400A47E16F0A26C140116E07E6CEC03C06CEC07806C6CEB0F
00D8FBE0131ED8F0FE13FC39E07FFFF8D8C00F13E001011380253B7CB92E>I<003FB812
E0A3903AC003FE001F273E0001FC130348EE01F00078160000701770A300601730A400E0
1738481718A4C71600B3B0EC07FF011FB612C0A335397DB83C>I<B500FE903807FFFEA3
000190C8EA7FE06C48ED1F80EF0F001706B3B2017E150E170C137F6D151C17186D6C1438
17306D6C5C010715E06D6C495AD901F8495A6D6C010FC7FC91387F807E91381FFFF80207
13E002001380373A7DB83E>I<B500F891387FFF80A3000390C8380FF8006C48ED03E000
005F715A7F6D4BC7FCA26E5C013F1506A26D6C5CA280010F5DA26E143801071530A26D6C
5CA28001015DA26E130101005DA2027F49C8FCA26F5A023F1306A26E6C5AA215E0020F5B
A2EDF03802071330A26E6C5AA215FC02015BA215FF6E5BA26FC9FCA3153EA3151CA2393A
7EB83E>I<B5D8F803B5D8F001B5FCA3000790C7D80FFCC7EA1FF8D803FC6E48EC07E000
010303ED03C01B807F00006F6C1500A27F6D4A6C1406A36D6C496C5CEE067FA26D6C010E
6D5BEE0C3FA26D6C011C6D5BEE181FA26D6C5F4C6C7EA26E17E001034A6C6C5BA26E1601
01019126C003F85BA26E160301009027018001FC90C7FCA3DA7F03C7EAFE06A3DA3F876E
5A0386147FA2DA1FCE159803CC143FA2DA0FEC15B003F8EC1FF0A202075E4B140FA36E48
6E5AA36E486E5AA3503A7EB855>I<267FFFFE90381FFFFCA3C601F001071380D93FC0D9
01FCC7FCEE00F06D6C5C5F6D6C495A6D6C130394C8FC6D6C13066D6C130E160C6D6C5B6E
1338ED80306E6C5A021F13E06F5A91380FF180EC07F303FBC9FCEC03FE1401A26E7E8182
8215FFEDDFE09138018FF01403ED07F891380603FC140E91380C01FEEC180002387F0230
6D7E4A133F02E0804A6D7E4948130F01038191C76C7E01061403010E81010C6E7E011C14
00013C8101FE82D807FF02037FB500E0011FEBFF80A339397EB83E>I<B500FC91383FFF
E0A3000101C0913807FE006C90C8EA03F06D6C6E5A606D6C5D6D6C4AC7FC5F6D6C140617
0E6D6C140C01035D6E14386D6C14305F6D7E6E5CED8001DA3FC05B4CC8FCEC1FE0020F13
06EDF00E913807F80C5E913803FC3802011330EDFE70913800FF605E157F6F5AB3A24B7E
023FB57EA33B397FB83E>I<003FB7FCA301FCC75A01C0495A5B003EC7485A003C14075E
00384A5A0078141F00705D153F5E00604AC7FC5D5D4A5AA2C7485A14075D4A5A141F5D4A
5AA24AC8FC5C5C495AA2495A13075C4948EB0180131F5C495AA249C7FC4914035B485A12
035B0007ED07005B48485C001F5D495C48485C4B5A48C7120FB8FCA329397BB833>I<EB
1FE0EBFFFC3803E03F3907000F80486C6C7E6D6C7E486C6C7E81A214006C487F6C5AC8FC
A4147FEB07FFEB3FE0EBFE00EA03F8EA07E0485A485A48C7FC5A160C12FEA31401A2127E
007FEB037C6C9038063E18381F800C3A0FE0781FF03A03FFF00FE03A007F8007C026277D
A52A>97 D<EA03F012FFA3120F1203B0EC1FE0EC7FF89038F1E03E9038F3800F9039F600
078001FCEB03C04914E0ED01F04914F8ED00FCA216FE167EA3167FA8167EA216FE16FCA2
16F815016D14F0ED03E001ECEB07C001C6148001C3EB1F00903881E07E903800FFF8C7EA
1FC0283B7EB92E>I<EB03FC90381FFF8090387E03E09038F80070D801E013F800031301
3907C003FCEA0F80121FA2393F0001F8EC00F0481400127EA212FEA9127EA2127FA26C14
06A26C6C130C120F6C6C13186C7E00011430D800F813E090387C07C090381FFF00EB07F8
1F277DA525>I<ED0FC0EC03FFA3EC003F150FB0EB03F8EB1FFF90387E078F9038F800CF
D801E0136F0003143F4848131F485A001F140F90C7FC5AA25A127EA212FEA8127EA3127F
7EA26C7E000F141F6C6C133F12036C6CEB6FF03A00F001CFFF90387C078F90381FFE0FD9
07F813C0283B7DB92E>I<EB07F8EB1FFF90387C0F809038F003C03901E001E03903C000
F0000714F84848137C121F90C7127E48143EA2007E143FA312FEA2B7FCA248C8FCA5127E
A2127F7E15037E6D1306120F6C6C130C6C7E6C6C13386C6C137090383E03C090381FFF80
903803FC0020277EA525>I<147E903803FF80903807C1C090380F07E0011E13F0EB3E0F
137C13FCEC07E09038F803C0000190C7FCADB512FCA3D801F8C7FCB3AB487E387FFFF8A3
1C3B7FBA19>I<90390FF003F090393FFC1FF89039F81F7C7C3901F00FE03A03E007C038
3A07C003E010160048486C7EA2001F80A6000F5CA26C6C485AA26C6C485A6C6C485A486C
48C7FC38063FFCEB0FF0000EC9FCA4120FA26C7E90B512C06C14F86C14FE6CECFF800003
15C03A0F80007FE0001EC7120F003EEC03F048140116F8481400A5007CEC01F0A26CEC03
E06CEC07C06C6CEB0F80D807E0EB3F003901FC01FC39007FFFF0010790C7FC26377EA42A
>I<EA03F012FFA3120F1203B0EC0FF0EC3FFCECF03E9038F1C01F9039F3000F8001F680
150701FC805BA35BB3A4486C497EB500C1B51280A3293A7EB92E>I<EA0380487E487E48
7EA36C5A6C5A6C5AC8FCAAEA03F012FFA312071203B3AA487EB512C0A312387EB717>I<
EB01C0EB03E0EB07F0EB0FF8A3EB07F0EB03E0EB01C090C7FCAAEB01F813FFA313071301
B3B3A2123C127E00FF13F0130314E0A2387E07C0007C1380383C0F00EA0FFEEA03F81549
84B719>I<EA03F012FFA3120F1203B1913801FFFCA39138007FC0ED3E0015385D5D4A5A
4AC7FC14065C5C143814F8EBF1FCEBF37EEBF63FEBFC1F01F87F496C7E1407816E7E6E7E
140081157E153E153FED1F8016C0486CEB3FF0B500C0B5FCA3283A7EB92C>I<EA03F012
FFA3120F1203B3B3AD487EB512C0A3123A7EB917>I<2703F00FF0EB1FE000FFD93FFCEB
7FF8913AF03E01E07C903BF1C01F03803E3C0FF3000F86001FD803F602CC14800307140F
01FC02F814C0495CA3495CB3A4486C496CEB1FE0B500C1B50083B5FCA340257EA445>I<
3903F00FF000FFEB3FFCECF03E9038F1C01F3A0FF3000F80D803F680150701FC805BA35B
B3A4486C497EB500C1B51280A329257EA42E>I<EB03FE90380FFF8090383E03E09038F8
00F84848137C48487F48487F4848EB0F80001F15C090C712074815E0A2007EEC03F0A400
FE15F8A9007E15F0A2007F14076C15E0A26C6CEB0FC0000F15806D131F6C6CEB3F006C6C
137EC66C13F890387E03F090381FFFC0D903FEC7FC25277EA52A>I<3903F01FE000FFEB
7FF89038F1E07E9038F3801F3A07F6000F80D803FCEB07C049EB03E016F049EB01F816FC
150016FEA3167E167FA8167E16FEA216FCA2ED01F8A26DEB03F016E06DEB07C001F6EB0F
8001F3EB1F009038F1E07E9038F0FFF8EC1FC091C8FCAB487EB512C0A328357EA42E>I<
D903F813C090381FFE0190387E07819038F801C33901F000634848136748481337000F14
1F485AA248C7120FA25AA2127E12FEA8127E127FA37E7F001F141F6C7E0007143F6C6C13
6F6C6C13CF3900F8018F90387E070FEB1FFEEB07F890C7FCABED1FE00203B5FCA328357D
A42C>I<3807E01F00FFEB7FC0ECE3E09038E183F0380FE307EA03E6A29038EC03E0EC00
8001F81300A35BB3A3487EB512F0A31C257EA421>I<EBFF03000313E7380F80FF381C00
1F487F127800707F12F080A37E7E007E90C7FCEA7FE06CB4FC14E06C7F000713FC6C7FC6
7F13079038007F80141F0040EB0FC000C01307A26C1303A37E15807EEC07006C130600F6
131E38E3C07838C1FFF038C03F801A277DA521>I<1318A51338A31378A313F812011203
1207001FB5FCB6FCA2D801F8C7FCB215C0A90000EB018013FC137C90383E0300EB1F06EB
0FFCEB01F81A347FB220>I<D803F0EB07E000FFEB01FFA3000FEB001F00031407B3A515
0FA30001141F15376C6C14F8017C9038E7FF8090383F03C790381FFF07D903FCEBE00029
267EA42E>I<B538803FFEA33A07F8000FF06C48EB03C016807F00011500A26C6C1306A2
6D130E017E130CA26D5BA2EC8038011F1330A26D6C5AA214E001075BA2903803F180A3D9
01FBC7FCA214FF6D5AA2147CA31438A227257EA32C>I<B53A1FFFE03FFEA3260FF80090
380007F86C48017EEB03E00003EE01C0033E1480A26C6C013FEB0300A36C6CEC8006156F
A2017E9038EFC00C15C7A2D93F016D5A15830281EBF038D91F831430150102C3EBF87090
260FC6001360A2D907E66D5A02EC137CA2D903FCEB7F804A133FA2010192C7FC4A7FA201
00141E4A130E0260130C37257EA33C>I<B538807FFFA33A03FE001FE0C64814806D010E
C7FC017E5B6D13186D6C5AECC070010F5B6D6C5AECF180EB03FB6DB4C8FC6D5AA2147F80
4A7E8114CF903801C7E090380383F090380703F8EB0601496C7E011C137E49137F01307F
01F06D7E000181D80FF8497ED8FFFE90B51280A329247FA32C>I<B538803FFEA33A07F8
000FF06C48EB03C016806C7E16007F00001406A2017E5BA2137F6D5BA26D6C5AA2ECC070
010F1360A26D6C5AA214F101035BA2D901FBC7FCA214FF6D5AA2147CA31438A21430A214
701460A25CA2EA7C0100FE5B130391C8FC1306EAFC0EEA701C6C5AEA1FF0EA0FC027357E
A32C>I<003FB512FCA290388001F8393E0003F0003C1307003814E00030EB0FC0007013
1F15800060EB3F005C14FE5C495AEA00035C495A130F495A5C49C7FC491306137E5B1201
485A49130E485A000F140C49131C485A003F143C90C7127C007EEB03FCB6FCA21F247EA3
25>I<B81280A2290280962A>I E /Fh 43 123 df<913803FFC0027F13F00103B512FC01
0FEB00FED93FF8133FD97FE0EBFF8049485A5A1480484A13C04A6C1380A36F1300167E93
C7FCA592383FFFC0B8FCA4000390C7FCB3ABB5D8FC3F13FFA4303A7EB935>12
D<B61280A819087F9620>45 D<167016F8A2150116F0A2150316E0150716C0A2150F1680
151F16005D153EA2157E157C15FC5DA214015D14035DA214075D140F5D141F92C7FCA25C
143E147E147CA214FC5C13015CA213035C13075CA2130F5C131F91C8FC5B133EA2137E13
7C13FC5BA212015B12035BA212075B120F5B121F90C9FCA25A123E127E127CA212FC5AA2
127025537BBD30>47 D<141E143E14FE1307133FB5FCA313CFEA000FB3B3A6007FB61280
A4213779B630>49 D<EB0FFC90387FFFC048B512F0000714FC390FF03FFF261F800F1380
263F000313C05AD9C00113E0486C6C13F07FA2ED7FF8A46C5A6C5A000FC7FCC8FCEDFFF0
A216E05C16C04A138016004A5A5D4A5A4A5A4A5AEC7F8092C7FC14FEEB01F84948137849
5A495A495A013EC712F84914F05B4848130148B6FCA25A5A5A5A4815E0B7FCA425377BB6
30>I<EB03FF011F13F0017F13FC3901FC07FF2603F003138048486C13C0496C13E0EA0F
F001FC14F0121F7FA56C4814E0A23803F001C714C04A138016004A5A4A5AEC3FF090380F
FFC092C7FC15F090380007FE913801FF806E13C016E0ED7FF016F816FC153FA216FEEA1F
C0487E487E487EA416FCA249EB7FF8127F01C0EBFFF06C4814E06C6C4813C0260FFC0713
806CB61200000114FC6C6C13F0010790C7FC27387CB630>I<ED07C0150FA2151F153F15
7F15FFA25C5C5C5CA2141E5C147C5C5C495A495A1307495A5C131E5B137C5B5B485A485A
1207485A90C7FC121E5A127C5AB81280A4C70001EBC000AA0103B61280A429377DB630>
I<001C15C0D81F80130701F8137F90B61280A216005D5D15F05D15804AC7FC14F090C9FC
A8EB07FE90383FFFE090B512F89038FC07FC9038E003FFD98001138090C713C0120EC813
E0157F16F0A216F8A21206EA3F80EA7FE012FF7FA44914F0A26C4813FF90C713E0007C15
C06C5B6C491380D9C0071300390FF01FFE6CB512F8000114E06C6C1380D90FF8C7FC2538
7BB630>I<EC0FF8ECFFFE0103EBFF8090390FF80FC090393FE003E090397FC001F09038
FF000F48EC1FF84848133F485A120F5B121FA2003FEC1FF0ED0FE04990C7FC127FA21408
EC7FF039FFF1FFFC01F313FFD9F78013809039FF007FC049EB3FE04914F0ED1FF85B16FC
A34914FEA5127FA5123F16FCA26C7E16F8000F143F6C6C14F0ED7FE06C6C14C03A01FF81
FF806C90B51200013F13FC010F13F00101138027387CB630>I<123C123EEA3FE090B712
80A41700485D5E5E5EA25E007CC7EA0FC000784A5A4BC7FC00F8147E48147C15FC4A5A4A
5AC7485A5D140F4A5A143F92C8FC5C147E14FE1301A2495AA31307A2130F5CA2131FA513
3FA96D5A6D5A6D5A293A7BB830>I<49B47E010F13F0013F13FC9038FE01FF3A01F8007F
804848EB3FC04848EB1FE0150F485AED07F0121FA27FA27F7F01FEEB0FE0EBFF809138E0
1FC06CEBF03F02FC13809138FF7F006C14FC6C5C7E6C14FE6D7F6D14C04914E048B612F0
EA07F848486C13F8261FE01F13FC383FC007EB8001007F6D13FE90C7123F48140F481407
15031501A21500A216FC7E6C14016D14F86C6CEB03F06D13076C6CEB0FE0D80FFEEB7FC0
0003B61200C614FC013F13F00103138027387CB630>I<ED03E04B7EA24B7EA34B7EA24B
7EA34B7EA292B57EA34A8015F302038015E1A202078015C0020F80ED807FA2021F80ED00
3F4A80023E131FA2027E80027C7F02FC814A7FA20101824A7F49B77EA3498202C0C7FC01
0F824A147FA2011F8291C8123F4982013E151FA2017E82017C8101FE83B500F80107B612
80A4413A7DB948>65 D<DB3FFCEB01C00203B5EAC003021FECF00791B6EAFC0F01039039
FC00FF3F4901C0EB1FFFD91FFEC77E49481403D97FF080494880485B48177F4849153F48
90C9FC181F485A180F123F5B1807127FA24993C7FC12FFAD127F7FF003C0123FA27F001F
1707A26C6C1780180F6C6D16006C6D5D6C173E6C6D157ED97FF85D6D6C4A5A6DB44A5A01
0701C0EB0FE06D01FCEBFF80010090B548C7FC021F14F8020314E09126003FFEC8FC3A3B
7BB945>67 D<B87E17F817FF18C028007FF8000713F09338007FF8EF1FFE717E05031380
7113C0A27113E0F07FF0A2F03FF8A219FC181FA219FEA419FFAC19FEA419FC183FA219F8
187F19F0F0FFE0A24D13C04D13804D1300EF1FFEEF7FFC933807FFF0B912C095C7FC17FC
178040397DB849>I<B912F0A426007FF8C7FCEF1FF8170717031701A21700A21878A304
3C137C183CA41800167CA216FC150391B5FCA4ECF8031500167CA2163C180FA3181EA293
C7FCA2183EA2183C187CA218FCA2EF01F81703170F173FEE01FFB9FC18F0A338397DB83F
>I<B912C0A43A007FF800039338007FE0171F170F1707A21703A21701A318F0EE7800A4
1800A216F8A21501150791B5FCA4ECF80715011500A21678A693C8FCADB7FCA434397DB8
3C>I<B612FCA439007FF800B3B3ADB612FCA41E397DB824>73 D<B600FC0103B512C0A4
26007FF8C8381FE00019804EC7FC18FEEF01F84D5A4D5A4D5AEF3F80057EC8FC5F4C5A4C
5AEE0FE0EE1F804CC9FC167E5EED03F84B7E4B7E4B7E4B7F5D02F9B57EDAFBF77FDAFFE3
7F15C103807F4A487F4A6D7E4A133F707E707F8482707F707F8482717E717E8483717F71
7F858385B600FC017FEBFFE0A443397DB84B>75 D<B500FC0203B512F0A28080C66C6D90
390003F0006F6E5A81017B7F13798101787F6E7E6E7E6E7F6E7FA26E7F6E7F6E7F6E7F6F
7E153F826F13806F13C06F13E06F13F06F13F88117FCEE7FFEEE3FFF7013817013C17013
E18218F17013F97013FDEF7FFF8383A28383838383187FA2183F181F01FC160FB500FC15
0718031801A244397DB84B>78 D<B8FC17F017FEEFFF8028007FF8000F13C0040113E070
13F0EF7FF8EF3FFCA2EF1FFEA218FFA818FEA2EF3FFCA2EF7FF8EFFFF04C13E0040F13C0
91B7120017FC17E002F8C9FCB3A4B612FCA438397DB841>80 D<D907FF130E013FEBE01E
90B5EAF83E0003ECFE7E3A07FC01FFFE390FF0001F4848130F48481303491301007F1400
90C8FC167E5A163EA27F161E7F7F6D91C7FC13FC387FFFE014FEECFFF06C14FE6F7E6C81
6C15F06C816C81C681133F010F801301D9000F1480EC007F030F13C01503818100F0157F
A3163FA27E17807E167F6C16007E6D14FE01E0495A01F813039039FF801FF800FC90B512
E0D8F83F5CD8F00749C7FC39E0007FF02A3B7BB935>83 D<EB3FFE0003B512E0000F14F8
391FF00FFE003FEB03FF6D6C7F6E7FA26F7EA26C5A6C5AEA0380C8FCA2EC3FFF010FB5FC
137F3901FFF87F00071380380FFE00EA3FF85B485A12FF5BA415FF6D5A127F263FF00713
F83B1FFC1FBFFFC0390FFFFE1F0003EBF80F39003FE0032A257DA42E>97
D<13FFB5FCA412077EAF4AB47E020F13F0023F13FC9138FE03FFDAF00013804AEB7FC002
80EB3FE091C713F0EE1FF8A217FC160FA217FEAA17FCA3EE1FF8A217F06E133F6EEB7FE0
6E14C0903AFDF001FF80903AF8FC07FE009039F03FFFF8D9E00F13E0D9C00390C7FC2F3A
7EB935>I<903801FFC0010F13FC017F13FFD9FF8013802603FE0013C048485AEA0FF812
1F13F0123F6E13804848EB7F00151C92C7FC12FFA9127FA27F123FED01E06C7E15036C6C
EB07C06C6C14806C6C131FC69038C07E006DB45A010F13F00101138023257DA42A>I<EE
7F80ED7FFFA4150381AF903801FF81010F13F1013F13FD9038FFC07F0003EB001FD807FC
1307000F8048487F5B123FA2485AA312FFAA127FA27F123FA26C6C5B000F5C6C6C5B6C6C
4913C02701FF80FD13FE39007FFFF9011F13E1010313012F3A7DB935>I<903803FF8001
1F13F0017F13FC3901FF83FE3A03FE007F804848133F484814C0001FEC1FE05B003FEC0F
F0A2485A16F8150712FFA290B6FCA301E0C8FCA4127FA36C7E1678121F6C6C14F86D14F0
00071403D801FFEB0FE06C9038C07FC06DB51200010F13FC010113E025257DA42C>I<EC
1FF0903801FFFC010713FF90391FF87F8090383FE0FFD9FFC113C0A2481381A24813016E
1380A2ED3E0092C7FCA8B6FCA4000390C8FCB3ABB512FEA4223A7DB91D>I<161FD907FE
EBFFC090387FFFE348B6EAEFE02607FE07138F260FF801131F48486C138F003F15CF4990
387FC7C0EEC000007F81A6003F5DA26D13FF001F5D6C6C4890C7FC3907FE07FE48B512F8
6D13E0261E07FEC8FC90CAFCA2123E123F7F6C7E90B512F8EDFF8016E06C15F86C816C81
5A001F81393FC0000F48C8138048157F5A163FA36C157F6C16006D5C6C6C495AD81FF0EB
07FCD807FEEB3FF00001B612C06C6C91C7FC010713F02B377DA530>I<13FFB5FCA41207
7EAFED7FC0913803FFF8020F13FE91381F03FFDA3C01138014784A7E4A14C05CA25CA291
C7FCB3A3B5D8FC3F13FFA4303A7DB935>I<EA01F0EA07FC487EA2487EA56C5AA26C5AEA
01F0C8FCA913FF127FA412077EB3A9B512F8A4153B7DBA1B>I<13FFB5FCA412077EB3B3
ACB512FCA4163A7DB91B>108 D<01FED97FE0EB0FFC00FF902601FFFC90383FFF800207
01FF90B512E0DA1F81903983F03FF0DA3C00903887801F000749DACF007F00034914DE6D
48D97FFC6D7E4A5CA24A5CA291C75BB3A3B5D8FC1FB50083B512F0A44C257DA451>I<01
FEEB7FC000FF903803FFF8020F13FE91381F03FFDA3C011380000713780003497E6D4814
C05CA25CA291C7FCB3A3B5D8FC3F13FFA430257DA435>I<903801FFC0010F13F8017F13
FFD9FF807F3A03FE003FE048486D7E48486D7E48486D7EA2003F81491303007F81A300FF
1680A9007F1600A3003F5D6D1307001F5DA26C6C495A6C6C495A6C6C495A6C6C6CB45A6C
6CB5C7FC011F13FC010113C029257DA430>I<9039FF01FF80B5000F13F0023F13FC9138
FE07FFDAF00113800003496C13C00280EB7FE091C713F0EE3FF8A2EE1FFCA3EE0FFEAA17
FC161FA217F8163F17F06E137F6E14E06EEBFFC0DAF00313809139FC07FE0091383FFFF8
020F13E0020390C7FC91C9FCACB512FCA42F357EA435>I<9038FE03F000FFEB0FFEEC3F
FF91387C7F809138F8FFC000075B6C6C5A5CA29138807F80ED3F00150C92C7FC91C8FCB3
A2B512FEA422257EA427>114 D<90383FF0383903FFFEF8000F13FF381FC00F383F0003
007E1301007C130012FC15787E7E6D130013FCEBFFE06C13FCECFF806C14C06C14F06C14
F81203C614FC131F9038007FFE140700F0130114007E157E7E157C6C14FC6C14F8EB8001
9038F007F090B512C000F8140038E01FF81F257DA426>I<130FA55BA45BA25B5BA25A12
07001FEBFFE0B6FCA3000390C7FCB21578A815F86CEB80F014816CEBC3E090383FFFC06D
1380903803FE001D357EB425>I<01FFEC3FC0B5EB3FFFA4000714016C80B3A35DA25DA2
6C5C6E4813E06CD9C03E13FF90387FFFFC011F13F00103138030257DA435>I<B539F001
FFF8A4000390C7EA3F00161E6E133E6C153C6E137C6C15786E13F8017F5CECF001013F5C
14F8011F495AA2ECFC07010F5CECFE0F010791C7FC6E5A6D131E15BE6D13BC15FC6D5BA3
6E5AA26E5AA26E5AA26E5AA22D257EA432>I<B500F1B538803FFFA43D07FE000FF80003
E06C6C010715C082028015076C6E6C148015076C01C0ED0F00826E485C017FED801E5D90
273FF01E7F5B17C0DAF83E147C011F90393C3FE078037C14F8903B0FFC781FF0F0A29139
FEF00FF10107EDF9E002FF14FB6D496CB45AA24B7E6D5EA26D496C90C7FCA292C7FC6E5C
A2023E147C023C143C40257EA445>I<B539F001FFF8A4000390C7EA3F00161E6E133E6C
153C6E137C6C15786E13F8017F5CECF001013F5C14F8011F495AA2ECFC07010F5CECFE0F
010791C7FC6E5A6D131E15BE6D13BC15FC6D5BA36E5AA26E5AA26E5AA26E5AA292C8FCA2
5C141E003F133E387F803C38FFC07C147814F8EBC1F0EBC3E06C485A387D1F80D83FFFC9
FCEA1FFCEA07F02D357EA432>121 D<003FB612C0A3D9F0031380EB800749481300003E
5C003C495A007C133F5D0078495A14FF5D495B5BC6485B92C7FC495A131F5C495A017FEB
03C0EBFFF014E04813C05AEC80074813005A49EB0F80485A003F141F4848133F9038F001
FFB7FCA322257DA42A>I E /Fi 2 104 df<153FEC03FFEC0FE0EC3F80EC7E00495A5C49
5AA2495AB3AA130F5C131F495A91C7FC13FEEA03F8EA7FE048C8FCEA7FE0EA03F8EA00FE
133F806D7E130F801307B3AA6D7EA26D7E80EB007EEC3F80EC0FE0EC03FFEC003F205B7A
C32D>102 D<12FCEAFFC0EA07F0EA01FCEA007E6D7E131F6D7EA26D7EB3AA801303806D
7E1300147FEC1FC0EC07FEEC00FFEC07FEEC1FC0EC7F0014FC1301495A5C13075CB3AA49
5AA2495A133F017EC7FC485AEA07F0EAFFC000FCC8FC205B7AC32D>I
E /Fj 53 123 df<EE07FC93393FFF87F09338FC07C7923A03F001E7E0DB07C013F79239
0F8007FF031F4913C016005DA2037E1580EF039FEF001F183F4B1500A3600201157E5DA2
18FE6014035D0103B7FC60A2903A0007F000014B130360A31707020F5D5DA2170F60141F
5D171F60A2143F92C7123F95C7FCA34A5C027EEC7E07A317FE02FE4A5A4A150EA2181E18
1C13014AEC7C3C1838EF3C70EF1FE04948EC07C094C8FCA3495AA3001E5BEA7F0FA200FF
5BA249CBFC12FEEAF83EEA703CEA7878EA1FF0EA07C03C5383BF35>13
D<EB0380EB07C0130F131F133FEB7F0013FE485A485AEA07E0485A485A48C7FC127C5A5A
5A121162BE2E>19 D<16E01501A31503A25EA21507A25EA2150FA293C8FCA25DA2151EA2
153EA2153CA2157CA2B912F818FCA218F8C800F0C8FCA21401A25DA21403A25DA21407A2
5DA2140FA292C9FCA25CA2141EA2143EA2143C141C363873B246>43
D<EA01E0EA07F8120FA2EA1FFCA4EA0FF8EA0798EA001813381330A21370136013E013C0
1201EA0380EA07001206120E5A5A5A5A5A0E1C7A891C>I<387FFFFEA3B5FCA217057995
21>I<120FEA3FC0127FA212FFA31380EA7F00123C0A0A77891C>I<15FE913807FF809138
1F07C091387C01F0ECF000494813F8494813780107147C495A49C7FC167E133E137EA25B
A2485AA2000315FEA25B000715FCA2491301120FA34848EB03F8A44848EB07F0A448C7EA
0FE0A316C0007E141F12FE1680153FA2481500A2157EA25DA25D4813015D6C495A127C4A
5A4A5A6C49C7FC143E6C5B380FC1F03803FFC0C648C8FC273F76BC2E>48
D<15031507150F151F151E153E157EEC01FEEC03FC1407141FEB01FF90380FFBF8EB1FC3
EB0E07130015F0A2140FA215E0A2141FA215C0A2143FA21580A2147FA21500A25CA25CA2
1301A25CA21303A25CA21307A25CA2130FA25CA2131FA25CEB7FE0B612F0A215E0203D77
BC2E>I<15FE913803FFC091380F01F091383C00F84A137C4A7F4948133F49487F4A1480
49C7FC5BEB0E0C011E15C0EB1C0EEB3C06133813781370020E133FD9F00C148013E0141C
0218137F00011600EBC0384A13FEEC600102E05B3A00E3C003F89039FF0007F0013C495A
90C7485A5E037FC7FC15FC4A5A4A5AEC0FC04AC8FC147E14F8EB03E0495A011FC9FC133E
49141801F0143C48481438485A1678485A48C85A120E001E4A5AD83FE0130301FF495A39
7C3FF01FD8780FB55AD8700391C7FCD8F0015B486C6C5A6E5AEC07C02A3F79BC2E>I<ED
7F80913803FFE091380F80F891383C007C02F87FD901E07F494814804948130F49C7FC01
0E15C0131EEB1C18EB3C1CEB380C0178141F17801370A2021C133F6D4814004A5BD91FE0
137ED90F805B90C8FC4B5A4B5A4B5AED1F8003FFC7FCECFFFC15F0A2EC00FC153E153F81
82150F82A4151FA2121E127F153F485DA3484AC7FC12F800E014FE5D14016C495A007049
5A0078EB0FC00038495A6C017EC8FC380F01F83803FFE0C690C9FC2A3F78BC2E>I<1638
167E16FE16FCA3150116F8A3150316F0A2150716E0A2ED0FC0A3ED1F80A216005DA2157E
A2157C15FC5D14015D14035D4A5AA24A5AA24AC7FC143EED038091387C0FC014F8ECF01F
01011480EB03E014C0903807803F010F1400EB1F00133E495B49137E485A485A484813FE
48B46C5A4813F04813FE267C00FF130800F090380FFFFC00601301C714E0913803F8005D
A314075DA3140F5DA3141F5DA3020EC7FC274F7DBC2E>I<02C0EB018002F0130FD901FE
EB7F0091B512FE5E5E4914E016804BC7FCECBFF8D90780C8FC91C9FCA35B130EA3131E13
1CA3133C9038381FC0ECFFF090383BE07C90387F003E017E133F017C7F0178805B498090
C7FCA6153FA4001F147F486C5C487EA24913FF00FF92C7FC90C7FC48495A12E04A5A5D6C
495A140F00705C0078495A6C495A003E01FEC8FC381F03FC380FFFF0000313C0C648C9FC
293F77BC2E>I<ED0FE0ED7FF8913801F01C913807C00E91381F800F91383E00074A131F
4A137F494813FF1303495A494813FE131F4948137891C8FC5B13FEA2485AA212035B0007
EB1FC0EC7FF0390FF1E07C9038F3803EEBF700D81FFE7F4914805B49EB0FC0123F5B151F
4914E0127FA25BED3FC0A248C7FCA2157F16805AA215FF1600A24A5AA2485C007C495AA2
007E495A4A5A003E495A003F495A261F807EC7FC380FC1FC6CB45A6C13E0C66CC8FC283F
76BC2E>I<D9703FEB01C09138FF800301F3158001EFEBC00790B5EB0F0048151E148326
03FE015B01F8147C2607F0005B49EBE3F04848137F496D5A48C71201001E4A5A1507485D
0038140F007892C7FC00705C00F0143E5A5DC8FC5DA24A5AA214035D14074A5AA2141F5D
A24AC8FCA25C147E14FEA2495AA3495AA313075C130FA25C131FA35C133FA35C91C9FC13
1E2A3F73BC2E>I<15FF020713C091381F81E091383E00F002FC13F84948137C495A4948
137E010F143E495A133F4A133F017F147F91C7FC5BA2485AA216FF12035B16FE15011207
5B1503A216FC491307A20003140F16F8151F12016D133F0000EC7FF015EF90387C01CF90
393E079FE090380FFE1FD903F813C090C7123FA21680157F160015FEA24A5A001C5C007F
1303485C4A5A4A5A4A5A4849C7FC00F8137E00E05B6C485A387C07E0383FFFC06C90C8FC
EA03F8283F77BC2E>57 D<131EEB3F80137FEBFFC05AA214806C13005B133C90C7FCB312
0FEA3FC0127FA212FFA35B6CC7FC123C122777A61C>I<4BB4FC031F13E092387E00F8DA
01F0131EDA07801307021FC7EA03C0023CEC01E04A1400D901E015704948157849481538
49C9121C131E49D907E0131E0138D93FFC130E49EBFC1E9039F001F0073C01E007E00380
079038C00FC0000390391F8001C09026803F0013FC2607007EEB00FE484914FC120E381E
01F8D81C0314014A14F8EA3C0700385B0403130FD8780FEDF00E00705BA20407131ED8F0
1FEDE01C00E05BA2040F133CEFC038A3041F1370010F1580043F13F06E017F13E00107EC
FF814B14C0903B03E003DF0380903A01F00F1F073C7000F83E0F8F0091393FF807FC9139
0FC001F06C90CAFCA2123C121C7E000FEE1F806C6C157F6C6C913801FC006C6CEC0FF0D8
0078ECFF80013FD91FFCC7FC010FB512C0010001F0C8FC384172BF46>64
D<49B712C018F818FE903B0003FC0001FF9438007F804BEC3FC0A2F01FE014074B15F018
0FA2140F5D181FA2021F16E05D183F19C0023FED7F804B14FF19004D5A027F4A5A92C7EA
07F0EF1FE0EF7F804AD903FEC7FC92B512F017FE4AC7EA3F800101ED1FE04A6E7E170784
01036F7E5CA30107825CA3010F5E4A1407A260011F150F5C4D5A60013F153F4A4A5A4D5A
017F4A90C7FC4C5A91C7EA0FF849EC3FF0B812C094C8FC16F83C3E7BBD40>66
D<9339FF8001C0030F13E0033F9038F803809239FF807E07913A03FC001F0FDA0FF0EB07
1FDA1FC0ECBF00DA7F806DB4FC4AC77E495AD903F86E5A495A130F4948157E4948157C49
5A13FF91C9FC4848167812035B1207491670120FA2485A95C7FC485AA3127F5BA312FF5B
A490CCFCA2170FA2170EA2171E171C173C173817786C16706D15F04C5A003F5E6D140300
1F4B5A6D4AC8FC000F151E6C6C5C6C6C14F86C6C495A6C6CEB07C090397FC03F8090261F
FFFEC9FC010713F0010013803A4272BF41>I<49B712C018F818FE903B0003FE0003FF94
38007F804BEC1FC0F00FE0F007F014074BEC03F8F001FCA2140F4BEC00FEA3141F4B15FF
A3143F5DA3027F5D5DA219FE14FF92C81203A34917FC4A1507A219F813034A150F19F0A2
0107EE1FE05CF03FC0A2010FEE7F804A16006060011F4B5A4A4A5A4D5AA2013F4B5A4AEC
3FC04DC7FC017F15FEEE03FC4AEB0FF001FFEC7FE0B8128004FCC8FC16E0403E7BBD45>
I<49B812F8A390260003FEC7121F18074B14031801F000F014075DA3140F5D19E0A2141F
4B1338A2EF7801023F027013C04B91C7FCA217F0027F5CED80011603160F91B65AA3ED00
1F49EC07805CA3010392C8FC5CF003804C13070107020E14005C93C75A180E010F161E4A
151C183CA2011F5E5C60A2013F15014A4A5A1707017F150F4D5A4A147F01FF913807FF80
B9FCA295C7FC3D3E7BBD3E>I<49B812F0A390260003FEC7123F180F4B1403A2F001E014
075DA3140F5D19C0A2141F5D1770EFF003023F02E013804B91C7FCA21601027F5CED8003
A2160702FFEB1F8092B5FCA349D9003FC8FC4A7F82A20103140E5CA2161E0107141C5CA2
93C9FC130F5CA3131F5CA3133F5CA2137FA25C497EB612E0A33C3E7BBD3B>I<49B648B6
FC495DA2D9000390C7000313004B5D4B5DA2180714074B5DA2180F140F4B5DA2181F141F
4B5DA2183F143F4B5DA2187F147F4B5DA218FF91B8FC96C7FCA292C712015B4A5DA21703
13034A5DA2170713074A5DA2170F130F4A5DA2171F131F4A5DA2173F133F4A5DA2017F15
7FA24A5D496C4A7EB66CB67EA3483E7BBD44>72 D<49B6FC5BA2D9000313005D5DA31407
5DA3140F5DA3141F5DA3143F5DA3147F5DA314FF92C7FCA35B5CA313035CA313075CA313
0F5CA3131F5CA3133F5CA2137FA25C497EB67EA3283E7BBD23>I<49B612C0A25FD90003
90C8FC5D5DA314075DA3140F5DA3141F5DA3143F5DA3147F5DA314FF92C9FCA35B5CA313
035C18C0EF01E0010716C05C17031880130F4A140718005F131F4A141EA2173E013F5D4A
14FC1601017F4A5A16074A131F01FFECFFF0B8FCA25F333E7BBD39>76
D<49B77E18F018FC903B0003FE0003FEEF00FF4BEC7F80F03FC00207151F19E05DA2020F
16F0A25DA2141FF03FE05DA2023F16C0187F4B1580A2027FEDFF00604B495A4D5A02FF4A
5A4D5A92C7EA3FC04CB4C7FC4990B512FC17E04ACAFCA21303A25CA21307A25CA2130FA2
5CA2131FA25CA2133FA25CA2137FA25C497EB67EA33C3E7BBD3E>80
D<92390FF001C0ED7FFE4AB5EA0380913907F80FC791390FC003EF91391F8001FF4AC713
00027E805C495A4948143EA2495AA2010F153C5CA3011F1538A38094C7FC80A214FC6DB4
FC15F015FE6DEBFFC06D14F06D14FC6D80143F020F7F020180EC001F150303007F167F16
3FA2161FA212075A5F120EA2001E153F94C7FCA2163E003E157E167C003F15FC4B5A486C
5C4B5A6D495AD87DE0EB1F80D8F8F849C8FC017F13FE39F03FFFF8D8E00F13E048C690C9
FC32427ABF33>83 D<48B9FCA25A903AFE001FF00101F89138E0007FD807E0163E49013F
141E5B48C75BA2001E147FA2001C4B131C123C003814FFA2007892C7FC12704A153C00F0
1738485CC716001403A25DA21407A25DA2140FA25DA2141FA25DA2143FA25DA2147FA25D
A214FFA292C9FCA25BA25CA21303A25CEB0FFE003FB67E5AA2383D71BC41>I<001FB500
F090B512F0485DA226003FF0C7380FFC004AEC03F04A5D715A017F1503A24A5DA201FF15
0795C7FC91C8FCA2485E170E5BA20003161E171C5BA20007163C17385BA2000F16781770
5BA2001F16F05F5BA2003F1501A2495DA2007F1503A2495DA2160794C8FC48C8FC5E160E
161E6C151C163C5E5E5E6C6C13014B5A001F4A5A6C6C011FC9FC6D133E6C6C13F83903FC
07F0C6B512C0013F90CAFCEB07F83C406FBD44>I<277FFFFE01B500FC90B512E0B5FCA2
0003902680000790C7380FFC006C90C701FCEC07F049725A04035EA26350C7FCA2040715
0EA2040F5D1A3C041F153862163B6216734F5A6D14E303014B5A6C15C303034BC8FC1683
DB0703140E191E030E151C61031C7F61ED380161157003F04A5A15E002014B5A15C0DA03
804AC9FC60DA0700140E60140E605C029C5D14B8D97FF85D5C715A5C4A5DA24A92CAFC5F
91C7FC705A137E5F137C5F137801705D53406EBD5B>87 D<147E49B47E903907C1C38090
391F80EFC090383F00FF017E137F4914804848133F485AA248481400120F5B001F5C157E
485AA215FE007F5C90C7FCA21401485C5AA21403EDF0385AA21407EDE078020F1370127C
021F13F0007E013F13E0003E137FECF3E1261F01E313C03A0F8781E3803A03FF00FF00D8
00FC133E252977A72E>97 D<EB1FC0EA0FFF5CA2EA003FA291C7FCA25BA2137EA213FEA2
5BA21201A25BA21203A25B147E3907F1FF809038F783E09038EF01F013FE390FF800F8A2
4913FC49137C485A157E5B15FE123FA290C7FCA248130115FC127EA2140300FE14F85AA2
EC07F0A215E048130F15C0141F15800078EB3F00127C147E003C5B383E01F8381E03E06C
485A6CB4C7FCEA01F81F4076BE2A>I<EC1FE0ECFFF8903803F03E903807C00F90381F80
07D93F001380017E131F49137F485A485A000715005B000F147E484890C7FCA2485AA312
7F90C9FCA35A5AA6481403007E5C5D151E003E5C5D6C5CEC03E0390F800F802603E07EC7
FC3801FFF838003FC0212977A72A>I<EE3F80ED1FFF1700A2ED007FA2167EA216FEA25E
A21501A25EA21503A25EA21507A25E147E903801FF8F903807C1CF90391F80EFC090383F
00FF017E137F5B48486D5A485AA2485A000F92C7FC5B001F5CA24848137EA215FE127F90
C75AA214015A485CA2140316384814F0A21407167891380FE070127C021F13F0007E013F
5B003E137FECF3E1261F01E35B3A0F8781E3802703FF00FFC7FCD800FC133E294077BE2E
>I<EC3F80903801FFE0903807E0F890381F803CEB3E0001FC131E485A485A1207484813
3E49133C121F4848137C15F8EC03F0397F000FE0ECFF80B5EAFC0014C048C8FCA45AA615
06150E151E007C143C15786C14F0EC01E06CEB07C0390F801F003807C0FC3801FFF03800
7F801F2976A72A>I<167C4BB4FC923807C78092380F83C0ED1F87161FED3F3FA2157EA2
1780EE0E004BC7FCA414015DA414035DA30103B512F8A390260007E0C7FCA3140F5DA514
1F5DA4143F92C8FCA45C147EA414FE5CA413015CA4495AA4495AA4495A121E127F5C12FF
49C9FCA2EAFE1EEAF83C1270EA7878EA3FE0EA0F802A5383BF1C>I<EC03F0EC0FFC9138
3E0E1C9138FC077E903901F003FE1303903807E001D90FC013FCEB1F80A2EB3F004914F8
137E01FE1303A2484814F0A2150712034914E0A2150F12074914C0A2151FA216805B153F
1203ED7F006D5BA200015B0000495A9038F80F7E90387C1EFEEB1FF8903807E0FC90C7FC
1401A25DA21403A25D001C1307007F5C48130F5D4A5A4AC7FC48137E00F85B387C03F038
1FFFC0D803FEC8FC273B7CA72A>I<EB01FC13FF5CA21303A25CA21307A25CA2130FA25C
A2131FA25CA2133FA291C8FCEC03F890387F0FFE91383E0F80D97E7813C0ECE007D9FFC0
13E014801400A2485A5BA25B0003140F16C05BA20007141F16805BA2000F143F16005B5D
001F147EEDFE074913FCA2003F0101130FEDF80E1300161E48ECF01CA2007E1538A200FE
1570020013E048EC7FC00038EC1F0028407ABE2E>I<1478EB01FCA21303A314F8EB00E0
1400AD137C48B4FC38038F80EA0707000E13C0121E121CEA3C0F1238A2EA781F00701380
A2EAF03F140012005B137E13FE5BA212015BA212035B1438120713E0000F1378EBC070A2
14F0EB80E0A2EB81C01383148038078700EA03FEEA00F8163E79BC1C>I<EB07F0EA03FF
14E0A2EA000FA214C0A2131FA21480A2133FA21400A25BA2137EA213FEA25BA21201A25B
A21203A25BA21207A25BA2120FA25BA2121FA25BA2123FA290C7FCA25A1307127EA2EAFE
0F130E12FCA2131E131CA2EA7C381378EA3C70EA1FE0EA0780144079BE17>108
D<D801F0D93F80137F3D07FC01FFE003FFC03D0F3E07C1F80F83F03D0E1F0F00FC1E01F8
001E011C90387C3800001C49D97E707F003C01F05C0038157F4A5C26783FC05C12704A91
C7FC91C7127E00F003FE1301494A5CEA007EA20301140301FE5F495CA203031407000160
495C180F03075D0003051F13E0494A1480A2030FEC3F810007F001C0495CA2031F91383E
0380120F494AEC0700A2033F150E001FEF1E1C4991C7EA0FF80007C7000EEC03E0432979
A74A>I<D801F0EB3F803A07FC01FFE03A0F3E07C1F83A0E1F0F00FC001E011C137C001C
49137E003C13F012385C38783FC012705C91C7FC00F015FE495CEA007EA2150101FE5C5B
A2150300015D5B15075E0003020F13704914C0A2031F13F00007ED80E05B1681EE01C012
0F49EC0380A2EE0700001FEC0F0E49EB07FC0007C7EA01F02C2979A733>I<EC1FC0ECFF
F8903803F07C90380FC01FEB1F8090393F000F80017E14C0491307484814E0485A12075B
000F15F0485AA2485AA2ED0FE0127F90C7FCA2151F4815C05AA2ED3F80A2ED7F00A24814
7E007C5C007E13015D4A5A003E495A6C495A4A5A260F803EC7FC3807C0FC3801FFF03800
3F80242977A72E>I<903903E001F890390FF807FE903A1E7C1E0F80903A1C3E3C07C001
3C137801389038E003E0EB783F017001C013F0ED80019038F07F0001E015F8147E160300
0113FEA2C75AA20101140717F05CA20103140F17E05CA20107EC1FC0A24A1480163F010F
15005E167E5E131F4B5A6E485A4B5A90393FB80F80DA9C1FC7FCEC0FFCEC03E049C9FCA2
137EA213FEA25BA21201A25BA21203A2387FFFE0B5FCA22D3A80A72E>I<D801F013FC3A
07FC07FF803A0F3E0F03C0260E1F1C13E0001EEB380F001C1370003CEBE01F123814C0D8
783F14C00070903880070092C7FC91C8FC12F05BEA007EA313FE5BA312015BA312035BA3
12075BA3120F5BA3121F5B0007C9FC232979A726>114 D<EC7F80903801FFE0903807C0
F890381F003C013E131C013C131E017C133E49137E15FEA2000114FCA215706D13007FEB
FFC014FC6C13FF15806D13C06D13E0010F13F01300140F14071403120C123F387F800114
03D8FF0013E0A300FCEB07C000F0EB0F8012700078EB1F006C133C381F01F83807FFE0C6
90C7FC1F297AA725>I<EB01C0EB03F01307A25CA2130FA25CA2131FA25CA2133FA291C7
FCA2007FB51280B6FC1500D8007EC7FC13FEA25BA21201A25BA21203A25BA21207A25BA2
120FA25BA2121F141C1380A2003F133C1438EB0078147014F05C495AEA1F03495A6C48C7
FCEA07FCEA01F0193A78B81E>I<137C48B4141C26038F80137EEA0707000E7F001E15FE
121CD83C0F5C12381501EA781F007001805BA2D8F03F1303140000005D5B017E1307A201
FE5C5B150F1201495CA2151F0003EDC1C0491481A2153F1683EE0380A2ED7F07000102FF
13005C01F8EBDF0F00009038079F0E90397C0F0F1C90391FFC07F8903907F001F02A2979
A731>I<017CEB01C048B4EB07F038038F80EA0707000E01C013F8121E001C1403EA3C0F
0038EC01F0A2D8781F130000705BA2EAF03F91C712E012005B017E130116C013FE5B1503
000115805BA2ED07001203495B150EA25DA25D1578000114706D5B0000495A6D485AD97E
0FC7FCEB1FFEEB03F0252979A72A>I<017C167048B491387001FC3A038F8001F8EA0707
000E01C015FE001E1403001CEDF000EA3C0F0038177C1507D8781F4A133C00701380A2D8
F03F130F020049133812005B017E011F14784C137013FE5B033F14F0000192C712E05BA2
170100034A14C049137E17031880A2EF070015FE170E00010101141E01F86D131C0000D9
039F5BD9FC076D5A903A3E0F07C1E0903A1FFC03FFC0902703F0007FC7FC372979A73C>
I<903903F001F890390FFC07FE90393C1E0E0F9026780F1C138001F0EBB83FD801E013F8
9039C007F07FEA0380000714E0D9000F140048151C000E4AC7FCA2001E131FA2C75BA214
3F92C8FCA35C147EA314FE4A131CA30101143C001E1538003F491378D87F811470018314
F000FF5D9039077801C039FE0F7C033A7C0E3C078027783C1E1EC7FC391FF80FFC3907E0
03F029297CA72A>I<137C48B4143826038F8013FCEA0707000E7F001E1401001C15F8EA
3C0F12381503D8781F14F000701380A2D8F03F1307020013E012005B017E130F16C013FE
5B151F1201491480A2153F000315005BA25D157EA315FE5D00011301EBF8030000130790
387C1FF8EB3FF9EB07E1EB00035DA21407000E5CEA3F80007F495AA24A5AD8FF0090C7FC
143E007C137E00705B387801F0383803E0381E0FC06CB4C8FCEA03F8263B79A72C>I<D9
01F01370D907FC13F0010F14E090381FFE0190393FFF03C049EB838090387C0FCF9039F8
03FF009038F0007E49133C000114386C48137890C75A4A5A4A5A4A5A4AC7FC141E5C5C5C
495A495A495A49C8FC131E4913075B5B48485B4848131E485A01F05BD80FFE137C391F1F
81F8383E0FFFD83C075B486C5B00705CD8F00190C7FC38E0007C24297BA725>I
E /Fk 25 122 df<137F3801FFC0000713F0487F487F487F487FA2B61280A96C1400A26C
5B6C5B6C5B6C5B000113C06C6CC7FC90C8FCB3A9137F3801FFC0000713F0487F487F487F
487FA2B61280A96C1400A26C5B6C5B6C5B6C5B000113C06C6CC7FC194D72CC36>58
D<F103F84F7E4F7EA24F7EA34F7FA24F7FA396B57EA24E80A34E80A24E80A34E80A24E80
A34E81A24E81A219BFDEFF9F80191F4D6D80A218FE05036D8018FC05076D80A218F8050F
6D8018F0051F6D80A260053F6E8060057F6E80A26005FF6E8095C7FC4C6F80A25F04036F
805F04076F80A25F040F6F805F041F6F80A25F043F70805F047F7080A25F04FF708094C9
FC4B7180A25E030371805E4BBB7EA34B86A24B86A3DB3FE0CA6C805E037F7280A25E03FF
7280A24A90CB6C80A25D02037380A24A487280A25D020F7380A24B84021F885D023F7480
A24B85027F895D902607FFFC7380B86C031FB912E0A8837979F892>65
D<96267FFFE01670063FB6ED01F80503B700F01403053F04FC14074CB96C130F040706E0
131F043F72133F93BA00FC137F0303DC00076D13FF030F03C09039003FFF814B02FCC800
0713C3037F02E0030113F792B600806F6CB5FC02034ACA121F4A02F8834A02E0834A4A17
01027F4A8391B548CC7E494A85495C4C854988494A85494A85495C8A4991CDFC90B54886
A2484A1B7FA2481E3F5D481E1F5D5A1F0FA2485CA3481E075DA2F703F0489BC7FCA45DA2
B6FCB27EA281A47EA2F703F06FF307F87EA36C80A21F0F7E6F1CF07E6F1B1F7E20E06C6E
1B3F816DF57FC06D80F7FF806D806D6E4F13006D6E616D525A826D6E4F5A6D6E4F5A6E6D
6C4E5A021F6EF0FFE06E6E4D5B6E02F84D5B6E02FE050F90C7FC02006E6CEE3FFE6F02F0
EEFFFC031F02FE03035B6FDAFFC0021F13E0030303FF0103B55A030093B7C8FC043F18FC
040718F0040118C0DC003F94C9FC050316F8DD003F1580DE007F01F0CAFC757A75F78C>
67 D<BA12F8A8C7001F02C0C7FCB3B3B3B3B3ACBA12F8A83D767BF548>73
D<B800C00507B812C083838383A28383C7003F6F93C7001F01F0C7FC72060190C8FC84A2
84848403EF8015E703E3808503E18103E081708082708085708070807081828670817180
718083718086718071817181837280877280728072808487728172817281857380887380
7380738085738189738174807480868974807480741580867415C01EE07514F07514F875
14FC877514FE1EFF7515817515C1877614E11FF17614F97614FD7691B5FC8888A2888889
8989A289898989A2898A8A8A8AA28A8A8A8A8B903803FFFEB800F8858B8B8BA28B8B795A
8A767AF597>78 D<922603FFF8150E037FD9FFC0143F0203B600FC5C021F03FF5C027FEE
C00149B8EAF00349EFFC07010FDA000F13FE4901F09039007FFF8F4901C0020F13DF4990
C8000390B5FC494815004801F8163F48844A8248498248844A8248844A834885A291CB7E
5A86A286B5FC8680A28680A280A26E8380806E187E6E95C7FC6C8015E015FCEDFFC06C15
FCEEFFE06C16FF18F06CEFFF8019F06C18FE737E6C856C19F06C19FC6D846D846D856D85
6D850101856D85023F846E841407020084031F18801500040F17C0EE007F050716E0EF00
3F1803DE007F14F0191F8585070114F8A28586007E85B4FC86A286A37F86A36D1AF0A37F
1CE06D60A26D1AC06D607F6D1A806E5F6E4D13006E606E17FF02FC4C5B02FF4C5B03E04B
5B03FC031F5B01FBD9FF80027F5B01F102FE0107B55AD9E07F90B8C7FC6E17FCD9C00F5F
D9800317E090C76C168048020F4BC8FC48020015F00070030349C9FC557A75F76C>83
D<001FC012F8A7481FFC03F0C76C91C7120F92C8EF007F02F81B1F02E01B0702801B0191
C984491D7F491D3F491D1FA2491D0FA2491D07007F1FFEA2491D03A4491D01A700FF1FFF
90CA85A6CB1A00B3B3B3AD4ABC12C0A8787479F387>I<92383FFFF80207B612E0027F15
FC49B87E010717E0011F83499026F0007F13FC4948C7000F7F90B502036D7E486E6D806F
6D80727F486E6E7F8486727FA28684A26C5C72806C5C6D90C8FC6D5AEB0FF8EB03E090CA
FCA70507B6FC041FB7FC0303B8FC157F0203B9FC021FECFE0391B612800103ECF800010F
14C04991C7FC017F13FC90B512F04814C0485C4891C8FC485B5A485B5C5A5CA2B5FC5CA3
60A36E5DA26C5F6E5D187E6C6D846E4A48806C6D4A4814FC6C6ED90FF0ECFFFC6C02E090
263FE07F14FE00019139FC03FFC06C91B6487E013F4B487E010F4B1307010303F01301D9
003F0280D9003F13FC020101F8CBFC57507ACE5E>97 D<93383FFFF00307B612C0033F15
F84AB712FE0207707E021F17E0027F8391B526FC001F7F010302C001037F4991C7487F49
495C495B4901F04A7F5B90B55A485CA2485C4891C8FCA248715B5C48715B725B4A6F5B48
9438007FC0071FC7FC96C8FC5AA25CA3B5FCAF7E80A47E80A27E806CF11F80F23FC06C6E
167FA26C6EEEFF80816C606C6E17006D6D4B5A6D6D15076D6D4B5A6D6D6C4A5A6D02E0EC
7FF06D02F849485A01009126FF801F5B6E91B6C7FC021F5E020716F8020116E06E6C1580
030702FCC8FCDB003F13804A507ACE56>99 D<93387FFF80030FB512FC037FECFF804AB7
12E0020716F8021F16FE027FD9F8077F49B5D8C000804991C7003F13E04901FC020F7F49
496E7F49498049496E7F49496E7F90B55A48727E92C914804884485B1BC048841BE0485B
A27313F05AA25C5AA21BF885A2B5FCA391BAFCA41BF002F8CCFCA67EA3807EA47E806CF1
03F0F207F86C7F1A0F6C6E17F06C191F6F17E06C6E163F6D6DEE7FC06D6D16FF6D6D4B13
806D6D4B13006D6D6CEC0FFE6D02E0EC3FFC6D02F8ECFFF86D9126FFC00F5B023F91B65A
020F178002034CC7FC020016F8031F15E0030392C8FCDB000F13E04D507BCE58>101
D<EF7FFE040FB512C093B612F0030715FC031F814B8192B5D8F01F13800203DA803F13C0
4A9026FC007F13E04A4990B5FC4A5B4A494814F04A13C091B51280A2491400A2495BA271
14E05B4B6E13C0721380721300F007FC95C8FCB3B912C0A8D8000749CAFCB3B3B3A7007F
B712FCA844797AF83B>I<F37F80922607FFFC913807FFE092B600E0011F13F8020703FC
017F13FC021FDBFF01B512FE027F16C349B800F7EBBFFF49DA803F9038FFF83F010F9026
FC000714C04901F00101EC007F49496D148049496E6D7E90B517E04B6E15FE48F1F01F48
91C86C9038F80FFCF307F098C7FC48496F7FA34885AB6C61A36C6D4B5BA36C6E4A5B6C61
6F5C6D606D6D91B55A6D6D4991C8FC6D01FC01075B9226FF803F13F893B65A4917C0D93F
1F93C9FC020715FCD97E0015E0030701FCCAFC01FE90CDFCA412017FA280A280808014FE
6C90B812C019FF1AF01AFC6DF0FF801BE06D851BFC6D856D856D1A806D1AC05B011F1AE0
137F48BC12F0000701FCC9FC4801E0040314F84849EE007F4849171F91CB1207487313FC
5B00FF855B86A56D60007F1BF86D60A26C6D4D13F06E5F6C6D4D13E06C6D4D13C06C01FC
94B512806C01FF04031400C602C0030F13FC6D01F8037F5B011FD9FFE0011FB512E00107
91B8128001014EC7FC6D6C17F8020F17C0DA007F03F8C8FC03014AC9FC58727BCE61>I<
903801FFFCB6FCA8C67E131F7FB3AD95380FFFE095B512FE05036E7E050F15E0053F15F8
4D81932701FFF01F7F4CD900077FDC07FC6D80DC0FF06D80DC1FC07F4C48824CC8FC047E
6F7F5EEDFDF85E03FF707F5EA25EA25EA293C9FCA45DB3B3A6B8D8E003B81280A8617879
F76C>I<EB01FCEB07FF011F13C0497F497F90B57EA24880A24880A76C5CA26C5CA26D5B
6D5B6D5B010790C8FCEB01FC90CAFCB2903801FFFC007FB5FCA8C67E131F7FB3B3B3A5B8
1280A8297979F835>I<903801FFFCB6FCA8C67E131F7FB3AE0603B612FEA8DE001F01F8
C7FC070713804F90C8FCF13FFE4F5AF1FFF04E5B4E5B4E5B061F90C9FC4E5AF07FF84E5A
4D5B05075B4D5B4D48CAFC4D5A4D5A4D5A04035B4C7F4C7F5E4C7F4C7F03FDB6FC92B7FC
858585A204F98004E0804C804C7E4C6C7F4B6D7F4B824B7F7180718086837180727F8684
727F72808784728072808784737F737F87854F14C0B8D88007B712F0A85C787AF766>
107 D<903801FFFCB6FCA8C67E131F7FB3B3B3B3B3ABB812C0A82A7879F735>I<902601
FFF891260FFFE093383FFF80B692B500FE0303B512F805036E6C020F14FE050F03E0023F
6E7E053F03F891B712E04D6F4982932701FFF01F6D0107D9C07F7F4CD900076D90270FFC
001F7FDC07FC6D9126801FF06D7FC66CDA0FF06D9126C03FC06D7F011FDA1FC06D4BC77E
6D4A48DCE0FE834CC8ECE1FC047E6FD9F1F86E804CEFF3F0DBF9F8EFF7E04C6003FB7001
FF6F804C6015FF4C95C9FCA24C5FA293C95CA44B60B3B3A6B8D8E003B8D8800FB712FEA8
974E79CDA2>I<902601FFF891380FFFE0B692B512FE05036E7E050F15E0053F15F84D81
932701FFF01F7F4CD900077FDC07FC6D80C66CDA0FF06D80011FDA1FC07F6D4A48824CC8
FC047E6F7F5EEDF9F85E03FB707F5E15FF5EA25EA293C9FCA45DB3B3A6B8D8E003B81280
A8614E79CD6C>I<93381FFFE00303B6FC031F15E092B712FC020316FF020F17C0023FD9
FC0014F091B500C0010F13FC4991C700037F4901FC02007F010F496F13C049496F7F4949
6F7F4B8149496F7F90B5C96C7F4886A24849707F481B80A248497014C0A2481BE0A34849
7113F0A3481BF8A5B51AFCAE6C1BF8A46C1BF06E94B5FCA36C1BE0A26C6D4C14C0A26C1B
806E5E6C1B006C6E4B5BA26C6E4B5B6D6D4B5B6D6D4B5B6D6D4B5B6D6D92B55A6D01FF02
035C6D02C0010F91C7FC010002FC90B512FC6E90B75A021F17E00207178002014CC8FCDA
003F15F0030392C9FCDB001F13E056507BCE61>I<902601FFF8EB07FEB691383FFFC094
B512F00403804C14FE4C8093261FFC3F138093263FE07F13C0DC7F80B5FCC66C5D011FDA
FE0114E06DEBF9FC16F815FB16F016E015FF16C07114C05E72138095381FFE0093C76C5A
F001E095C8FCA25DA65DB3B3A2B812F8A8434E7ACD4F>114 D<912603FFFCEB0780027F
9039FFE00FC00103B6EAF83F010FEDFEFF013F92B5FC49EB000F2601FFF0130048018014
3F4890C8120F4848814848814981123F83485A187FA212FF6D163FA37F7F6DEE1F8002C0
92C7FC14F014FEECFFF06CECFF8016FEEEFFE06C16FC6C16FF18C06C836C17F86C836C83
6C83013F17806D17C0010717E0010117F0EB003F020716F8EC001F030015FC1607EE007F
051F13FE1707007E82B482836D167FA2183F7F181FA27F19FC7FA26D163F6D17F86D167F
19F06D16FF6E4A13E002E04A13C06E4A138002FE023F1300913AFFC003FFFE01E790B65A
01C316F0018016C026FE003F92C7FC48010714F80070D9007F90C8FC3F507ACE4C>I<15
FFA75CA55CA45CA25CA25CA25CA25C91B5FCA25B5B5B131F5B90B9FC120FBAFCA6D80007
91C9FCB3B3A3F01FE0AE183F7014C07F187F7014806D16FF826D4B13006E6D485AEEFE0F
6E90B55A020F5D6E5D020115C06E6C5C031F49C7FC030113F03B6E7CEC4B>I<DAFFFE93
3803FFF8B60303B6FCA8C66CEE0001011F717E6D84B3B3A862A497B5FCA261A2616D5F1A
DF6F150F6DEF1F9F073F806D6EDA7F1F13FF6D6ED901FEEDFF8070EB07FC023F01FEEB3F
F86E90B612F06E16C0020316800200EDFE00031F14F80300028003C0C7FC614F79CD6C>
I<B7D8FE01B700F00103B612E0A8D8003F01FCC8003F01E0C80007EBE0006D0B0090C7FC
6F6F6D5DA26D666F6F6D15036D66701A07737F6D667070150F6D4D60701A1F876D4D6070
71143F6E4C60701A7F886E4C607003BF6D14FF6E04FF95C8FC6670031F7F6E4B60704A6C
6D130318036E640580496C6D13076E03076005C0180F4F6C7F6E030F6005E0496C6D131F
6E031F6005F0183F4F6C14806F023F6005F8496DEBC07F6F027F6005FC18FF4F6D7F6F02
FF95C9FC7190C76C13F16F90B55F1DF34E6E13FB6F624E6E13FFA26F624E806F62A24E80
6F624E807061A24E8170614E817096CAFCA295C97E70604D160F0407604D16077048705A
834E7CCC8C>119 D<B892B612F8A8D8001F49C90003EBF0006D6D04001380A26D6E94C7
FC626D6E5E1A03A26D6E4B5AA26D6E4B5AA26E6D5E1A1F6E6D5E1A3F6E6070157FA26E6D
4B5AA26E6E4990C8FCA26E6E5C19036E6E5C1907A26E6E495AA26F6D495AA26F6D5C193F
6F6D5C197F6F5E7113FFA26F028190C9FCA26FECC3FEA26FECE3FC18E76FECF7F818FFA2
705CA2705CA2705CA2705CA37091CAFCA2705BA2705BA2705BA2715AA3715AA24D5AA260
17FF95CBFC5EA24C5AEA03F8D80FFE4A5A487E486D495A487F5FB56C131F5F163F4C5AA2
4C5A4B90CCFC6C49485A4B5AEC800F6C9038003FF849EBFFF0261FFC0713C06CB65A6C92
CDFC6C14FCC614F0013F13C0D907FCCEFC5D6F7CCC66>121 D E
end
%%EndProlog
%%BeginSetup
%%Feature: *Resolution 600dpi
TeXDict begin
%%PaperSize: a4
%%EndSetup
%%Page: 1 1
1 0 bop 565 522 a Fk(CrySTINA:)64 b(Securit)-5 b(y)66
b(in)f(the)565 704 y(T)-16 b(elecomm)-5 b(unications)65
b(Information)565 887 y(Net)-5 b(w)g(orking)65 b(Arc)-5
b(hitecture)565 1186 y Fj(L.Butty\023)-46 b(an,)33 b(S.)f(Staamann,)j
(U.Wilhelm)565 1294 y(Swiss)e(F)-7 b(e)i(der)g(al)35
b(Institute)d(of)h(T)-7 b(e)i(chnolo)g(gy)35 b(-)d(L)-5
b(ausanne)565 1396 y(EPFL-DI,)31 b(CH-1015)i(L)-5 b(ausanne,)34
b(Switzerland,)565 1495 y(fon:)e(+41)i(21)f(693)h(5267,)g(fax:)f(+41)g
(21)h(693)g(6770,)565 1595 y(email:)f Fi(f)p Fj(L)-5
b(evente.Butty\023)-46 b(an,)33 b(Seb)-5 b(astian.Staamann,)36
b(Uwe.Wilhelm)p Fi(g)p Fj(@ep\015.ch)1776 2155 y Fh(Abstract)565
2255 y Fg(TINA)j(sp)r(eci\014es)f(an)g(op)r(en)h(arc)n(hitecture)e(for)
h(telecomm)n(unication)g(services)f(in)i(the)565 2354
y(broadband,)e(m)n(ultimedia,)j(and)e(information)h(era.)f(Its)h(c)n
(haracteristics)d(most)j(rele-)565 2454 y(v)-5 b(an)n(t)29
b(for)g(securit)n(y)f(are)g(a)h(v)-5 b(ariet)n(y)29 b(of)g(services,)f
(a)h(m)n(ultitude)h(of)g(service)e(pro)n(viders,)f(a)565
2554 y(w)n(ell)k(de\014ned)h(business)g(mo)r(del,)g(a)f(middlew)n(are)g
(platform)h(for)f(service)g(dev)n(elopmen)n(t)565 2653
y(and)22 b(pro)n(vision,)e(and)i(the)h(assumption)f(of)g(adv)-5
b(anced)22 b(costumer)f(premises)h(equipmen)n(t.)565
2753 y(Concepts)g(for)f(its)i(securit)n(y)e(arc)n(hitecture)h(are)f
(dev)n(elop)r(ed)h(in)h(the)f(CrySTINA)h(pro)5 b(ject.)565
2853 y(W)-7 b(e)23 b(in)n(tro)r(duce)g(the)g(TINA-C)h(arc)n(hitecture,)
e(analyse)f(it)j(with)g(regard)d(to)i(securit)n(y)f(and)565
2952 y(presen)n(t)31 b(the)h(CrySTINA)g(securit)n(y)g(arc)n(hitecture.)
f(CrySTINA)h(is)g(aligned)f(with)i(the)565 3052 y(OMG's)20
b(CORBA)g(Securit)n(y)f(sp)r(eci\014cation,)h(but)h(enhances)f(it)h
(with)f(regard)f(to)h(securit)n(y)565 3151 y(in)n(terop)r(erabilit)n(y)
i(despite)i(the)g(heterogeneit)n(y)e(of)i(securit)n(y)f(p)r(olicies)g
(and)h(tec)n(hnologies)565 3251 y(that)30 b(m)n(ust)g(b)r(e)g(exp)r
(ected)g(in)g(TINA)g(net)n(w)n(orks.)f(Th)n(us,)g(w)n(e)h(presen)n(t)f
(a)g(mo)r(del)h(for)g(the)565 3351 y(enforcemen)n(t)24
b(of)g(securit)n(y)g(p)r(olicies)h(that)f(supp)r(orts)h(the)g
(negotiation)e(of)i(securit)n(y)f(con-)565 3450 y(texts.)1752
3676 y Fh(Keyw)m(ords)565 3776 y Fg(TINA,)k(Securit)n(y)-7
b(,)27 b(CORBA,)g(DPE,)h(In)n(terop)r(erabilit)n(y)-7
b(,)26 b(Securit)n(y)h(Con)n(texts)565 4055 y Ff(1)91
b(INTR)m(ODUCTION)565 4254 y Fg(Computers)18 b(are)g(increasingly)g
(used)h(for)g(the)g(con)n(trol)f(of)h(telecomm)n(unication)f(systems.)
565 4354 y(The)34 b(use)g(of)h(computers)e(enables)h(more)g
(\015exibilit)n(y)g(in)h(con)n(trol)e(as)g(w)n(ell)i(as)e(the)i(fast)
565 4454 y(and)f(c)n(heap)f(in)n(tro)r(duction)h(of)g(new)g(telecomm)n
(unication)g(services.)f(The)h(basic)g(ideas)565 4553
y(for)e(this)i(approac)n(h)d(stem)i(from)g(the)h(In)n(telligen)n(t)f
(Net)n(w)n(ork)f(\(Garrahan)f Fe(et)k(al)p Fg(.)f(1993\))565
4653 y(\(Magedanz)42 b(and)g(P)n(op)r(escu-Zeletin)g(1996\).)g(Net)n(w)
n(ork)f(and)i(service)f(con)n(trol)g(func-)565 4753 y(tions)25
b(of)h(these)h(net)n(w)n(orks)d(are)h(more)g(and)h(more)f(realized)h
(as)f(soft)n(w)n(are.)f(TINA,)j(whic)n(h)565 4852 y(stands)d(for)g(T)-7
b(elecomm)n(unications)23 b(Information)h(Net)n(w)n(orking)f(Arc)n
(hitecture)h(\(Dupuy)565 4952 y Fe(et)33 b(al)p Fg(.)f(1995\),)e(tak)n
(es)h(these)h(dev)n(elopmen)n(ts)f(ev)n(en)g(further.)h(It)g(is)f
(curren)n(tly)g(the)h(most)565 5051 y(encompassing)22
b(e\013ort)h(to)h(de\014ne)f(an)h(op)r(en)g(arc)n(hitecture)e(for)h
(telecomm)n(unication)g(ser-)584 5249 y Fd(c)565 5251
y Fc(\015)665 5234 y Fd(\023)659 5251 y(Ecole)h(P)n(olytec)n(hnique)i
(F)n(\023)-33 b(ed)n(\023)g(erale)24 b(de)g(Lausanne)48
b(1998)p eop
%%Page: 2 2
2 1 bop 565 419 a Fd(2)565 685 y Fg(vices)39 b(implemen)n(ted)i(as)e
(distributed)i(applications)e(in)i(the)f(emerging)f(broadband,)565
784 y(m)n(ultimedia)26 b(and)g(information)g(era.)g(This)g(e\013ort)g
(is)g(carried)f(out)i(b)n(y)f(the)h(TINA)g(Con-)565 884
y(sortium)32 b(\(TINA-C\),)i(a)e(m)n(ultinational)h(consortium)f
(consisting)g(of)h(ma)5 b(jor)31 b(net)n(w)n(ork)565
983 y(op)r(erators,)20 b(as)h(w)n(ell)h(as)g(telecomm)n(unication)g
(equipmen)n(t)g(and)g(computer)g(system)g(sup-)565 1083
y(pliers)h(\(Barr)g Fe(et)j(al)p Fg(.)f(1993\).)e(The)h(soft)n(w)n(are)
e(mo)r(del)j(of)f(TINA)g(is)g(based)g(on)g(the)g(concept)565
1183 y(of)j(distributed)h(ob)5 b(ject)28 b(computing.)648
1282 y(TINA)39 b(re\015ects)g(sev)n(eral)e(dev)n(elopmen)n(ts,)i(whic)n
(h)g(cause)f(securit)n(y)g(problems)h(that)565 1382 y(are)34
b(new)h(to)g(the)h(traditional)e(telecomm)n(unications)h(w)n(orld.)f
(The)h(diminishing)h(cost)565 1482 y(of)28 b(transmission)g(bandwidth)h
(enables)f(distributed)h(m)n(ultimedia)g(real-time)f(applica-)565
1581 y(tions.)34 b(The)h(p)r(o)n(w)n(erful)f(Costumer)g(Premises)f
(Equipmen)n(t)i(\(CPE\))f(a)n(v)-5 b(ailable)33 b(due)i(to)565
1681 y(the)25 b(progressiv)n(e)e(use)i(of)h(computing)f(tec)n(hnology)f
(on)h(the)h(user's)f(side)g(enables)g(a)g(m)n(ul-)565
1780 y(titude)f(of)f(services)f(to)h(b)r(e)h(deliv)n(ered)f(via)g(a)f
(common)h(telecomm)n(unication)g(infrastruc-)565 1880
y(ture)31 b(to)g(m)n(ultipurp)r(ose)h(end-user)f(terminals.)g(The)g(w)n
(orldwide)g(deregulation)f(of)i(the)565 1980 y(telecomm)n(unication)e
(en)n(vironmen)n(t)h(creates)f(an)h(op)r(en)g(mark)n(et)g(for)g(the)g
(pro)n(vision)f(of)565 2079 y(telecomm)n(unication)g(services.)f(Th)n
(us,)i(telecomm)n(unication)f(net)n(w)n(orks)f(are)h(not)g(only)565
2179 y(p)r(opulated)21 b(b)n(y)h(a)f(m)n(ultitude)i(of)f(users)f(but)h
(also)f(b)n(y)g(a)h(m)n(ultitude)g(of)g(service)f(pro)n(viders.)565
2279 y(The)32 b(co)r(op)r(eration)e(and,)i(at)g(the)g(same)f(time,)i
(comp)r(etition)f(of)g(v)-5 b(arious)31 b(pro)n(viders)f(in)565
2378 y(the)36 b(same)f(ph)n(ysical)g(net)n(w)n(ork,)f(as)h(w)n(ell)h
(as)f(the)h(exp)r(ected)g(signi\014cance)f(of)h(the)g(net-)565
2478 y(w)n(ork)d(acting)h(as)g(the)h(infrastructure)f(for)g(services)g
(v)-5 b(arying)33 b(from)i(teleconferencing)565 2577
y(and)30 b(video-on-demand)f(to)i(electronic)f(commerce)f(and)i
(electronic)f(banking)g(raise)f(a)565 2677 y(strong)d(demand)i(for)f
(securit)n(y)f(and)i(priv)-5 b(acy)27 b(of)g(service)g(usage)f(and)i
(comm)n(unication.)648 2777 y(The)i(securit)n(y)g(problem)g(domain)g
(requires)g(a)g(thorough)f(analysis)h(of)g(the)h(net)n(w)n(ork)565
2876 y(as)d(a)g(whole.)h(In)g(the)g(end,)g(a)g(securit)n(y)f
(infrastructure)g(that)h(b)r(elongs)f(to)h(the)g(net)n(w)n(ork)565
2976 y(m)n(ust)22 b(ful\014ll)h(the)g(securit)n(y)f(requiremen)n(ts)f
(of)h(all)h(a)n(v)-5 b(ailable)21 b(t)n(yp)r(es)h(of)g(services.)g(The)
g(im-)565 3076 y(plemen)n(tation)f(of)h(this)g(infrastructure)f(is)h
(closely)f(coupled)g(to)h(the)g(concept)g(of)g(middle-)565
3175 y(w)n(are,)k(whic)n(h)i(decouples)g(the)g(service)f(implemen)n
(tation)h(from)g(the)h(underlying)e(hard-)565 3275 y(w)n(are.)20
b(It)i(is)g(conceiv)-5 b(able)21 b(that)h(the)g(middlew)n(are)e(in)i
(TINA)h(will)f(b)r(e)g(based)f(on)g(pro)r(ducts)565 3374
y(conforming)31 b(to)i(the)g(Common)f(Ob)5 b(ject)33
b(Request)g(Brok)n(er)d(Arc)n(hitecture)j(\(CORBA\))565
3474 y(sp)r(eci\014ed)23 b(b)n(y)h(the)g(OMG)f(\(OMG)h(1995)p
1810 3474 25 4 v 28 w(1\).)g(Imp)r(ortan)n(t)f(asp)r(ects)g(with)h
(regard)e(to)i(secu-)565 3574 y(rit)n(y)29 b(are)h(the)h
(self-administration)e(of)h(the)h(domains)f(\(including)h(securit)n
(y\))f(and)g(th)n(us)565 3673 y(the)24 b(probable)e(heterogeneit)n(y)g
(of)i(their)f(securit)n(y)g(p)r(olicies)g(and)h(securit)n(y)f(tec)n
(hnologies.)565 3773 y(Both)g(require)g(the)h(negotiation)e(of)i
(securit)n(y)f(con)n(texts)g(to)g(enable)g(secure)g(in)n(teractions)565
3873 y(b)r(et)n(w)n(een)k(domains.)648 3972 y(In)22 b(the)h(CrySTINA)g
(pro)5 b(ject,)22 b(w)n(e)g(dev)n(elop)g(a)g(securit)n(y)f(arc)n
(hitecture)h(for)g(TINA)h(that)565 4072 y(is)i(aligned)g(to)h(the)g
(CORBA)f(securit)n(y)g(arc)n(hitecture,)f(but)i(additionally)f(supp)r
(orts)h(the)565 4171 y(negotiation)31 b(of)i(securit)n(y)f(con)n
(texts.)g(In)h(this)g(article,)f(w)n(e)g(presen)n(t)g(this)h(arc)n
(hitecture)565 4271 y(and)j(the)h(rationale)e(b)r(ehind)j(it.)f
(Section)f(2)g(in)n(tro)r(duces)g(the)h(TINA-C)g(arc)n(hitecture)565
4371 y(fo)r(cusing)24 b(on)g(the)h(securit)n(y)f(relev)-5
b(an)n(t)24 b(asp)r(ects.)g(In)h(Section)f(3,)h(w)n(e)f(analyse)f(TINA)
j(with)565 4470 y(regard)34 b(to)j(securit)n(y)f(and)g(prop)r(ose)g
(the)h(v)n(ertical)f(allo)r(cation)f(of)i(the)g(securit)n(y)f(func-)565
4570 y(tionalit)n(y)e(to)h(the)h(middlew)n(are)e(la)n(y)n(er,)f(whic)n
(h)j(is)f(pro)n(vided)f(b)n(y)g(CORBA.)h(Th)n(us,)g(w)n(e)565
4670 y(in)n(tro)r(duce)e(the)g(CORBA)h(securit)n(y)e(sp)r
(eci\014cations)h(in)h(Section)f(4.)g(In)h(Section)f(5,)g(w)n(e)565
4769 y(presen)n(t)j(the)h(CrySTINA)g(securit)n(y)f(arc)n(hitecture.)g
(Section)h(6)f(describ)r(es)g(an)h(imple-)565 4869 y(men)n(tation)27
b(of)g(its)h(mo)r(del)g(for)f(the)g(enforcemen)n(t)g(of)h(securit)n(y)
-7 b(.)27 b(Section)g(7)g(summarizes)565 4968 y(the)34
b(w)n(ork)f(presen)n(ted)g(and)h(giv)n(es)f(an)h(outlo)r(ok)f(on)h(our)
f(ongoing)g(and)g(further)h(w)n(ork.)p eop
%%Page: 3 3
3 2 bop 1414 419 a Fb(THE)26 b(TINA-C)f(AR)n(CHITECTURE)851
b Fd(3)565 685 y Fg(F)-7 b(amiliarit)n(y)29 b(with)i(TINA)g(is)f(not)g
(required,)f(while)i(kno)n(wledge)e(ab)r(out)h(CORBA)g(and)565
784 y(securit)n(y)c(concepts)h(is)h(assumed.)565 1075
y Ff(2)91 b(THE)30 b(TINA-C)g(AR)m(CHITECTURE)565 1275
y Fg(In)38 b(TINA,)h(services)e(are)g(realized)g(as)g(distributed)i
(applications.)e(They)h(consist)g(of)565 1374 y(service)21
b(comp)r(onen)n(ts)h(that)h(in)n(teract)f(with)h(eac)n(h)f(other)g(via)
g(a)g(Distributed)h(Pro)r(cessing)565 1474 y(En)n(vironmen)n(t)c
(\(DPE\).)j(The)f(DPE)g(is)g(a)g(soft)n(w)n(are)f(sub-la)n(y)n(er)f
(that)j(op)r(erates)e(ab)r(o)n(v)n(e)g(the)565 1574 y(Nativ)n(e)31
b(Computing)g(and)h(Comm)n(unications)f(En)n(vironmen)n(t)f(\(NCCE\),)i
(whic)n(h)g(is)f(an)565 1673 y(abstraction)18 b(of)h(the)h(computing)f
(hardw)n(are)f(and)h(the)h(op)r(erating)f(system)g(of)g(the)h(service)
565 1773 y(no)r(des.)30 b(While)i(the)f(NCCE)g(is)g(tec)n(hnology)e
(dep)r(enden)n(t,)j(the)f(DPE)f(o\013ers)h(a)f(uniform)565
1872 y(in)n(terface)k(to)h(the)g(distributed)h(en)n(vironmen)n(t.)e
(The)h(DPE)f(will)i(consist)e(of)h(CORBA)565 1972 y(implemen)n(tations)
27 b(as)g(the)h(DPE)f(k)n(ernel)g(and)g(additional)g(TINA)h(sp)r
(eci\014c)g(services.)648 2072 y(Comp)r(onen)n(ts)f(in)i(the)f
(application)g(la)n(y)n(er)e(are)i(divided)g(in)n(to)g(three)g
(categories;)e(ser-)565 2171 y(vice)21 b(comp)r(onen)n(ts,)h(resource)e
(comp)r(onen)n(ts,)h(and)h(elemen)n(ts.)g(Service)f(comp)r(onen)n(ts)h
(ad-)565 2271 y(dress)29 b(the)i(service)e(logic,)g(service)g(access,)g
(and)i(service)e(managemen)n(t.)g(Services)g(can)565
2371 y(mak)n(e)24 b(use)h(of)g(common)f(resources)f(b)n(y)i(in)n
(teracting)f(with)i(resource)d(comp)r(onen)n(ts.)i(The)565
2470 y(resource)h(comp)r(onen)n(ts)h(are)g(high-lev)n(el)g
(abstractions)f(of)i(a)n(v)-5 b(ailable)26 b(resources,)g(whic)n(h)565
2570 y(enable)c(the)h(usage)f(and)h(the)g(managemen)n(t)f(of)h(these)g
(resources)e(in)i(a)g(tec)n(hnology)e(inde-)565 2669
y(p)r(enden)n(t)28 b(w)n(a)n(y)-7 b(.)27 b(Elemen)n(ts)g(are)g(soft)n
(w)n(are)f(represen)n(tations)g(of)i(individual)g(net)n(w)n(orking)565
2769 y(and)g(computing)h(resources,)e(suc)n(h)h(as)g(transmission)f
(equipmen)n(t,)j(switc)n(hes,)e(or)g(com-)565 2869 y(puters.)34
b(Figure)h(1)f(sho)n(ws)g(the)h(la)n(y)n(ering)e(in)n(to)i
(applications,)f(DPE,)g(and)h(NCCE,)g(as)565 2968 y(w)n(ell)27
b(as)g(the)h(structuring)f(of)g(the)h(application)f(la)n(y)n(er)f(in)n
(to)h(comp)r(onen)n(t)h(categories.)904 4445 y @beginspecial
@setspecial
%%BeginDocument: TinaArch.epsss
/sf {150 239 div} def
/llx {-49} def
/lly {-455} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
/tgifdict 39 dict def 
tgifdict begin 
/tgifellipsedict 6 dict def 
tgifellipsedict /mtrx matrix put 
/tgifellipse 
{ tgifellipsedict begin 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y translate 
xrad yrad scale 
0 0 1 0 360 arc 
savematrix setmatrix 
end 
} def 
/tgifarrowtipdict 8 dict def 
tgifarrowtipdict /mtrx matrix put 
/tgifarrowtip 
{ tgifarrowtipdict begin 
/dy exch def 
/dx exch def 
/h exch def 
/w exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y translate 
dy dx atan rotate 
0 0 moveto 
w neg h lineto 
w neg h neg lineto 
savematrix setmatrix 
end 
} def 
/tgifpatdict 10 dict def 
/tgifpatbyte 
{ currentdict /retstr get exch 
pat i cellsz mod get put 
} def 
/tgifpatproc 
{ 0 1 widthlim {tgifpatbyte} for retstr 
/i i 1 add def 
} def 
/tgifpatfill 
{ tgifpatdict begin 
/h exch def 
/w exch def 
/lty exch def 
/ltx exch def 
/cellsz exch def 
/pat exch def 
/widthlim w cellsz div cvi 1 sub def 
/retstr widthlim 1 add string def 
/i 0 def 
tgiforigctm setmatrix 
ltx lty translate 
w h true [1 0 0 1 0 0] {tgifpatproc} imagemask 
ltx neg lty neg translate 
end 
} def 
/pat3 <8000000008000000> def 
/pat4 <8800000022000000> def 
/pat5 <8800220088002200> def 
/pat6 <8822882288228822> def 
/pat7 <aa55aa55aa55aa55> def 
/pat8 <77dd77dd77dd77dd> def 
/pat9 <77ffddff77ffddff> def 
/pat10 <77ffffff77ffffff> def 
/pat11 <7fffffff7fffffff> def 
/pat12 <8040200002040800> def 
/pat13 <40a00000040a0000> def 
/pat14 <ff888888ff888888> def 
/pat15 <ff808080ff080808> def 
/pat16 <f87422478f172271> def 
/pat17 <038448300c020101> def 
/pat18 <081c22c180010204> def 
/pat19 <8080413e080814e3> def 
/pat20 <8040201008040201> def 
/pat21 <8844221188442211> def 
/pat22 <77bbddee77bbddee> def 
/pat23 <c1e070381c0e0783> def 
/pat24 <7fbfdfeff7fbfdfe> def 
/pat25 <3e1f8fc7e3f1f87c> def 
/pat26 <0102040810204080> def 
/pat27 <1122448811224488> def 
/pat28 <eeddbb77eeddbb77> def 
/pat29 <83070e1c3870e0c1> def 
/pat30 <fefdfbf7efdfbf7f> def 
/pat31 <7cf8f1e3c78f1f3e> def 
end 
tgifdict begin 
/tgifsavedpage save def 
1 setmiterlimit 
1 setlinewidth 
0 setgray 
72 0 mul 72 11.70 mul translate 
72 128 div 100.000 mul 100 div dup neg scale 
gsave 
/tgiforigctm matrix currentmatrix def 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
789 450 moveto 
805 450 805 610 16 arcto 4 {pop} repeat 
805 594 lineto 
805 610 285 610 16 arcto 4 {pop} repeat 
301 610 lineto 
285 610 285 450 16 arcto 4 {pop} repeat 
285 466 lineto 
285 450 805 450 16 arcto 4 {pop} repeat 
closepath 
[12 4] 0 setdash 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
574 578 moveto 
673 534 lineto 
tgiforigctm setmatrix 
7 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
466 582 moveto 
403 546 lineto 
tgiforigctm setmatrix 
7 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
555 445 moveto 
555 380 lineto 
565 380 lineto 
565 445 lineto 
closepath 1 setgray eofill 
0 setgray 
newpath 
555 445 moveto 
555 380 lineto 
565 380 lineto 
565 445 lineto 
closepath eoclip newpath 
pat5 8 552 376 16 72 tgifpatfill 
grestore 
gsave 
newpath 
555 445 moveto 
555 380 lineto 
565 380 lineto 
565 445 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
606 494 moveto 
655 522 lineto 
tgiforigctm setmatrix 
7 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
588 566 moveto 
610 494 lineto 
tgiforigctm setmatrix 
7 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
534 498 moveto 
430 522 lineto 
tgiforigctm setmatrix 
7 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 548 moveto 
368 567 lineto 
449 545 lineto 
381 527 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 520 moveto 
295 548 lineto 
368 567 lineto 
449 545 lineto 
449 516 lineto 
368 538 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 520 moveto 
368 538 lineto 
449 516 lineto 
381 498 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
368 538 moveto 
368 567 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
1 setgray stroke 
1 setlinewidth 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 508 moveto 
368 527 lineto 
449 505 lineto 
381 487 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 480 moveto 
295 508 lineto 
368 527 lineto 
449 505 lineto 
449 476 lineto 
368 498 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 288 472 168 56 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 480 moveto 
368 498 lineto 
449 476 lineto 
381 458 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 288 456 168 48 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
368 498 moveto 
368 527 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 504 moveto 
548 523 lineto 
629 501 lineto 
561 483 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 476 moveto 
475 504 lineto 
548 523 lineto 
629 501 lineto 
629 472 lineto 
548 494 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 476 moveto 
548 494 lineto 
629 472 lineto 
561 454 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
548 494 moveto 
548 523 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
1 setgray stroke 
1 setlinewidth 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 464 moveto 
548 483 lineto 
629 461 lineto 
561 443 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 436 moveto 
475 464 lineto 
548 483 lineto 
629 461 lineto 
629 432 lineto 
548 454 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 472 424 160 64 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
475 436 moveto 
548 454 lineto 
629 432 lineto 
561 414 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 472 408 160 48 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
548 454 moveto 
548 483 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 588 moveto 
525 607 lineto 
606 585 lineto 
538 567 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 560 moveto 
453 588 lineto 
525 607 lineto 
606 585 lineto 
606 556 lineto 
525 578 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 560 moveto 
525 578 lineto 
606 556 lineto 
538 538 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
525 578 moveto 
525 607 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
1 setgray stroke 
1 setlinewidth 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 548 moveto 
525 567 lineto 
606 545 lineto 
538 527 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 520 moveto 
453 548 lineto 
525 567 lineto 
606 545 lineto 
606 516 lineto 
525 538 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 448 512 160 56 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
453 520 moveto 
525 538 lineto 
606 516 lineto 
538 498 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 448 496 160 48 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
525 538 moveto 
525 567 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[20 4 4 4] 0 setdash 
newpath 
547 434 moveto 
547 366 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[20 4 4 4] 0 setdash 
newpath 
372 478 moveto 
372 410 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 536 moveto 
710 555 lineto 
791 533 lineto 
723 515 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 508 moveto 
637 536 lineto 
710 555 lineto 
791 533 lineto 
791 504 lineto 
710 526 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 508 moveto 
710 526 lineto 
791 504 lineto 
723 486 lineto 
closepath 
gsave 
eofill 
grestore 
gsave 
2 setlinewidth 
1 setgray stroke 0 setgray 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
710 526 moveto 
710 555 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
1 setgray stroke 
1 setlinewidth 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
580 605 moveto (Kernel Transport Network) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
190 285 moveto (Elements) show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
365 480 moveto 
365 415 lineto 
375 415 lineto 
375 480 lineto 
closepath 1 setgray eofill 
0 setgray 
newpath 
365 480 moveto 
365 415 lineto 
375 415 lineto 
375 480 lineto 
closepath eoclip newpath 
pat5 8 360 408 16 72 tgifpatfill 
grestore 
gsave 
newpath 
365 480 moveto 
365 415 lineto 
375 415 lineto 
375 480 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
525 520 moveto 
525 455 lineto 
535 455 lineto 
535 520 lineto 
closepath 1 setgray eofill 
0 setgray 
newpath 
525 520 moveto 
525 455 lineto 
535 455 lineto 
535 520 lineto 
closepath eoclip newpath 
pat5 8 520 448 16 72 tgifpatfill 
grestore 
gsave 
newpath 
525 520 moveto 
525 455 lineto 
535 455 lineto 
535 520 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
355 480 moveto 
361.67 470.00 365.00 455.00 365.00 435.00 curveto 
365.00 415.00 366.67 405.00 370.00 405.00 curveto 
373.33 405.00 375.00 415.00 375.00 435.00 curveto 
375.00 455.00 378.33 470.00 
385 480 curveto 
closepath 1 setgray eofill 
0 setgray 
newpath 
355 480 moveto 
361.67 470.00 365.00 455.00 365.00 435.00 curveto 
365.00 415.00 366.67 405.00 370.00 405.00 curveto 
373.33 405.00 375.00 415.00 375.00 435.00 curveto 
375.00 455.00 378.33 470.00 
385 480 curveto 
closepath eoclip newpath 
pat5 8 352 400 40 80 tgifpatfill 
grestore 
gsave 
newpath 
355 480 moveto 
361.67 470.00 365.00 455.00 365.00 435.00 curveto 
365.00 415.00 366.67 405.00 370.00 405.00 curveto 
373.33 405.00 375.00 415.00 375.00 435.00 curveto 
375.00 455.00 378.33 470.00 
385 480 curveto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
505 520 moveto 
515.00 503.33 520.00 487.50 520.00 472.50 curveto 
520.00 457.50 523.33 450.00 530.00 450.00 curveto 
536.67 450.00 540.00 457.50 540.00 472.50 curveto 
540.00 487.50 545.00 503.33 
555 520 curveto 
closepath 1 setgray eofill 
0 setgray 
newpath 
505 520 moveto 
515.00 503.33 520.00 487.50 520.00 472.50 curveto 
520.00 457.50 523.33 450.00 530.00 450.00 curveto 
536.67 450.00 540.00 457.50 540.00 472.50 curveto 
540.00 487.50 545.00 503.33 
555 520 curveto 
closepath eoclip newpath 
pat5 8 504 448 56 72 tgifpatfill 
grestore 
gsave 
newpath 
505 520 moveto 
515.00 503.33 520.00 487.50 520.00 472.50 curveto 
520.00 457.50 523.33 450.00 530.00 450.00 curveto 
536.67 450.00 540.00 457.50 540.00 472.50 curveto 
540.00 487.50 545.00 503.33 
555 520 curveto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
565 318 moveto 
565 350 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[20 4 4 4] 0 setdash 
newpath 
561 470 moveto 
561 402 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
295 430 moveto 
565 350 lineto 
790 410 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 430 moveto 
295 390 lineto 
565 318 lineto 
790 370 lineto 
790 410 lineto 
565 350 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
525 482 moveto 
295 430 lineto 
565 350 lineto 
790 410 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
525 442 moveto 
295 390 lineto 
565 318 lineto 
790 370 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat7 8 288 312 504 136 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
790 410 moveto 
790 370 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
295 430 moveto 
295 390 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
295 430 moveto 
525 482 lineto 
790 410 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
525 442 moveto 
525 482 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 571 353 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 571 353 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 560 344 24 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 509 373 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 509 373 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 496 368 24 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 473 409 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 473 409 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 456 400 32 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 548 315 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 548 315 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 536 312 24 8 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 640 347 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 640 347 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 624 344 32 8 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 670 387 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 670 387 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 656 384 32 8 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 565 417 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 565 417 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 552 408 24 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 385 392 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 385 392 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 368 384 32 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 448 343 10 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 448 343 10 2 tgifellipse 
closepath eoclip newpath 
pat5 8 432 336 32 16 tgifpatfill 
grestore 
% OVAL 
0 setgray 
gsave 
newpath 677 337 2 2 tgifellipse 
closepath 1 setgray fill 
0 setgray 
newpath 677 337 2 2 tgifellipse 
closepath eoclip newpath 
pat5 8 672 328 16 16 tgifpatfill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
473 334 moveto 
473 294 lineto 
559 270 lineto 
788 322 lineto 
788 362 lineto 
559 310 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
473 334 moveto 
559 310 lineto 
788 362 lineto 
703 386 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
559 310 moveto 
559 270 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
473 334 moveto 
473 294 lineto 
703 346 lineto 
703 386 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
473 334 moveto 
559 310 lineto 
788 362 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
703 346 moveto 
788 322 lineto 
788 362 lineto 
703 386 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
473 294 moveto 
559 270 lineto 
788 322 lineto 
703 346 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% OVAL 
0 setgray 
newpath 541 294 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 541 294 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 604 302 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 604 302 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 694 322 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 694 322 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 743 354 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 743 354 9 8 tgifellipse 
stroke 
grestore 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
383 359 moveto 
383 319 lineto 
469 295 lineto 
698 347 lineto 
698 387 lineto 
469 335 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
383 359 moveto 
469 335 lineto 
698 387 lineto 
613 411 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
469 335 moveto 
469 295 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
383 359 moveto 
383 319 lineto 
613 371 lineto 
613 411 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
383 359 moveto 
469 335 lineto 
698 387 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
613 371 moveto 
698 347 lineto 
698 387 lineto 
613 411 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
383 319 moveto 
469 295 lineto 
698 347 lineto 
613 371 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% OVAL 
0 setgray 
newpath 461 336 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 461 336 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 514 331 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 514 331 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 577 343 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 577 343 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 635 379 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 635 379 9 8 tgifellipse 
stroke 
grestore 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 384 moveto 
295 344 lineto 
381 320 lineto 
610 372 lineto 
610 412 lineto 
381 360 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 384 moveto 
381 360 lineto 
610 412 lineto 
525 436 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
381 360 moveto 
381 320 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 384 moveto 
295 344 lineto 
525 396 lineto 
525 436 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
295 384 moveto 
381 360 lineto 
610 412 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
525 396 moveto 
610 372 lineto 
610 412 lineto 
525 436 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 344 moveto 
381 320 lineto 
610 372 lineto 
525 396 lineto 
closepath 
gsave 
grestore 
gsave 
stroke 
grestore 
% OVAL 
0 setgray 
newpath 363 348 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 363 348 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 426 388 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 426 388 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 489 408 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 489 408 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 556 408 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 556 408 9 8 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 480 372 9 8 tgifellipse 
closepath 1 setgray fill 
0 setgray 
gsave 
gsave 
newpath 480 372 9 8 tgifellipse 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
135 315 moveto (Resource Components) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
90 345 moveto (Service Components) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
90 535 moveto (Computing Hardware) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
90 500 moveto (Operating System) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
90 400 moveto (Distributed) show 
90 424 moveto (Processing) show 
90 448 moveto (Environment) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
225 585 moveto (Native) show 
225 609 moveto (Computing) show 
225 633 moveto (and ) show 
225 657 moveto (Communications ) show 
225 681 moveto (Environment) show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
700 595 moveto 
-45 -55 atan dup cos 8.000 mul 645 exch sub 
exch sin 8.000 mul 550 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
645 550 8.000 3.000 -55 -45 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
645 550 8.000 3.000 -55 -45 tgifarrowtip 
closepath fill 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 496 moveto 
710 515 lineto 
791 493 lineto 
723 475 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 468 moveto 
637 496 lineto 
710 515 lineto 
791 493 lineto 
791 464 lineto 
710 486 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 632 456 160 64 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
637 468 moveto 
710 486 lineto 
791 464 lineto 
723 446 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat5 8 632 440 160 48 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
710 486 moveto 
710 515 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
690 470 moveto 
700.00 453.33 705.00 437.50 705.00 422.50 curveto 
705.00 407.50 708.33 400.00 715.00 400.00 curveto 
721.67 400.00 725.00 407.50 725.00 422.50 curveto 
725.00 437.50 730.00 453.33 
740 470 curveto 
closepath 1 setgray eofill 
0 setgray 
newpath 
690 470 moveto 
700.00 453.33 705.00 437.50 705.00 422.50 curveto 
705.00 407.50 708.33 400.00 715.00 400.00 curveto 
721.67 400.00 725.00 407.50 725.00 422.50 curveto 
725.00 437.50 730.00 453.33 
740 470 curveto 
closepath eoclip newpath 
pat5 8 688 400 56 72 tgifpatfill 
grestore 
gsave 
newpath 
690 470 moveto 
700.00 453.33 705.00 437.50 705.00 422.50 curveto 
705.00 407.50 708.33 400.00 715.00 400.00 curveto 
721.67 400.00 725.00 407.50 725.00 422.50 curveto 
725.00 437.50 730.00 453.33 
740 470 curveto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLYGON/CLOSED-SPLINE 
0 setgray 
newpath 
295 390 moveto 
295 430 lineto 
525 482 lineto 
790 410 lineto 
790 370 lineto 
525 442 lineto 
closepath 
gsave 
1 setgray eofill 
grestore 
gsave 
eoclip newpath 
pat6 8 288 368 504 120 tgifpatfill 
grestore 
gsave 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
275 280 moveto 
10 260 atan dup cos 8.000 mul 535 exch sub 
exch sin 8.000 mul 290 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
535 290 8.000 3.000 260 10 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
535 290 8.000 3.000 260 10 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
340 310 moveto 
20 170 atan dup cos 8.000 mul 510 exch sub 
exch sin 8.000 mul 330 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
510 330 8.000 3.000 170 20 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
510 330 8.000 3.000 170 20 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
275 340 moveto 
5 85 atan dup cos 8.000 mul 360 exch sub 
exch sin 8.000 mul 345 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
360 345 8.000 3.000 85 5 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
360 345 8.000 3.000 85 5 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
190 415 moveto 
0 130 atan dup cos 8.000 mul 320 exch sub 
exch sin 8.000 mul 415 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
320 415 8.000 3.000 130 0 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
320 415 8.000 3.000 130 0 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
250 495 moveto 
0 55 atan dup cos 8.000 mul 305 exch sub 
exch sin 8.000 mul 495 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
305 495 8.000 3.000 55 0 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
305 495 8.000 3.000 55 0 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
275 530 moveto 
0 20 atan dup cos 8.000 mul 295 exch sub 
exch sin 8.000 mul 530 exch sub lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
295 530 8.000 3.000 20 0 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
295 530 8.000 3.000 20 0 tgifarrowtip 
closepath fill 
grestore 
grestore 
tgifsavedpage restore 
end 
%MatchingCreationDate: Mon Jan 19 22:56:53 1998 
%%EndDocument
 @endspecial 1290 4644 a Fh(Figure)j(1)47 b Fg(TINA)29
b(o)n(v)n(erall)c(arc)n(hitecture)648 4852 y(The)g(concepts)g(for)g(ho)
n(w)g(service)g(comp)r(onen)n(ts)g(are)g(sp)r(eci\014ed)g(and)h(ho)n(w)
f(they)h(in)n(ter-)565 4952 y(act)31 b(are)f(pro)n(vided)h(b)n(y)g(the)
h(Computing)f(Arc)n(hitecture.)h(It)f(de\014nes)h(the)g(DPE)f(as)g(the)
565 5051 y(computer)j(and)h(comm)n(unication)f(platform)g(supp)r(ort)h
(and)f(pro)n(vides)f(the)j(computa-)p eop
%%Page: 4 4
4 3 bop 565 419 a Fd(4)565 685 y Fg(tional)29 b(mo)r(delling)h
(concepts,)f(suc)n(h)h(as)f(the)h(Ob)5 b(ject)30 b(Description)f
(Language)f(\(ODL\),)565 784 y(whic)n(h)g(is)h(a)g(sup)r(erset)f(of)h
(CORBA's)f(IDL.)i(Service)e(comp)r(onen)n(ts)g(consist)h(of)f(compu-)
565 884 y(tational)h(ob)5 b(jects)31 b(\(COs\))f(or)g(CO)g(groups.)f
(COs)h(can)g(ha)n(v)n(e)f(t)n(w)n(o)h(kinds)g(of)h(in)n(terfaces:)565
983 y(op)r(erational)25 b(in)n(terfaces,)g(whic)n(h)i(are)e(comparable)
g(to)i(ob)5 b(ject)26 b(in)n(terfaces)f(in)i(CORBA,)565
1083 y(and)f(stream)h(in)n(terfaces,)f(whic)n(h)h(are)f(designed)g(to)h
(con)n(v)n(ey)f(an)h(arbitrary)e(sequence)h(of)565 1183
y(b)n(ytes)33 b(b)r(et)n(w)n(een)g(t)n(w)n(o)g(comp)r(onen)n(ts)g
(\(e.g.,)h(audio)f(or)g(video)g(bit)h(streams\).)f(Messages)565
1282 y(from)21 b(and)g(to)g(the)h(op)r(erational)e(in)n(terfaces)g(are)
h(exc)n(hanged)f(via)h(the)h(Kernel)e(T)-7 b(ransp)r(ort)565
1382 y(Net)n(w)n(ork)23 b(\(KTN\),)j(whereas)d(streams)h(are)g
(transferred)g(via)g(the)i(T)-7 b(ransp)r(ort)23 b(Net)n(w)n(ork.)648
1482 y(TINA)c(has)g(a)g(general)f(business)h(mo)r(del)h(with)g(v)-5
b(arious)18 b(roles:)g(the)i(sup)r(ermark)n(et.)e(The)565
1581 y(follo)n(wing)g(roles)h(for)g(stak)n(eholders)e(are)i(iden)n
(ti\014ed:)h(Consumer,)f(Retailer,)g(Third)h(P)n(art)n(y)565
1681 y(Service)j(Pro)n(vider,)e(Connectivit)n(y)i(Pro)n(vider,)f(and)h
(Brok)n(er.)f(Consumers)h(buy)g(services)565 1780 y(from)34
b(Retailers,)h(but)h(the)f(actual)g(services)f(are)g(pro)n(vided)g(b)n
(y)h(third)g(P)n(art)n(y)f(Service)565 1880 y(Pro)n(viders.)28
b(Connectivit)n(y)i(Pro)n(viders)f(o\013er)h(the)h(necessary)e
(connectivit)n(y)h(\(streams\))565 1980 y(for)36 b(the)g(transp)r(ort)g
(of)h(con)n(ten)n(t)f(information)f(b)r(et)n(w)n(een)i(stak)n
(eholders.)e(The)h(Brok)n(er)565 2079 y(acts)22 b(as)h(a)g(kind)h(of)f
(y)n(ello)n(w)f(page)h(and)g(white)h(page)e(service)g(\(i.e.,)i(it)g
(deliv)n(ers)e(references)565 2179 y(for)h(services)f(that)j(can)e(b)r
(e)h(describ)r(ed)g(b)n(y)f(service)g(c)n(haracteristics)f(but)i(also)f
(b)n(y)g(names)565 2279 y(of)k(pro)n(viders\).)648 2378
y(Eac)n(h)f(stak)n(eholder)g(has)i(its)f(o)n(wn)h(administrativ)n(e)e
(domain)i(and)f(can)h(act)f(in)i(one)e(or)565 2478 y(more)i(roles.)h
(An)n(y)g(arbitrarily)f(complex)h(relationship)f(for)h(service)g(use)g
(is)h(comp)r(osed)565 2577 y(of)g(simple)g(t)n(w)n(o-part)n(y)e
(user-pro)n(vider)f(relationships.)i(A)i(user-pro)n(vider)c
(relationship)565 2677 y(con)n(tains)j(t)n(w)n(o)h(t)n(yp)r(es)h(of)g
(in)n(teraction:)f(access)f(and)i(usage.)e(The)i(access)f(part)g(is)h
(con-)565 2777 y(cerned)20 b(with)i(the)f(establishmen)n(t)g(of)g(a)f
(trusted)h(and)g(reliable)f(temp)r(orary)g(relationship)565
2876 y(b)r(et)n(w)n(een)31 b(the)g(user)g(domain)f(and)h(the)h(pro)n
(vider)d(domain)i(that)h(is)f(a)f(prerequisite)h(for)565
2976 y(usage)39 b(in)n(teractions.)h(In)n(terop)r(erabilit)n(y)f(b)r
(et)n(w)n(een)i(domains)f(is)g(guaran)n(teed)f(b)n(y)i(the)565
3076 y(de\014nition)26 b(of)g(in)n(terdomain)f(reference)g(p)r(oin)n
(ts.)h(Figure)f(2)g(sho)n(ws)g(the)h(business)g(mo)r(del)565
3175 y(with)i(the)g(de\014ned)g(roles)e(and)h(reference)g(p)r(oin)n
(ts.)1120 4563 y @beginspecial @setspecial
%%BeginDocument: BusinessModel.epsss
/sf {142 142 div} def
/llx {-0} def
/lly {-0} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
%Magnification: 1.05 
/$F2psDict 200 dict def 
$F2psDict begin 
$F2psDict /mtrx matrix put 
/col-1 {0 setgray} bind def 
/col0 {0.000 0.000 0.000 srgb} bind def 
/col1 {0.000 0.000 1.000 srgb} bind def 
/col2 {0.000 1.000 0.000 srgb} bind def 
/col3 {0.000 1.000 1.000 srgb} bind def 
/col4 {1.000 0.000 0.000 srgb} bind def 
/col5 {1.000 0.000 1.000 srgb} bind def 
/col6 {1.000 1.000 0.000 srgb} bind def 
/col7 {1.000 1.000 1.000 srgb} bind def 
/col8 {0.000 0.000 0.560 srgb} bind def 
/col9 {0.000 0.000 0.690 srgb} bind def 
/col10 {0.000 0.000 0.820 srgb} bind def 
/col11 {0.530 0.810 1.000 srgb} bind def 
/col12 {0.000 0.560 0.000 srgb} bind def 
/col13 {0.000 0.690 0.000 srgb} bind def 
/col14 {0.000 0.820 0.000 srgb} bind def 
/col15 {0.000 0.560 0.560 srgb} bind def 
/col16 {0.000 0.690 0.690 srgb} bind def 
/col17 {0.000 0.820 0.820 srgb} bind def 
/col18 {0.560 0.000 0.000 srgb} bind def 
/col19 {0.690 0.000 0.000 srgb} bind def 
/col20 {0.820 0.000 0.000 srgb} bind def 
/col21 {0.560 0.000 0.560 srgb} bind def 
/col22 {0.690 0.000 0.690 srgb} bind def 
/col23 {0.820 0.000 0.820 srgb} bind def 
/col24 {0.500 0.190 0.000 srgb} bind def 
/col25 {0.630 0.250 0.000 srgb} bind def 
/col26 {0.750 0.380 0.000 srgb} bind def 
/col27 {1.000 0.500 0.500 srgb} bind def 
/col28 {1.000 0.630 0.630 srgb} bind def 
/col29 {1.000 0.750 0.750 srgb} bind def 
/col30 {1.000 0.880 0.880 srgb} bind def 
/col31 {1.000 0.840 0.000 srgb} bind def 
end 
save 
-26.0 168.0 translate 
1 -1 scale 
/cp {closepath} bind def 
/ef {eofill} bind def 
/gr {grestore} bind def 
/gs {gsave} bind def 
/sa {save} bind def 
/rs {restore} bind def 
/l {lineto} bind def 
/m {moveto} bind def 
/rm {rmoveto} bind def 
/n {newpath} bind def 
/s {stroke} bind def 
/sh {show} bind def 
/slc {setlinecap} bind def 
/slj {setlinejoin} bind def 
/slw {setlinewidth} bind def 
/srgb {setrgbcolor} bind def 
/rot {rotate} bind def 
/sc {scale} bind def 
/sd {setdash} bind def 
/ff {findfont} bind def 
/sf {setfont} bind def 
/scf {scalefont} bind def 
/sw {stringwidth} bind def 
/tr {translate} bind def 
/tnt {dup dup currentrgbcolor 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} 
bind def 
/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 
4 -2 roll mul srgb} bind def 
/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def 
/$F2psEnd {$F2psEnteredState restore end} def 
$F2psBegin 
10 setmiterlimit 
n 0 792 m 0 0 l 612 0 l 612 792 l cp clip 
0.06299 0.06299 sc 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
495 1466 m 
gs 1 -1 sc (Consumer) col-1 sh gr 
15.000 slw 
% Polyline 
n 1620 1305 m 2160 1305 l 2160 1575 l 1620 1575 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1665 1470 m 
gs 1 -1 sc (Retailer) col-1 sh gr 
% Polyline 
n 2745 1215 m 3330 1215 l 3330 1665 l 2745 1665 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2790 1350 m 
gs 1 -1 sc (3rd Party) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2835 1470 m 
gs 1 -1 sc (Service) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2790 1590 m 
gs 1 -1 sc (Provider) col-1 sh gr 
% Polyline 
n 1620 450 m 2160 450 l 2160 675 l 1620 675 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1710 600 m 
gs 1 -1 sc (Broker) col-1 sh gr 
7.500 slw 
% Polyline 
n 675 1305 m 675 540 l 1620 540 l gs col-1 s gr 
% Polyline 
n 675 1575 m 675 2205 l 1485 2205 l gs col-1 s gr 
% Polyline 
n 1080 1440 m 1620 1440 l gs col-1 s gr 
% Polyline 
n 1755 675 m 1755 1305 l gs col-1 s gr 
% Polyline 
n 2070 675 m 2070 810 l 2295 810 l 2295 585 l 2160 585 l gs col-1 s gr 
% Polyline 
n 2160 540 m 2925 540 l 2925 1215 l gs col-1 s gr 
% Polyline 
n 2160 495 m 3600 495 l 3600 2340 l 2250 2340 l gs col-1 s gr 
% Polyline 
n 1755 1575 m 1755 2160 l gs col-1 s gr 
% Polyline 
n 1890 1575 m 1890 2160 l gs col-1 s gr 
% Polyline 
n 2025 1575 m 2025 1710 l 2295 1710 l 2295 1530 l 2160 1530 l gs col-1 s gr 
% Polyline 
n 2160 1440 m 2745 1440 l gs col-1 s gr 
% Polyline 
n 2250 2205 m 2925 2205 l 2925 1665 l gs col-1 s gr 
15.000 slw 
% Polyline 
n 450 1311 m 1080 1311 l 1080 1569 l 450 1569 l cp gs col-1 s gr 
7.500 slw 
% Polyline 
n 2250 2250 m 3060 2250 l 3060 1665 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1620 2415 m 
gs 1 -1 sc (Provider) col-1 sh gr 
% Polyline 
n 3195 1665 m 3195 1800 l 3465 1800 l 3465 1575 l 3330 1575 l gs col-1 s gr 
% Polyline 
n 2250 2430 m 2430 2430 l 2430 2655 l 2115 2655 l 2115 2475 l gs col-1 s gr 
% Polyline 
n 1665 2475 m 1665 2655 l 1350 2655 l 1350 2430 l 1485 2430 l gs col-1 s gr 
15.000 slw 
% Polyline 
n 1485 2160 m 2250 2160 l 2250 2475 l 1485 2475 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2340 1665 m 
gs 1 -1 sc (RtR) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2340 1395 m 
gs 1 -1 sc (3Pty) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2340 765 m 
gs 1 -1 sc (Bkr) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
720 990 m 
gs 1 -1 sc (Bkr) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1800 990 m 
gs 1 -1 sc (Bkr) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2970 990 m 
gs 1 -1 sc (Bkr) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
3375 990 m 
gs 1 -1 sc (Bkr) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1260 1395 m 
gs 1 -1 sc (Ret) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
3240 1935 m 
gs 1 -1 sc (3Pty) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
3105 2115 m 
gs 1 -1 sc (TCon) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2565 2115 m 
gs 1 -1 sc (ConS) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1935 1980 m 
gs 1 -1 sc (ConS) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1440 1980 m 
gs 1 -1 sc (Tcon) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
720 1980 m 
gs 1 -1 sc (TCon) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
990 2565 m 
gs 1 -1 sc (CSLN) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
2475 2565 m 
gs 1 -1 sc (LNFed) col-1 sh gr 
/Helvetica-Narrow-Bold ff 105.00 scf sf 
1530 2295 m 
gs 1 -1 sc (Connectivity) col-1 sh gr 
$F2psEnd 
rs 
%%EndDocument
 @endspecial 1367 4762 a Fh(Figure)k(2)47 b Fg(TINA)29
b(business)e(mo)r(del)648 4952 y(The)36 b(traditional)g(call)h(concept)
f(of)h(telecomm)n(unications)f(is)h(substituted)g(b)n(y)g(the)565
5051 y(more)f(\015exible)g(session)g(concept.)h(A)n(t)g(the)g(service)f
(con)n(trol)f(lev)n(el,)i(there)f(are)g(access)p eop
%%Page: 5 5
5 4 bop 1414 419 a Fb(THE)26 b(TINA-C)f(AR)n(CHITECTURE)851
b Fd(5)565 685 y Fg(sessions)21 b(and)i(service)f(sessions)f(\(the)j
(latter)e(concerned)g(with)i(the)f(service)f(usage\).)g(F)-7
b(or)565 784 y(con)n(ten)n(ts)23 b(deliv)n(ery)-7 b(,)24
b(a)f(comm)n(unication)h(session)f(con)n(trolled)g(b)n(y)h(the)h
(service)e(session)g(is)565 884 y(resp)r(onsible)18 b(for)h
(establishing)f(and)h(main)n(taining)f(the)i(necessary)d(stream)i
(connections.)565 983 y(The)26 b(service)f(session)g(represen)n(ts)g
(the)h(instances)g(of)g(service)g(usages)e(and)i(the)h(state)f(of)565
1083 y(the)e(service)f(logic.)g(Exactly)g(one)g(pro)n(vider)g(is)h(in)n
(v)n(olv)n(ed)e(in)i(a)g(service)f(session,)g(but)h(one)565
1183 y(or)31 b(more)g(users)g(participate)g(in)i(it.)f(Before)f(b)r
(eing)h(able)g(to)g(participate)f(in)i(a)e(service)565
1282 y(session,)d(eac)n(h)g(user)g(m)n(ust)h(establish)g(an)g(access)f
(session)g(with)h(the)h(pro)n(vider.)d(This)i(is)565
1382 y(comparable)d(with)i(a)f(login)g(session)f(on)i(a)f(m)n(ultiuser)
g(computer.)648 1482 y(Sessions)37 b(and)h(other)f(information)h(ob)5
b(jects)38 b(are)f(mapp)r(ed)h(on)n(to)g(service)f(comp)r(o-)565
1581 y(nen)n(ts.)27 b(Service)f(con)n(trol)g(is)i(ac)n(hiev)n(ed)e(b)n
(y)h(the)g(in)n(teraction)g(of)g(service)f(comp)r(onen)n(ts)h(in)565
1681 y(the)f(administrativ)n(e)f(domains)g(of)h(the)g(users)f(and)h
(the)h(pro)n(vider.)d(Figure)h(3)h(sho)n(ws)f(the)565
1780 y(service)h(comp)r(onen)n(ts)h(in)h(their)f(administrativ)n(e)f
(domains)h(and)g(their)h(relation)e(to)i(dif-)565 1880
y(feren)n(t)d(sessions)e(using)i(the)h(example)e(of)h(a)g(video)g
(conference)f(with)i(t)n(w)n(o)e(participan)n(ts.)565
1980 y(F)-7 b(or)30 b(a)h(full)h(description)f(of)g(all)g(service)f
(comp)r(onen)n(ts,)h(w)n(e)g(refer)g(to)g(\(TINA)h(1997\))e(or)565
2079 y(\(Staamann)d(and)g(Wilhelm)i(1997\).)555 3680
y @beginspecial @setspecial
%%BeginDocument: serviceComponents.epsss
/sf {156 146 div} def
/llx {-269} def
/lly {-316} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
/tgifdict 41 dict def 
tgifdict begin 
/tgifellipsedict 6 dict def 
tgifellipsedict /mtrx matrix put 
/tgifellipse 
{ tgifellipsedict begin 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y translate 
xrad yrad scale 
0 0 1 0 360 arc 
savematrix setmatrix 
end 
} def 
/tgifarrowtipdict 8 dict def 
tgifarrowtipdict /mtrx matrix put 
/tgifarrowtip 
{ tgifarrowtipdict begin 
/dy exch def 
/dx exch def 
/h exch def 
/w exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y translate 
dy dx atan rotate 
0 0 moveto 
w neg h lineto 
w neg h neg lineto 
savematrix setmatrix 
end 
} def 
/tgifpatdict 10 dict def 
/tgifpatbyte 
{ currentdict /retstr get exch 
pat i cellsz mod get put 
} def 
/tgifpatproc 
{ 0 1 widthlim {tgifpatbyte} for retstr 
/i i 1 add def 
} def 
/tgifpatfill 
{ tgifpatdict begin 
/h exch def 
/w exch def 
/lty exch def 
/ltx exch def 
/cellsz exch def 
/pat exch def 
/widthlim w cellsz div cvi 1 sub def 
/retstr widthlim 1 add string def 
/i 0 def 
tgiforigctm setmatrix 
ltx lty translate 
w h true [1 0 0 1 0 0] {tgifpatproc} imagemask 
ltx neg lty neg translate 
end 
} def 
/pat3 <8000000008000000> def 
/pat4 <8800000022000000> def 
/pat5 <8800220088002200> def 
/pat6 <8822882288228822> def 
/pat7 <aa55aa55aa55aa55> def 
/pat8 <77dd77dd77dd77dd> def 
/pat9 <77ffddff77ffddff> def 
/pat10 <77ffffff77ffffff> def 
/pat11 <7fffffff7fffffff> def 
/pat12 <8040200002040800> def 
/pat13 <40a00000040a0000> def 
/pat14 <ff888888ff888888> def 
/pat15 <ff808080ff080808> def 
/pat16 <f87422478f172271> def 
/pat17 <038448300c020101> def 
/pat18 <081c22c180010204> def 
/pat19 <8080413e080814e3> def 
/pat20 <8040201008040201> def 
/pat21 <8844221188442211> def 
/pat22 <77bbddee77bbddee> def 
/pat23 <c1e070381c0e0783> def 
/pat24 <7fbfdfeff7fbfdfe> def 
/pat25 <3e1f8fc7e3f1f87c> def 
/pat26 <0102040810204080> def 
/pat27 <1122448811224488> def 
/pat28 <eeddbb77eeddbb77> def 
/pat29 <83070e1c3870e0c1> def 
/pat30 <fefdfbf7efdfbf7f> def 
/pat31 <7cf8f1e3c78f1f3e> def 
/tgifcentertext { dup stringwidth pop 2 div neg 0 rmoveto } def 
/tgifrighttext { dup stringwidth pop neg 0 rmoveto } def 
end 
tgifdict begin 
/tgifsavedpage save def 
1 setmiterlimit 
1 setlinewidth 
0 setgray 
72 0 mul 72 11.70 mul translate 
72 128 div 100.000 mul 100 div dup neg scale 
gsave 
/tgiforigctm matrix currentmatrix def 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
808 770 moveto 
824 770 824 870 16 arcto 4 {pop} repeat 
824 854 lineto 
824 870 501 870 16 arcto 4 {pop} repeat 
517 870 lineto 
501 870 501 770 16 arcto 4 {pop} repeat 
501 786 lineto 
501 770 824 770 16 arcto 4 {pop} repeat 
closepath 
1 setgray stroke 0 setgray 
grestore 
0 setgray 
gsave 
newpath 
808 770 moveto 
824 770 824 870 16 arcto 4 {pop} repeat 
824 854 lineto 
824 870 501 870 16 arcto 4 {pop} repeat 
517 870 lineto 
501 870 501 770 16 arcto 4 {pop} repeat 
501 786 lineto 
501 770 824 770 16 arcto 4 {pop} repeat 
closepath 
flattenpath strokepath clip newpath 
pat7 8 496 768 336 104 tgifpatfill 
grestore 
grestore 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
808 691 moveto 
824 691 824 770 16 arcto 4 {pop} repeat 
824 754 lineto 
824 770 501 770 16 arcto 4 {pop} repeat 
517 770 lineto 
501 770 501 691 16 arcto 4 {pop} repeat 
501 707 lineto 
501 691 824 691 16 arcto 4 {pop} repeat 
closepath 
1 setgray stroke 0 setgray 
grestore 
0 setgray 
gsave 
newpath 
808 691 moveto 
824 691 824 770 16 arcto 4 {pop} repeat 
824 754 lineto 
824 770 501 770 16 arcto 4 {pop} repeat 
517 770 lineto 
501 770 501 691 16 arcto 4 {pop} repeat 
501 707 lineto 
501 691 824 691 16 arcto 4 {pop} repeat 
closepath 
flattenpath strokepath clip newpath 
pat7 8 496 688 336 88 tgifpatfill 
grestore 
grestore 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
808 870 moveto 
824 870 824 929 16 arcto 4 {pop} repeat 
824 913 lineto 
824 929 501 929 16 arcto 4 {pop} repeat 
517 929 lineto 
501 929 501 870 16 arcto 4 {pop} repeat 
501 886 lineto 
501 870 824 870 16 arcto 4 {pop} repeat 
closepath 
1 setgray stroke 0 setgray 
grestore 
0 setgray 
gsave 
newpath 
808 870 moveto 
824 870 824 929 16 arcto 4 {pop} repeat 
824 913 lineto 
824 929 501 929 16 arcto 4 {pop} repeat 
517 929 lineto 
501 929 501 870 16 arcto 4 {pop} repeat 
501 886 lineto 
501 870 824 870 16 arcto 4 {pop} repeat 
closepath 
flattenpath strokepath clip newpath 
pat7 8 496 864 336 72 tgifpatfill 
grestore 
grestore 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
734 690 moveto 
750 690 750 930 16 arcto 4 {pop} repeat 
750 914 lineto 
750 930 575 930 16 arcto 4 {pop} repeat 
591 930 lineto 
575 930 575 690 16 arcto 4 {pop} repeat 
575 706 lineto 
575 690 750 690 16 arcto 4 {pop} repeat 
closepath 
[20 4 4 4] 0 setdash 
stroke 
grestore 
grestore 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
549 690 moveto 
565 690 565 930 16 arcto 4 {pop} repeat 
565 914 lineto 
565 930 500 930 16 arcto 4 {pop} repeat 
516 930 lineto 
500 930 500 690 16 arcto 4 {pop} repeat 
500 706 lineto 
500 690 565 690 16 arcto 4 {pop} repeat 
closepath 
[20 4 4 4] 0 setdash 
stroke 
grestore 
grestore 
% RCBOX 
0 setgray 
gsave 
gsave 
newpath 
809 690 moveto 
825 690 825 930 16 arcto 4 {pop} repeat 
825 914 lineto 
825 930 760 930 16 arcto 4 {pop} repeat 
776 930 lineto 
760 930 760 690 16 arcto 4 {pop} repeat 
760 706 lineto 
760 690 825 690 16 arcto 4 {pop} repeat 
closepath 
[20 4 4 4] 0 setdash 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
641 857 moveto 
533 857 lineto 
529 852 lineto 
529 827 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
520 885 moveto 555 885 lineto 555 905 lineto 520 905 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
520 885 moveto 555 885 lineto 555 905 lineto 520 905 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
537 900 moveto (TCSM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
555 890 moveto 560 890 lineto 560 900 lineto 555 900 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
555 890 moveto 560 890 lineto 560 900 lineto 555 900 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
510 802 moveto 545 802 lineto 545 822 lineto 510 822 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
510 802 moveto 545 802 lineto 545 822 lineto 510 822 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
510 822 moveto 520 822 lineto 520 829 lineto 510 829 lineto 
closepath 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
gsave 
gsave 
newpath 513 825 2 2 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 517 825 2 2 tgifellipse fill 
gsave 
gsave 
newpath 517 825 2 2 tgifellipse 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
527 817 moveto (SUAP) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
524 822 moveto 531 822 lineto 531 827 lineto 524 827 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
524 822 moveto 531 822 lineto 531 827 lineto 524 827 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
538 822 moveto 545 822 lineto 545 827 lineto 538 827 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
538 822 moveto 545 822 lineto 545 827 lineto 538 827 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
510 729 moveto 545 729 lineto 545 749 lineto 510 749 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
510 729 moveto 545 729 lineto 545 749 lineto 510 749 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
527 744 moveto (PA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
524 749 moveto 531 749 lineto 531 754 lineto 524 754 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
524 749 moveto 531 749 lineto 531 754 lineto 524 754 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
545 737 moveto 550 737 lineto 550 747 lineto 545 747 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
545 737 moveto 550 737 lineto 550 747 lineto 545 747 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
780 729 moveto 815 729 lineto 815 749 lineto 780 749 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
780 729 moveto 815 729 lineto 815 749 lineto 780 749 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
797 744 moveto (PA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
794 749 moveto 801 749 lineto 801 754 lineto 794 754 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
794 749 moveto 801 749 lineto 801 754 lineto 794 754 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
775 737 moveto 780 737 lineto 780 747 lineto 775 747 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
775 737 moveto 780 737 lineto 780 747 lineto 775 747 lineto 
closepath 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
546 732 moveto 
581 732 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
546 744 moveto 
581 744 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
744 732 moveto 
779 732 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
744 744 moveto 
774 744 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
770 885 moveto 805 885 lineto 805 905 lineto 770 905 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
770 885 moveto 805 885 lineto 805 905 lineto 770 905 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
787 900 moveto (TCSM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
765 890 moveto 770 890 lineto 770 900 lineto 765 900 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
765 890 moveto 770 890 lineto 770 900 lineto 765 900 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
585 832 moveto 620 832 lineto 620 852 lineto 585 852 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
585 832 moveto 620 832 lineto 620 852 lineto 585 852 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
602 847 moveto (USM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
580 841 moveto 585 841 lineto 585 851 lineto 580 851 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
580 841 moveto 585 841 lineto 585 851 lineto 580 851 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
620 841 moveto 625 841 lineto 625 851 lineto 620 851 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
620 841 moveto 625 841 lineto 625 851 lineto 620 851 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
705 832 moveto 740 832 lineto 740 852 lineto 705 852 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
705 832 moveto 740 832 lineto 740 852 lineto 705 852 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
722 847 moveto (USM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
700 841 moveto 705 841 lineto 705 851 lineto 700 851 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
700 841 moveto 705 841 lineto 705 851 lineto 700 851 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
740 841 moveto 745 841 lineto 745 851 lineto 740 851 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
740 841 moveto 745 841 lineto 745 851 lineto 740 851 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
645 842 moveto 680 842 lineto 680 862 lineto 645 862 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
645 842 moveto 680 842 lineto 680 862 lineto 645 862 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
662 857 moveto (SSM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
649 837 moveto 656 837 lineto 656 842 lineto 649 842 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
649 837 moveto 656 837 lineto 656 842 lineto 649 842 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
668 837 moveto 675 837 lineto 675 842 lineto 668 842 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
668 837 moveto 675 837 lineto 675 842 lineto 668 842 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
640 843 moveto 645 843 lineto 645 850 lineto 640 850 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
640 843 moveto 645 843 lineto 645 850 lineto 640 850 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
640 854 moveto 645 854 lineto 645 861 lineto 640 861 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
640 854 moveto 645 854 lineto 645 861 lineto 640 861 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
680 843 moveto 685 843 lineto 685 850 lineto 680 850 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
680 843 moveto 685 843 lineto 685 850 lineto 680 850 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
680 854 moveto 685 854 lineto 685 861 lineto 680 861 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
680 854 moveto 685 854 lineto 685 861 lineto 680 861 lineto 
closepath 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
585 857 moveto 
640 857 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
625 847 moveto 
640 847 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
685 857 moveto 
740 857 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
685 847 moveto 
700 847 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
805 822 moveto 815 822 lineto 815 829 lineto 805 829 lineto 
closepath 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
gsave 
gsave 
newpath 808 825 2 2 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 812 825 2 2 tgifellipse fill 
gsave 
gsave 
newpath 812 825 2 2 tgifellipse 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
780 802 moveto 815 802 lineto 815 822 lineto 780 822 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
780 802 moveto 815 802 lineto 815 822 lineto 780 822 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
797 817 moveto (SUAP) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
794 822 moveto 801 822 lineto 801 827 lineto 794 827 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
794 822 moveto 801 822 lineto 801 827 lineto 794 827 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
780 822 moveto 787 822 lineto 787 827 lineto 780 827 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
780 822 moveto 787 822 lineto 787 827 lineto 780 827 lineto 
closepath 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
656 776 moveto 
620 749 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
669 776 moveto 
705 749 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
585 740 moveto 620 740 lineto 620 760 lineto 585 760 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
585 740 moveto 620 740 lineto 620 760 lineto 585 760 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
602 755 moveto (UA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
580 741 moveto 585 741 lineto 585 751 lineto 580 751 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
580 741 moveto 585 741 lineto 585 751 lineto 580 751 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
592 760 moveto 599 760 lineto 599 765 lineto 592 765 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
592 760 moveto 599 760 lineto 599 765 lineto 592 765 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
606 760 moveto 613 760 lineto 613 765 lineto 606 765 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
606 760 moveto 613 760 lineto 613 765 lineto 606 765 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
585 716 moveto 620 716 lineto 620 736 lineto 585 736 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
585 716 moveto 620 716 lineto 620 736 lineto 585 736 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
602 731 moveto (IA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
580 725 moveto 585 725 lineto 585 735 lineto 580 735 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
580 725 moveto 585 725 lineto 585 735 lineto 580 735 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
705 716 moveto 740 716 lineto 740 736 lineto 705 736 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
705 716 moveto 740 716 lineto 740 736 lineto 705 736 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
722 731 moveto (IA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
740 725 moveto 745 725 lineto 745 735 lineto 740 735 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
740 725 moveto 745 725 lineto 745 735 lineto 740 735 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
705 740 moveto 740 740 lineto 740 760 lineto 705 760 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
705 740 moveto 740 740 lineto 740 760 lineto 705 760 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
722 755 moveto (UA) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
740 741 moveto 745 741 lineto 745 751 lineto 740 751 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
740 741 moveto 745 741 lineto 745 751 lineto 740 751 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
712 760 moveto 719 760 lineto 719 765 lineto 712 765 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
712 760 moveto 719 760 lineto 719 765 lineto 712 765 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
726 760 moveto 733 760 lineto 733 765 lineto 726 765 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
726 760 moveto 733 760 lineto 733 765 lineto 726 765 lineto 
closepath 
stroke 
grestore 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
516 829 moveto 
516 912 lineto 
520 916 lineto 
665 916 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
528 751 moveto 
528 802 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
595 765 moveto 
596 832 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
730 765 moveto 
729 832 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
610 765 moveto 
653 837 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
671 837 moveto 
714 765 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
663 880 moveto 
663 862 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
561 894 moveto 
645 894 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
680 894 moveto 
764 894 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
809 829 moveto 
809 912 lineto 
805 916 lineto 
665 916 lineto 
tgiforigctm setmatrix 
2 setlinewidth 
stroke 
1 setlinewidth 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
796 754 moveto 
796 802 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
684 857 moveto 
792 857 lineto 
796 852 lineto 
796 827 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
581 846 moveto 
546 846 lineto 
542 841 lineto 
542 827 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
744 846 moveto 
779 846 lineto 
783 841 lineto 
783 827 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
645 885 moveto 680 885 lineto 680 905 lineto 645 905 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
645 885 moveto 680 885 lineto 680 905 lineto 645 905 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
662 900 moveto (CSM) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
659 880 moveto 666 880 lineto 666 885 lineto 659 885 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
659 880 moveto 666 880 lineto 666 885 lineto 659 885 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
645 781 moveto 680 781 lineto 680 801 lineto 645 801 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
645 781 moveto 680 781 lineto 680 801 lineto 645 801 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
662 796 moveto (SF) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
652 776 moveto 659 776 lineto 659 781 lineto 652 781 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
652 776 moveto 659 776 lineto 659 781 lineto 652 781 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
666 776 moveto 673 776 lineto 673 781 lineto 666 781 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
666 776 moveto 673 776 lineto 673 781 lineto 666 781 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
902 834 moveto (Instantiation) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
505 687 moveto (User Domain) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
825 687 moveto (User Domain) tgifrighttext show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
662 687 moveto (Provider Domain) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
524 724 moveto 531 724 lineto 531 729 lineto 524 729 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
524 724 moveto 531 724 lineto 531 729 lineto 524 729 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
510 697 moveto 545 697 lineto 545 717 lineto 510 717 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
510 697 moveto 545 697 lineto 545 717 lineto 510 717 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
527 712 moveto (AUAP) tgifcentertext show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
527 717 moveto 
527 725 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
780 697 moveto 815 697 lineto 815 717 lineto 780 717 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
780 697 moveto 815 697 lineto 815 717 lineto 780 717 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [11 0 0 -11 0 0] makefont setfont 
gsave 
797 712 moveto (AUAP) tgifcentertext show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
797 717 moveto 
797 725 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% BOX 
0 setgray 
newpath 
794 724 moveto 801 724 lineto 801 729 lineto 794 729 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
794 724 moveto 801 724 lineto 801 729 lineto 794 729 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 709 moveto (AUAP) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 719 moveto (SUAP) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 729 moveto (PA) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 739 moveto (IA) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 749 moveto (UA) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 759 moveto (SF) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 769 moveto (USM) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 779 moveto (SSM) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 789 moveto (CSM) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
849 799 moveto (TCSM) show 
grestore 
% BOX 
0 setgray 
newpath 
865 872 moveto 900 872 lineto 900 892 lineto 865 892 lineto 
closepath 1 setgray fill 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
865 872 moveto 900 872 lineto 900 892 lineto 865 892 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
877 892 moveto 887 892 lineto 887 899 lineto 877 899 lineto 
closepath 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
gsave 
gsave 
newpath 880 895 2 2 tgifellipse 
stroke 
grestore 
grestore 
% OVAL 
0 setgray 
newpath 884 895 2 2 tgifellipse fill 
gsave 
gsave 
newpath 884 895 2 2 tgifellipse 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
newpath 
879 867 moveto 886 867 lineto 886 872 lineto 879 872 lineto 
closepath fill 
gsave 
10 setmiterlimit 
gsave 
newpath 
879 867 moveto 886 867 lineto 886 872 lineto 879 872 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
865 859 moveto (Operational Interface) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
865 914 moveto (Stream Interface) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
908 881 moveto (Service) show 
908 890 moveto (Component) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 709 moveto (Access Related User Application) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 729 moveto (Provider Agent) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 719 moveto (Service Related User Application) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 739 moveto (Initial Agent) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 749 moveto (User Agent) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 759 moveto (Service Factory) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 769 moveto (User Session Manager) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 779 moveto (Service Session Manager) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 789 moveto (Communication Session Manager) show 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
884 799 moveto (Terminal Communication Session) show 
884 807 moveto (Manager) show 
grestore 
% TEXT 
0 setgray 
gsave 
461 734 translate 
[0.000 -1.000 1.000 0.000 20 -4] concat 
461 neg 734 neg translate 
grestore 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
461 734 translate 
[0.000 -1.000 1.000 0.000 20 -4] concat 
0 9 moveto (Access Session) tgifcentertext show 
grestore 
% TEXT 
0 setgray 
gsave 
461 822 translate 
[0.000 -1.000 1.000 0.000 20 -5] concat 
461 neg 822 neg translate 
grestore 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
461 822 translate 
[0.000 -1.000 1.000 0.000 20 -5] concat 
0 9 moveto (Service Session) tgifcentertext show 
grestore 
% TEXT 
0 setgray 
gsave 
452 906 translate 
[0.000 -1.000 1.000 0.000 29 -9] concat 
452 neg 906 neg translate 
grestore 
/Helvetica findfont [10 0 0 -10 0 0] makefont setfont 
gsave 
452 906 translate 
[0.000 -1.000 1.000 0.000 29 -9] concat 
0 9 moveto (Communication) tgifcentertext show 
0 17 moveto (Session) tgifcentertext show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[2 2] 0 setdash 
newpath 
664 801 moveto 
28 -59 atan dup cos 14.000 mul 605 exch sub 
exch sin 14.000 mul 829 exch sub lineto 
tgiforigctm setmatrix 
4 setlinewidth 
stroke 
[] 0 setdash 
1 setlinewidth 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
605 829 14.000 6.000 -59 28 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
605 829 14.000 6.000 -59 28 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
662 801 moveto 
38 0 atan dup cos 18.000 mul 662 exch sub 
exch sin 18.000 mul 839 exch sub lineto 
tgiforigctm setmatrix 
5 setlinewidth 
stroke 
[] 0 setdash 
1 setlinewidth 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
662 839 18.000 7.000 0 38 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
662 839 18.000 7.000 0 38 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[2 2] 0 setdash 
newpath 
662 802 moveto 
28 59 atan dup cos 14.000 mul 721 exch sub 
exch sin 14.000 mul 830 exch sub lineto 
tgiforigctm setmatrix 
4 setlinewidth 
stroke 
[] 0 setdash 
1 setlinewidth 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
721 830 14.000 6.000 59 28 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
721 830 14.000 6.000 59 28 tgifarrowtip 
closepath fill 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
gsave 
newpath 
862 830 moveto 
0 36 atan dup cos 14.000 mul 898 exch sub 
exch sin 14.000 mul 830 exch sub lineto 
tgiforigctm setmatrix 
4 setlinewidth 
1 setgray stroke 
1 setlinewidth 
grestore 
[2 2] 0 setdash 
newpath 
862 830 moveto 
0 36 atan dup cos 14.000 mul 898 exch sub 
exch sin 14.000 mul 830 exch sub lineto 
tgiforigctm setmatrix 
4 setlinewidth 
flattenpath strokepath clip newpath 
pat8 8 856 824 48 16 tgifpatfill 
[] 0 setdash 
1 setlinewidth 
grestore 
gsave 
tgiforigctm setmatrix 
newpath 
898 830 14.000 6.000 36 0 tgifarrowtip 
1 setgray closepath fill 
0 setgray 
newpath 
898 830 14.000 6.000 36 0 tgifarrowtip 
closepath eoclip newpath 
pat8 8 880 824 24 16 tgifpatfill 
grestore 
grestore 
tgifsavedpage restore 
end 
%MatchingCreationDate: Mon Jan 19 23:06:00 1998 
%%EndDocument
 @endspecial 1287 3879 a Fh(Figure)i(3)48 b Fg(TINA)28
b(service)f(arc)n(hitecture)648 4155 y(Most)22 b(relev)-5
b(an)n(t)23 b(for)f(securit)n(y)g(are)g(the)i(service)e(comp)r(onen)n
(ts)g(for)h(the)g(access)f(session,)565 4254 y(namely)35
b(the)g(Pro)n(vider)e(Agen)n(t)j(\(P)-7 b(A\))35 b(in)h(the)g(user)f
(domain,)g(as)f(w)n(ell)h(as)g(the)h(Initial)565 4354
y(Agen)n(t)25 b(\(IA\))i(and)f(the)h(User)e(Agen)n(t)h(\(UA\))h(in)g
(the)f(pro)n(vider)f(domain,)g(since)h(authen)n(ti-)565
4454 y(cation)g(tak)n(es)h(place)g(b)r(et)n(w)n(een)g(these)h(comp)r
(onen)n(ts.)f(The)g(UA)h(represen)n(ts)e(the)i(user)f(in)565
4553 y(the)d(pro)n(vider)d(domain.)j(It)g(is)f(the)h(user's)f(con)n
(tact)g(p)r(oin)n(t)h(to)f(start)g(or)g(resume)g(a)g(service)565
4653 y(session.)k(In)i(order)f(to)h(in)n(teract)f(with)h(its)g(UA)h
(\(i.e.,)f(to)g(ha)n(v)n(e)e(an)i(access)f(session\),)g(the)565
4753 y(user)g(con)n(tacts)g(the)i(IA)f(using)g(the)h(P)-7
b(A.)29 b(The)g(IA)h(is)f(the)g(initial)h(con)n(tact)e(p)r(oin)n(t)i
(of)f(the)565 4852 y(pro)n(vider)k(for)i(all)g(users.)g(Authen)n
(tication)h(b)r(et)n(w)n(een)f(the)h(user)e(and)i(the)f(pro)n(vider)f
(is)565 4952 y(then)e(p)r(erformed)g(b)r(et)n(w)n(een)h(the)g(P)-7
b(A)32 b(and)g(the)h(IA)g(as)f(part)g(of)g(the)h(establishmen)n(t)f(of)
565 5051 y(the)23 b(access)f(session.)g(After)i(the)f(authen)n
(tication,)g(a)g(reference)f(to)h(the)h(UA)g(is)f(deliv)n(ered)p
eop
%%Page: 6 6
6 5 bop 565 419 a Fd(6)565 685 y Fg(to)20 b(the)i(P)-7
b(A.)20 b(Additionally)-7 b(,)22 b(a)e(securit)n(y)g(asso)r(ciation)f
(for)i(further)f(in)n(teractions)g(b)r(et)n(w)n(een)565
784 y(service)26 b(session)h(related)g(service)f(comp)r(onen)n(ts)h
(should)h(ha)n(v)n(e)e(b)r(een)i(established.)565 1058
y Ff(3)91 b(SECURITY)29 b(ANAL)-8 b(YSIS)565 1257 y Fg(Securit)n(y)20
b(concerns)g(all)g(parts)g(of)h(a)f(TINA)i(system;)f(it)g(is)g(p)r(erv)
-5 b(asiv)n(e)19 b(and)i(cannot)f(b)r(e)i(ad-)565 1357
y(dressed)i(in)i(isolation.)f(T)-7 b(o)25 b(cop)r(e)g(with)i(this)e
(complexit)n(y)-7 b(,)26 b(it)g(is)f(necessary)f(to)i(structure)565
1457 y(the)c(securit)n(y)g(problem)g(domain)g(in)g(an)g(appropriate)f
(w)n(a)n(y)-7 b(.)21 b(All)i(services)e(and)h(resources)565
1556 y(ma)n(y)i(b)r(e)i(the)g(sub)5 b(ject)26 b(to)g(attac)n(ks.)e(A)n
(ttac)n(ks)h(ma)n(y)g(b)r(e)h(the)g(illegitimate)g(use)f(of)h(comp)r
(o-)565 1656 y(nen)n(ts)20 b(or)g(the)h(mo)r(di\014cation)g(of)g(data,)
f(state,)h(or)e(programs.)g(They)i(ma)n(y)f(o)r(ccur)g(through)565
1756 y(direct)f(access)f(to)h(systems,)g(data,)g(or)f(services)g(from)h
(outside)g(or)g(through)f(mo)r(di\014cation)565 1855
y(of)33 b(messages)e(exc)n(hanged)h(b)r(et)n(w)n(een)h(in)n(teracting)f
(comp)r(onen)n(ts.)h(P)n(oten)n(tial)f(attac)n(k)n(ers)565
1955 y(are)g(outsiders,)h(but)h(also)f(other)g(stak)n(eholders)f(in)i
(the)g(TINA)g(net)n(w)n(ork.)e(Motiv)n(es)h(of)565 2054
y(attac)n(k)n(ers)27 b(ma)n(y)h(b)r(e)i(the)f(illegitimate)h(use)f(of)g
(services,)f(fraud)h(\(in)h(online)f(businesses,)565
2154 y(as)g(w)n(ell)i(as)e(with)i(regard)e(to)h(the)h(c)n(harging)e(of)
h(service)f(use\),)i(ea)n(v)n(esdropping)d(on)i(and)565
2254 y(observ)-5 b(ation)25 b(of)h(consumers)f(or)h(pro)n(viders,)e(or)
i(the)g(delib)r(erate)h(prev)n(en)n(tion)e(of)h(service)565
2353 y(pro)n(vision)32 b(\(denial)h(of)h(service)f(attac)n(k\).)g(The)h
(ultimate)g(goal)f(of)g(an)h(attac)n(k)f(ma)n(y)g(b)r(e)565
2453 y(ac)n(hiev)n(ed)g(directly)h(or)g(indirectly)-7
b(.)34 b(In)h(the)g(latter)f(case,)f(an)i(attac)n(k)n(er)d(ma)n(y)i
(install)g(a)565 2553 y(bac)n(kdo)r(or)h(during)h(a)g(\014rst)h
(successful)g(attac)n(k,)f(whic)n(h)g(enables)h(him)g(later)f(on)h
(\(and)565 2652 y(p)r(ossibly)e(at)h(m)n(ultiple)g(times\))h(the)f
(actually)g(in)n(tended)g(misuse.)g(W)-7 b(e)36 b(structure)g(the)565
2752 y(securit)n(y)22 b(problem)g(domain)h(according)e(to)i(t)n(w)n(o)g
(criteria:)f(the)h(arc)n(hitectural)f(lev)n(els)g(de-)565
2851 y(\014ned)e(in)g(the)g(o)n(v)n(erall)e(arc)n(hitecture,)h(and)h
(the)g(t)n(yp)r(e)g(of)g(information)f(\(the)i(net)n(w)n(ork)d(used)565
2951 y(for)32 b(the)h(transp)r(ort\),)f(i.e.,)h(con)n(trol)e(messages)h
(\(KTN\))h(or)f(comm)n(unication)g(con)n(ten)n(ts)565
3051 y(\(T)-7 b(ransp)r(ort)27 b(Net)n(w)n(ork\).)g(W)-7
b(e)29 b(iden)n(ti\014ed)f(the)h(follo)n(wing)e(sub)r(domains)h(of)g
(the)h(securit)n(y)565 3150 y(problem)e(domain:)563 3358
y Fa(\017)41 b Fh(System)j(Securit)m(y)c Fg(shall)f(ensure)f(that)i
(systems,)f(mainly)g(the)g(hardw)n(are)e(and)664 3457
y(the)30 b(op)r(erating)f(system,)g(are)g(not)g(sub)5
b(ject)30 b(to)f(in)n(trusions)g(or)g(mo)r(di\014cations.)g(This)664
3557 y(concerns)g(net)n(w)n(orking)e(resources)h(\(e.g.,)h(net)n(w)n
(ork)g(switc)n(hes\))g(and)g(computing)h(re-)664 3657
y(sources.)d(It)h(also)e(includes)i(the)g(NCCE)g(\(op)r(erating)f
(system)g(and)h(comm)n(unication)664 3756 y(p)r(orts\),)20
b(since)g(in)n(trusions)f(ma)n(y)g(not)h(only)g(o)r(ccur)f(o)n(v)n(er)g
(comm)n(unication)g(p)r(orts)h(of)g(the)664 3856 y(NCCE)28
b(that)f(are)g(used)h(b)n(y)f(the)h(DPE,)f(but)h(also)f(o)n(v)n(er)f
(other)h(p)r(orts)g(of)g(the)h(NCCE.)664 3956 y(The)h(latter)f(p)r(oin)
n(t)h(concerns)e(mainly)h(the)h(administrativ)n(e)f(domains)g(of)g(end)
h(users)664 4055 y(\(consumers\))c(whose)g(CPE)g(\(e.g.,)g(PCs)g(or)g
(w)n(orkstations\))e(cannot)i(b)r(e)h(assumed)f(to)664
4155 y(b)r(e)j(exclusiv)n(ely)f(used)g(as)g(the)h(endp)r(oin)n(t)g(of)g
(the)g(TINA)g(net)n(w)n(ork.)563 4254 y Fa(\017)41 b
Fh(Service)j(Securit)m(y)39 b Fg(is)f(mainly)g(concerned)f(with)h(the)g
(preserv)-5 b(ation)37 b(of)h(the)g(in-)664 4354 y(tegrit)n(y)27
b(of)h(service)f(con)n(trol.)f(Service)i(con)n(trol)e(includes,)i
(among)f(others,)g(the)h(v)n(eri-)664 4454 y(\014cation)d(of)f(whether)
h(a)f(user)g(is)h(allo)n(w)n(ed)e(to)i(use)f(a)h(service)e
(\(subscription\))i(and)g(the)664 4553 y(accoun)n(ting)h(for)h(billing)
g(purp)r(oses.)g(Both)g(rely)f(on)h(the)h(authen)n(ticated)f(iden)n
(tit)n(y)g(of)664 4653 y(the)32 b(user.)f(This)h(m)n(ust)g(b)r(e)g
(supp)r(orted)f(b)n(y)h(a)f(proto)r(col)g(for)g(authen)n(tication)g(of)
h(the)664 4753 y(user.)26 b(The)g(in)n(tegrit)n(y)f(of)h(service)f(con)
n(trol)g(includes)h(in)n(tegrit)n(y)g(of)g(subscription)f(v)n(er-)664
4852 y(i\014cation)34 b(and)g(accoun)n(ting.)f(Access)h(to)g(the)g
(service)f(functionalit)n(y)h(is)g(con)n(trolled)664
4952 y(at)k(t)n(w)n(o)f(lev)n(els,)g(the)h(DPE)f(lev)n(el)g(and)g(the)h
(service)f(lev)n(el.)g(A)n(t)h(the)g(DPE)f(lev)n(el,)g(a)664
5051 y(coarse-grained)28 b(access)j(con)n(trol)f(based)i(on)f(the)h
(authen)n(ticated)g(iden)n(tities)g(of)g(the)p eop
%%Page: 7 7
7 6 bop 1561 419 a Fb(SECURITY)26 b(ANAL)-5 b(YSIS)996
b Fd(7)664 685 y Fg(users)38 b(in)n(v)n(olv)n(ed)f(in)j(a)e(session)g
(prev)n(en)n(ts)f(attempts)j(b)n(y)e(others)g(to)h(in)n(v)n(ok)n(e)e
(op)r(er-)664 784 y(ations)g(of)h(the)g(service)e(comp)r(onen)n(ts)h
(in)n(v)n(olv)n(ed)g(in)h(the)g(session.)e(A)n(t)i(the)g(service)664
884 y(lev)n(el,)29 b(the)g(service)f(logic)h(implemen)n(ted)g(in)h(the)
f(service)f(comp)r(onen)n(t)h(con)n(trols)f(the)664 983
y(access)34 b(to)i(service)e(sp)r(eci\014c)i(information)f(and)g
(functionalit)n(y)h(based)f(on)g(the)h(au-)664 1083 y(then)n(ticated)d
(iden)n(tities,)g(con)n(text,)f(and)g(state)h(information)e
(\(authorization\).)h(In-)664 1183 y(tegrit)n(y)d(and)h(con\014den)n
(tialit)n(y)f(of)h(the)g(messages)e(exc)n(hanged)g(b)r(et)n(w)n(een)i
(the)g(service)664 1282 y(comp)r(onen)n(ts)f(via)h(op)r(erational)e(in)
n(terfaces)h(m)n(ust)h(b)r(e)g(ac)n(hiev)n(ed)f(b)n(y)g(the)h(activ)-5
b(ation)664 1382 y(of)37 b(the)f(appropriate)f(features)h(of)g(the)h
(DPE)f(securit)n(y)f(services.)g(These)i(features)664
1482 y(m)n(ust)30 b(pro)n(vide)e(not)h(only)g(the)h(protection)f(of)g
(the)h(in)n(tegrit)n(y)e(of)i(the)f(messages)f(and)664
1581 y(their)h(order)f(but)i(also)e(protection)h(against)f(in)n
(terruption)h(of)g(the)h(con)n(trol)e(connec-)664 1681
y(tion)i(itself)h(through)e(in)n(terception)g(of)h(all)g(messages)e(up)
j(from)e(a)h(certain)f(momen)n(t)664 1780 y(\(Staamann)f(and)f(Wilhelm)
h(1997\).)563 1880 y Fa(\017)41 b Fh(DPE)c(Securit)m(y)d
Fg(is)e(mainly)g(concerned)f(with)h(the)h(prev)n(en)n(tion)e(of)h
(illegal)f(access)664 1980 y(to)k(service)f(comp)r(onen)n(ts)h(as)f(w)n
(ell)h(as)g(the)g(protection)f(of)h(transmitted)h(messages)664
2079 y(con)n(taining)i(argumen)n(ts,)g(results,)g(and)h(exceptions)f
(of)h(ob)5 b(ject)39 b(in)n(v)n(o)r(cations)e(and)664
2179 y(noti\014cations.)k(DPE)f(no)r(de)i(securit)n(y)e(also)g(pro)n
(vides)g(the)h(means)g(to)g(audit)g(and)664 2279 y(rep)r(ort)33
b(securit)n(y)f(relev)-5 b(an)n(t)32 b(ev)n(en)n(ts)h(on)f(the)i(no)r
(de)f(according)e(to)i(the)h(audit)f(sp)r(eci-)664 2378
y(\014cations)c(de\014ned)g(b)n(y)g(the)g(administrator.)f(DPE)g
(securit)n(y)g(includes)h(the)h(securit)n(y)664 2478
y(of)g(the)f(DPE)g(implemen)n(tation)h(and)f(its)g(basic)g(services.)f
(Since)i(our)f(arc)n(hitectural)664 2577 y(placemen)n(t)34
b(of)f(securit)n(y)g(functionalit)n(y)h(allo)r(cates)e(the)i(general)f
(securit)n(y)f(services)664 2677 y(and)21 b(mec)n(hanisms)g(to)g(the)h
(DPE)f(\(see)g(Section5\),)g(also)g(the)g(securit)n(y)g(of)g(the)h
(securit)n(y)664 2777 y(services)k(themselv)n(es)h(is)h(part)f(of)h
(DPE)f(securit)n(y)-7 b(.)563 2876 y Fa(\017)41 b Fh(Comm)m(unication)
24 b(Con)m(ten)m(ts)i(Securit)m(y)e Fg(is)f(concerned)f(with)i(the)f
(authen)n(ticit)n(y)-7 b(,)664 2976 y(in)n(tegrit)n(y)g(,)29
b(and)h(con\014den)n(tialit)n(y)f(of)h(the)g(service)f(con)n(ten)n(ts)g
(information.)g(Since)h(all)664 3076 y(service)25 b(con)n(ten)n(t)h
(information)g(in)g(TINA)h(is)f(deliv)n(ered)g(in)g(the)h(form)f(of)g
(streams,)g(it)664 3175 y(deals)c(only)g(with)g(streams.)f(Streams)h
(are)f(protected)h(using)g(cryptographic)e(mec)n(ha-)664
3275 y(nisms,)k(preferably)f(stream)h(ciphers)f(\(Ruepp)r(el)i(1986\))e
(\(Sc)n(hneier)h(1996\))e(or)h(sp)r(ecial)664 3374 y(ciphers)34
b(for)f(certain)g(information)h(formats)f(\(e.g.,)h(v)n(oice)f(or)g
(video)g(data\).)h(If)h(the)664 3474 y(service)25 b(implemen)n(ted)h
(in)g(the)g(pro)n(vider's)e(domain)h(do)r(es)g(not)h(require)e(an)n(y)h
(mo)r(di\014-)664 3574 y(cation)g(of)g(the)h(stream)f(b)r(et)n(w)n(een)
g(t)n(w)n(o)g(users,)f(they)i(can)f(ha)n(v)n(e)f(end-to-end)h(securit)n
(y)-7 b(.)664 3673 y(Otherwise,)29 b(only)g(user-pro)n(vider)e(securit)
n(y)i(can)g(b)r(e)i(pro)n(vided.)d(The)i(managemen)n(t)664
3773 y(of)e(the)g(necessary)e(k)n(eys)g(is)i(part)f(of)g(the)h(service)
f(con)n(trol.)648 4055 y(The)e(most)g(imp)r(ortan)n(t)g(criterion)g
(for)g(the)h(horizon)n(tal)d(allo)r(cation)i(of)g(securit)n(y)g(func-)
565 4155 y(tionalit)n(y)e(is:)g(who)g(administers)g(a)g(domain)h(and)f
(the)h(securit)n(y)f(functionalit)n(y)g(installed)565
4254 y(in)30 b(the)h(domain)f(and)g(has)g(the)h(ph)n(ysical)e(con)n
(trol)h(o)n(v)n(er)e(b)r(oth.)j(In)g(TINA,)g(eac)n(h)e(stak)n(e-)565
4354 y(holder)j(in)i(the)f(net)n(w)n(ork)f(has)h(its)g(o)n(wn)g
(administrativ)n(e)f(domain.)h(W)-7 b(e)34 b(mak)n(e)e(the)i(as-)565
4454 y(sumption)h(that)g(the)g(administrativ)n(e)f(domain)g(is)h(the)g
(trust)g(domain)f(of)h(the)g(stak)n(e-)565 4553 y(holder.)j(This)i
(assumption)e(is)i(based)e(on)h(the)h(fact)g(that)f(in)h(the)g(regular)
d(case)i(the)565 4653 y(installed)34 b(hardw)n(are)f(is)i(under)f(the)i
(ph)n(ysical)e(con)n(trol)f(of)i(the)g(stak)n(eholder)e(and)i(the)565
4753 y(soft)n(w)n(are)27 b(is)i(installed)g(b)n(y)f(the)i(stak)n
(eholder.)d(Th)n(us,)i(w)n(e)g(assume)f(complete)h(trust)g(b)r(e-)565
4852 y(t)n(w)n(een)c(the)h(stak)n(eholder)e(and)h(its)h(curren)n(t)f
(administrativ)n(e)g(domain.)g(Securit)n(y)g(within)565
4952 y(the)36 b(administrativ)n(e)e(domain)h(\(in)n(tradomain)g
(securit)n(y\))g(is)h(domain)f(sp)r(eci\014c)h(and)f(is)565
5051 y(ac)n(hiev)n(ed)d(b)n(y)i(lo)r(cal)f(means)g(\(e.g.,)h(op)r
(erating)f(system)g(securit)n(y)g(measures\).)g(Within)p
eop
%%Page: 8 8
8 7 bop 565 419 a Fd(8)565 685 y Fg(its)41 b(o)n(wn)g(domain,)h(the)g
(stak)n(eholder)d(trusts)j(in)g(the)g(correctness)d(of)j(the)g
(installed)565 784 y(soft)n(w)n(are.)26 b(T)-7 b(o)n(w)n(ards)27
b(the)h(outside,)h(the)g(administrativ)n(e)e(domain)h(m)n(ust)h(b)r(e)f
(protected)565 884 y(against)e(illegitimate)h(access.)f(F)-7
b(or)27 b(in)n(teractions)f(with)h(other)g(domains)g(\(in)n(terdomain)
565 983 y(in)n(teractions\),)h(limited)j(trust)e(relationships)g(m)n
(ust)g(b)r(e)h(established.)g(The)f(comm)n(uni-)565 1083
y(cation)24 b(c)n(hannels)f(b)r(et)n(w)n(een)i(domains)f(cannot)g(b)r
(e)h(assumed)f(to)h(b)r(e)g(secure.)e(Protection)565
1183 y(m)n(ust)31 b(b)r(e)g(ac)n(hiev)n(ed)f(b)n(y)h(cryptographic)e
(means.)i(In)g(order)f(to)h(b)r(e)g(generally)f(applica-)565
1282 y(ble)c(but)g(also)f(con)n(trollable)f(b)n(y)i(the)g
(applications,)f(the)h(securit)n(y)f(functionalit)n(y)h(has)f(to)565
1382 y(b)r(e)30 b(indep)r(enden)n(t)g(from)g(the)g(applications)f(ab)r
(o)n(v)n(e)f(and)i(the)g(supplier)f(sp)r(eci\014c)h(NCCE)565
1482 y(b)r(elo)n(w.)h(Th)n(us,)g(the)g(natural)g(v)n(ertical)f(allo)r
(cation)g(is)h(the)h(DPE.)f(That)g(means,)g(it)h(has)565
1581 y(to)27 b(b)r(e)g(aligned)g(with)g(the)h(DPE)f(implemen)n(tation)g
(\(i.e.,)g(CORBA\).)h(Horizon)n(tally)-7 b(,)25 b(w)n(e)565
1681 y(allo)r(cate)h(the)i(necessary)e(securit)n(y)h(functionalit)n(y)g
(and)h(the)g(resp)r(onsibilit)n(y)f(for)g(its)h(ad-)565
1780 y(ministration)22 b(to)h(eac)n(h)f(domain)g(and)h(the)g(corresp)r
(onding)e(stak)n(eholder.)g(This)i(decision)565 1880
y(m)n(ust)33 b(b)r(e)h(supp)r(orted)f(b)n(y)g(an)g(appropriate)e(sc)n
(heme)i(of)g(securit)n(y)g(iden)n(tities.)g(The)h(se-)565
1980 y(curit)n(y)25 b(iden)n(tities)i(ha)n(v)n(e)e(to)i(b)r(e)g(the)f
(iden)n(tities)h(of)f(the)h(stak)n(eholders)e(\(their)h(domains\),)565
2079 y(whic)n(h)i(are)g(sp)r(eci\014ed)h(in)g(the)g(TINA)g(naming)g
(framew)n(ork.)e(All)i(ob)5 b(jects)28 b(in)h(a)f(domain)565
2179 y(m)n(ust)d(act)g(to)h(the)g(outside)f(under)g(the)h(iden)n(tit)n
(y)g(of)f(their)h(domain.)f(F)-7 b(rom)25 b(the)h(securit)n(y)565
2279 y(p)r(oin)n(t)e(of)g(view,)g(the)g(ob)5 b(jects)24
b(in)g(one)g(domain)f(are)g(seen)h(b)n(y)g(the)g(outside)g(as)f(one)h
(en)n(tit)n(y)-7 b(.)565 2378 y(This)27 b(assumption)g(is)h
(reasonable,)d(since)i(w)n(e)h(ha)n(v)n(e)e(only)h(one)g(user)g(\(the)h
(stak)n(eholder\))565 2478 y(in)f(eac)n(h)g(domain.)648
2577 y(Since)i(there)h(is)g(no)f(cen)n(tral)g(securit)n(y)g
(administration,)g(it)h(m)n(ust)g(b)r(e)g(assumed)f(that)565
2677 y(eac)n(h)d(stak)n(eholder)f(has)i(its)g(o)n(wn)g(securit)n(y)f(p)
r(olicy)-7 b(.)27 b(This)g(heterogeneit)n(y)f(includes)h(also)565
2777 y(di\013eren)n(t)38 b(preferences)f(for)g(cryptographic)f
(algorithms)h(and)h(proto)r(cols)e(to)i(ac)n(hiev)n(e)565
2876 y(the)31 b(same)g(securit)n(y)g(goal.)f(Th)n(us,)h(for)g(eac)n(h)g
(in)n(teraction)f(b)r(et)n(w)n(een)i(domains,)f(a)g(secu-)565
2976 y(rit)n(y)g(con)n(text)h(has)f(to)h(b)r(e)g(negotiated)f(b)r(et)n
(w)n(een)h(the)h(stak)n(eholders.)d(Suc)n(h)i(a)f(negotia-)565
3076 y(tion)25 b(m)n(ust)g(b)r(e)h(supp)r(orted)f(b)n(y)g(the)g
(securit)n(y)g(arc)n(hitecture)f(and)h(the)g(middlew)n(are)g(\(i.e.,)
565 3175 y(CORBA\).)c(Since)g(CORBA)f(pro)n(vides)g(some)g(securit)n(y)
g(functionalit)n(y)-7 b(,)21 b(whic)n(h)f(w)n(e)h(striv)n(e)565
3275 y(to)27 b(use)g(whenev)n(er)f(p)r(ossible)h(in)g(our)g(securit)n
(y)f(arc)n(hitecture)g(for)h(TINA,)h(w)n(e)e(in)n(tro)r(duce)565
3374 y(and)k(analyse)f(CORBA)i(securit)n(y)e(in)i(the)g(next)g(section)
f(and)g(later)g(on)g(return)g(to)h(our)565 3474 y(securit)n(y)26
b(arc)n(hitecture.)565 3756 y Ff(4)91 b(CORBA)30 b(SECURITY)565
3956 y Fg(The)h(CORBA)f(Securit)n(y)h(sp)r(eci\014cation)f(\(OMG)i
(1995)p 2322 3956 25 4 v 28 w(2\))e(has)h(b)r(een)g(released)f(b)n(y)h
(the)565 4055 y(OMG)c(to)g(pro)n(vide)g(the)g(mo)r(del)h(and)f(the)h
(arc)n(hitecture)e(for)h(securit)n(y)g(in)h(CORBA)f(sys-)565
4155 y(tems.)19 b(Besides)g(the)g(general)f(mo)r(del)i(it)f(sp)r
(eci\014es)g(the)h(securit)n(y)f(facilities)g(and)g(in)n(terfaces)565
4254 y(a)n(v)-5 b(ailable)19 b(to)i(application)f(dev)n(elop)r(ers,)f
(securit)n(y)h(administrators,)f(and)i(implemen)n(tors)565
4354 y(of)e(secure)f(CORBA)g(systems.)h(It)g(touc)n(hes)g(on)f(the)i
(problem)e(of)h(secure)f(in)n(terop)r(erabilit)n(y)565
4454 y(b)r(et)n(w)n(een)i(di\013eren)n(t)g(CORBA)h(implemen)n(tations,)
f(although)g(this)g(issue)g(is)h(discussed)f(in)565 4553
y(more)28 b(detail)h(b)n(y)f(a)h(companion)f(do)r(cumen)n(t,)h(the)g
(Common)g(Secure)f(In)n(terop)r(erabilit)n(y)565 4653
y(sp)r(eci\014cation)f(\(OMG)h(1996\).)648 4753 y(The)h(CORBA)g
(Securit)n(y)g(sp)r(eci\014cation)g(de\014nes)h(securit)n(y)e(to)h(b)r
(e)h(a)f(comp)r(ound)h(no-)565 4852 y(tion)k(that)g(is)g(concerned)f
(with)i(con\014den)n(tialit)n(y)e(and)h(in)n(tegrit)n(y)f(of)h
(information,)g(ac-)565 4952 y(coun)n(tabilit)n(y)25
b(of)i(the)g(users)e(for)h(their)h(actions,)f(and)g(a)n(v)-5
b(ailabilit)n(y)25 b(of)i(the)g(system.)f(The)565 5051
y(latter)h(is)g(not)h(co)n(v)n(ered)e(in)h(the)h(do)r(cumen)n(t)g
(later)f(on.)p eop
%%Page: 9 9
9 8 bop 1610 419 a Fb(CORBA)25 b(SECURITY)1046 b Fd(9)648
685 y Fg(Securit)n(y)27 b(is)h(enforced)f(using)h(securit)n(y)f
(functionalit)n(y)h(built)g(in)n(to)g(the)g(system.)g(The)565
784 y(CORBA)f(Securit)n(y)g(sp)r(eci\014cation)g(de\014nes)h(the)g
(follo)n(wing)e(securit)n(y)h(functionalit)n(y:)563 1025
y Fa(\017)41 b Fh(Iden)m(ti\014cation)32 b Fg(and)g Fh(authen)m
(tication)h Fg(of)f(principals)f(to)g(v)n(erify)g(they)i(are)d(who)664
1125 y(they)e(claim)f(to)h(b)r(e.)563 1224 y Fa(\017)41
b Fh(Authorization)e Fg(and)g Fh(access)45 b(con)m(trol)39
b Fg(to)f(decide)h(whether)g(a)f(principal)g(can)664
1324 y(access)27 b(an)g(ob)5 b(ject.)563 1423 y Fa(\017)41
b Fh(Securit)m(y)f(auditing)34 b Fg(to)g(mak)n(e)f(principals)g(accoun)
n(table)g(for)g(their)h(securit)n(y)f(re-)664 1523 y(lated)28
b(actions.)f(Auditing)i(mec)n(hanisms)e(are)f(coupled)i(with)g(authen)n
(tication)g(func-)664 1623 y(tions)g(in)f(order)g(to)g(b)r(e)h(able)f
(to)h(iden)n(tify)g(the)g(principal)f(correctly)-7 b(.)563
1722 y Fa(\017)41 b Fh(Secure)33 b(comm)m(unication)26
b Fg(b)r(et)n(w)n(een)j(ob)5 b(jects,)28 b(whic)n(h)g(requires)g(the)g
Fh(establish-)664 1822 y(men)m(t)j(of)h(securit)m(y)h(asso)s(ciations)
27 b Fg(b)r(et)n(w)n(een)g(clien)n(ts)h(and)g(targets)f(ob)5
b(jects,)27 b(and)664 1922 y Fh(in)m(tegrit)m(y)i(and/or)g(con\014den)m
(tialit)m(y)g(protection)c Fg(of)g(messages)e(in)i(transit)g(b)r(e-)664
2021 y(t)n(w)n(een)i(them.)563 2121 y Fa(\017)41 b Fh(Non-repudiation)
32 b Fg(to)i(pro)n(vide)e(evidence)h(of)g(actions)g(suc)n(h)g(as)f(pro)
r(of)h(of)g(origin)664 2220 y(or)27 b(receipt)g(of)h(data.)563
2320 y Fa(\017)41 b Fh(Administration)26 b Fg(of)h(securit)n(y)g
(information.)648 2561 y(Most)32 b(of)g(these)h(securit)n(y)e
(functions)i(are)e(p)r(erformed)h(during)g(a)g(secure)g(ob)5
b(ject)32 b(in-)565 2660 y(v)n(o)r(cation,)g(whic)n(h)h(is)g(the)g
(basic)g(notion)f(of)i(the)f(sp)r(eci\014cation)g(\(Figure)g(4\).)g
(Eac)n(h)f(se-)565 2760 y(cure)k(ob)5 b(ject)37 b(in)n(v)n(o)r(cation)f
(requires)g(an)h(established)f(securit)n(y)h(asso)r(ciation)e(b)r(et)n
(w)n(een)565 2860 y(the)h(clien)n(t)h(and)f(the)h(target)f(ob)5
b(ject.)36 b(The)g(securit)n(y)g(asso)r(ciation)f(is)h(established)g(b)
n(y)565 2959 y(authen)n(tication)25 b(b)r(et)n(w)n(een)g(the)h(clien)n
(t)g(and)f(the)h(target,)f(making)g(the)g(clien)n(t's)h(securit)n(y)565
3059 y(attributes)38 b(\(iden)n(tit)n(y)g(and)g(privileges\))f(a)n(v)-5
b(ailable)37 b(at)h(the)g(target)g(side,)g(and)g(estab-)565
3159 y(lishing)e(the)h(securit)n(y)f(con)n(text)h(that)g(will)g(b)r(e)g
(used)g(when)g(protecting)g(messages)e(in)565 3258 y(transit)e(b)r(et)n
(w)n(een)i(the)f(clien)n(t)h(and)f(the)h(target)e(ob)5
b(ject.)34 b(The)g(w)n(a)n(y)g(of)g(establishing)f(a)565
3358 y(securit)n(y)i(asso)r(ciation)f(\(e.g.,)i(whether)g(simple)g
(clien)n(t)g(to)f(target)g(authen)n(tication)h(or)565
3457 y(m)n(utual)c(authen)n(tication)g(is)g(used\))h(dep)r(ends)f(on)g
(the)h(securit)n(y)f(p)r(olicies)g(that)g(go)n(v)n(ern)565
3557 y(b)r(oth)g(the)h(clien)n(t)g(and)f(the)h(target)f(ob)5
b(ject.)32 b(Asso)r(ciations)f(will)i(normally)e(p)r(ersist)i(for)565
3657 y(man)n(y)27 b(in)n(teractions.)648 3756 y(F)-7
b(or)34 b(eac)n(h)h(ob)5 b(ject)35 b(in)n(v)n(o)r(cation,)f(the)i
(request)f(from)g(the)h(clien)n(t)f(to)g(the)h(target)f(ob-)565
3856 y(ject)c(is)h(sub)5 b(ject)31 b(to)g(access)g(con)n(trol.)f
(Access)h(con)n(trol)f(ma)n(y)g(tak)n(e)h(place)g(at)g(the)h(clien)n(t)
565 3956 y(side,)25 b(the)i(target)d(side,)i(or)f(b)r(oth)i(sides)e
(according)f(to)i(the)g(access)f(con)n(trol)f(p)r(olicy)-7
b(.)26 b(The)565 4055 y(access)34 b(decision)h(\(i.e.,)g(whether)h
(this)f(clien)n(t)h(can)f(p)r(erform)g(this)g(op)r(eration)g(on)g(this)
565 4155 y(target)26 b(ob)5 b(ject\))27 b(is)g(based)g(on)g(the)g
(clien)n(t's)g(securit)n(y)g(attributes,)g(the)g(target's)f(con)n(trol)
565 4254 y(attributes)f(\(e.g.,)h(access)f(con)n(trol)f(list\),)j(and)e
(other)h(relev)-5 b(an)n(t)25 b(information)g(ab)r(out)h(the)565
4354 y(action)f(\(e.g.,)i(the)f(op)r(eration)g(and)g(data\))g(and)g(ab)
r(out)g(the)h(con)n(text)f(\(e.g.,)g(the)h(curren)n(t)565
4454 y(time\).)33 b(This)f(general)f(mo)r(del)h(enables)g(a)g(large)e
(v)-5 b(ariet)n(y)32 b(of)g(access)f(con)n(trol)g(sc)n(hemes,)565
4553 y(ranging)k(from)h(access)g(con)n(trol)f(lists,)i(o)n(v)n(er)e
(capabilities,)h(to)h(lab)r(el)f(based)h(sc)n(hemes.)565
4653 y(The)25 b(scale)g(of)g(access)f(con)n(trol)h(is)g(not)g(sp)r
(eci\014ed,)h(but)g(it)g(can)f(b)r(e)h(assumed)f(that)h(imple-)565
4753 y(men)n(tors)g(will)i(pro)n(vide)e(access)h(con)n(trol)f(do)n(wn)h
(to)h(the)g(gran)n(ularit)n(y)d(of)i(op)r(erations.)648
4852 y(In)34 b(man)n(y)g(cases,)f(ob)5 b(jects)34 b(p)r(erform)f(op)r
(erations)g(on)h(b)r(ehalf)h(of)f(the)h(initiator)e(of)h(a)565
4952 y(c)n(hain)22 b(of)g(ob)5 b(ject)23 b(in)n(v)n(o)r(cations.)e(In)h
(suc)n(h)h(cases,)e(the)i(initiator,)f(whic)n(h)h(can)f(b)r(e)h(a)f(h)n
(uman)565 5051 y(user)g(or)g(a)g(system)h(en)n(tit)n(y)-7
b(,)23 b(needs)g(to)g(delegate)f(some)g(or)g(all)h(of)g(its)g
(privilege)f(attributes)p eop
%%Page: 10 10
10 9 bop 565 419 a Fd(10)962 1648 y @beginspecial @setspecial
%%BeginDocument: SecObjInvoc.epsss
/sf {128 188 div} def
/llx {-0} def
/lly {-0} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
%Magnification: 1.05 
/$F2psDict 200 dict def 
$F2psDict begin 
$F2psDict /mtrx matrix put 
/col-1 {0 setgray} bind def 
/col0 {0.000 0.000 0.000 srgb} bind def 
/col1 {0.000 0.000 1.000 srgb} bind def 
/col2 {0.000 1.000 0.000 srgb} bind def 
/col3 {0.000 1.000 1.000 srgb} bind def 
/col4 {1.000 0.000 0.000 srgb} bind def 
/col5 {1.000 0.000 1.000 srgb} bind def 
/col6 {1.000 1.000 0.000 srgb} bind def 
/col7 {1.000 1.000 1.000 srgb} bind def 
/col8 {0.000 0.000 0.560 srgb} bind def 
/col9 {0.000 0.000 0.690 srgb} bind def 
/col10 {0.000 0.000 0.820 srgb} bind def 
/col11 {0.530 0.810 1.000 srgb} bind def 
/col12 {0.000 0.560 0.000 srgb} bind def 
/col13 {0.000 0.690 0.000 srgb} bind def 
/col14 {0.000 0.820 0.000 srgb} bind def 
/col15 {0.000 0.560 0.560 srgb} bind def 
/col16 {0.000 0.690 0.690 srgb} bind def 
/col17 {0.000 0.820 0.820 srgb} bind def 
/col18 {0.560 0.000 0.000 srgb} bind def 
/col19 {0.690 0.000 0.000 srgb} bind def 
/col20 {0.820 0.000 0.000 srgb} bind def 
/col21 {0.560 0.000 0.560 srgb} bind def 
/col22 {0.690 0.000 0.690 srgb} bind def 
/col23 {0.820 0.000 0.820 srgb} bind def 
/col24 {0.500 0.190 0.000 srgb} bind def 
/col25 {0.630 0.250 0.000 srgb} bind def 
/col26 {0.750 0.380 0.000 srgb} bind def 
/col27 {1.000 0.500 0.500 srgb} bind def 
/col28 {1.000 0.630 0.630 srgb} bind def 
/col29 {1.000 0.750 0.750 srgb} bind def 
/col30 {1.000 0.880 0.880 srgb} bind def 
/col31 {1.000 0.840 0.000 srgb} bind def 
end 
save 
-7.0 217.0 translate 
1 -1 scale 
/cp {closepath} bind def 
/ef {eofill} bind def 
/gr {grestore} bind def 
/gs {gsave} bind def 
/sa {save} bind def 
/rs {restore} bind def 
/l {lineto} bind def 
/m {moveto} bind def 
/rm {rmoveto} bind def 
/n {newpath} bind def 
/s {stroke} bind def 
/sh {show} bind def 
/slc {setlinecap} bind def 
/slj {setlinejoin} bind def 
/slw {setlinewidth} bind def 
/srgb {setrgbcolor} bind def 
/rot {rotate} bind def 
/sc {scale} bind def 
/sd {setdash} bind def 
/ff {findfont} bind def 
/sf {setfont} bind def 
/scf {scalefont} bind def 
/sw {stringwidth} bind def 
/tr {translate} bind def 
/tnt {dup dup currentrgbcolor 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} 
bind def 
/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 
4 -2 roll mul srgb} bind def 
/DrawEllipse { 
/endangle exch def 
/startangle exch def 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y tr xrad yrad sc 0 0 1 startangle endangle arc 
closepath 
savematrix setmatrix 
} def 
/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def 
/$F2psEnd {$F2psEnteredState restore end} def 
$F2psBegin 
10 setmiterlimit 
n 0 792 m 0 0 l 612 0 l 612 792 l cp clip 
0.06299 0.06299 sc 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
1174 835 m 
gs 1 -1 sc (Client) col-1 sh gr 
7.500 slw 
% Ellipse 
n 4448 795 306 307 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
4220 835 m 
gs 1 -1 sc (Target) col-1 sh gr 
% Polyline 
n 240 2250 m 135 2250 135 3315 105 arcto 4 {pop} repeat 
135 3420 2100 3420 105 arcto 4 {pop} repeat 
2205 3420 2205 2355 105 arcto 4 {pop} repeat 
2205 2250 240 2250 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
225 2475 m 
gs 1 -1 sc (Client-side security:) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
225 2700 m 
gs 1 -1 sc (security association,) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
225 2925 m 
gs 1 -1 sc (access control,) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
225 3150 m 
gs 1 -1 sc (message protection,) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
225 3375 m 
gs 1 -1 sc (audit) col-1 sh gr 
% Polyline 
n 3750 2250 m 3645 2250 3645 3315 105 arcto 4 {pop} repeat 
3645 3420 5610 3420 105 arcto 4 {pop} repeat 
5715 3420 5715 2355 105 arcto 4 {pop} repeat 
5715 2250 3750 2250 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
3735 2475 m 
gs 1 -1 sc (Target-side security:) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
3735 2700 m 
gs 1 -1 sc (security association,) col-1 sh gr 
% Ellipse 
n 1364 795 314 316 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
3735 2925 m 
gs 1 -1 sc (access control,) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
2745 1710 m 
gs 1 -1 sc (ORB) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
3735 3150 m 
gs 1 -1 sc (message protection,) col-1 sh gr 
/Helvetica-Narrow-Bold ff 180.00 scf sf 
3735 3375 m 
gs 1 -1 sc (audit) col-1 sh gr 
% Polyline 
n 675 1620 m 900 1170 l 900 1395 l 4950 1395 l 4950 1170 l 5175 1620 l 
4950 2070 l 4950 1845 l 900 1845 l 900 2070 l 675 1620 l gs col-1 s gr 
% Polyline 
gs clippath 
1380 1248 m 1350 1368 l 1320 1248 l 1320 1410 l 1380 1410 l cp clip 
n 1350 1125 m 1350 1395 l gs col-1 s gr gr 
% arrowhead 
n 1380 1248 m 1350 1368 l 1320 1248 l 1350 1248 l 1380 1248 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
n 1350 1395 m 1350 1620 l 2700 1620 l gs col-1 s gr 
% Polyline 
gs clippath 
4425 1272 m 4455 1152 l 4485 1272 l 4485 1110 l 4425 1110 l cp clip 
n 4455 1395 m 4455 1125 l gs col-1 s gr gr 
% arrowhead 
n 4425 1272 m 4455 1152 l 4485 1272 l 4455 1272 l 4425 1272 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
n 3195 1620 m 4455 1620 l 4455 1395 l gs col-1 s gr 
% Polyline 
[66.7] 0 sd 
n 1125 2250 m 1350 1620 l gs col-1 s gr [] 0 sd 
% Polyline 
[66.7] 0 sd 
n 4725 2250 m 4455 1620 l gs col-1 s gr [] 0 sd 
% Polyline 
n 4365 1530 m 4545 1530 l 4545 1710 l 4365 1710 l cp gs 0.65 setgray ef gr gs col-1 s gr 
% Polyline 
n 1260 1530 m 1440 1530 l 1440 1710 l 1260 1710 l cp gs 0.65 setgray ef gr gs col-1 s gr 
$F2psEnd 
rs 
%%EndDocument
 @endspecial 1085 1847 a Fh(Figure)31 b(4)47 b Fg(Secure)28
b(Ob)5 b(ject)27 b(In)n(v)n(o)r(cation)f(in)i(CORBA)565
2162 y(to)f(the)h(in)n(termediate)f(ob)5 b(jects)27 b(that)g(will)h
(act)f(on)g(its)h(b)r(ehalf.)g(The)f(CORBA)h(Securit)n(y)565
2262 y(sp)r(eci\014cation)23 b(is)h(v)n(ery)f(general)f(and)i(enables)f
(virtually)h(all)f(kinds)h(of)g(delegation)f(mo)r(d-)565
2362 y(els)30 b(\(simple,)h(comp)r(osite,)f(com)n(bined)g(and)g(traced)
f(delegation\).)h(The)h(actual)f(t)n(yp)r(e)g(of)565
2461 y(delegation)i(is)h(selected)g(according)e(to)i(the)g(delegation)f
(p)r(olicy)h(either)g(b)n(y)g(the)g(ORB)565 2561 y(system)27
b(automatically)-7 b(,)27 b(or)f(b)n(y)i(applications)e(via)h(w)n(ell)h
(de\014ned)g(in)n(terfaces.)648 2660 y(Dep)r(ending)39
b(on)e(the)i(securit)n(y)f(p)r(olicy)-7 b(,)38 b(the)g(in)n(tegrit)n(y)
g(and/or)e(con\014den)n(tialit)n(y)i(of)565 2760 y(the)j(messages)e(b)r
(et)n(w)n(een)i(the)h(clien)n(t)f(and)f(the)i(target)e(ob)5
b(ject)41 b(ma)n(y)f(b)r(e)h(protected,)565 2860 y(and)f(optionally)g
(non-repudiation)f(ma)n(y)h(b)r(e)h(pro)n(vided)f(b)n(y)g
(cryptographic)e(means.)565 2959 y(F)-7 b(or)24 b(the)h(detection)f(of)
h(actual)f(or)g(attempted)h(securit)n(y)f(violations,)f(securit)n(y)h
(auditing)565 3059 y(is)31 b(p)r(erformed.)g(Dep)r(ending)i(on)e(the)h
(implemen)n(tation,)g(recording)e(securit)n(y)h(relev)-5
b(an)n(t)565 3159 y(ev)n(en)n(ts)28 b(ma)n(y)h(in)n(v)n(olv)n(e)g
(writing)g(ev)n(en)n(t)g(information)g(to)h(a)f(log,)g(and/or)f
(generating)g(an)565 3258 y(alarm.)37 b(Audit)j(p)r(olicies)f(sp)r
(ecify)g(whic)n(h)g(ev)n(en)n(ts)f(should)g(b)r(e)h(audited)g(under)g
(whic)n(h)565 3358 y(circumstances.)648 3457 y(A)28 b(distributed)h(ob)
5 b(ject)28 b(system)g(ma)n(y)f(consist)h(of)g(a)g(h)n(uge)g(amoun)n(t)
g(of)g(ob)5 b(jects)28 b(with)565 3557 y(a)36 b(p)r(ossibly)h(ev)n(en)f
(larger)g(amoun)n(t)g(of)h(securit)n(y)f(asso)r(ciations)f(b)r(et)n(w)n
(een)i(them.)h(This)565 3657 y(fact)29 b(raises)e(the)j(issue)e(of)h
(scalabilit)n(y)-7 b(.)28 b(In)i(order)d(to)i(cop)r(e)g(with)h(the)f
(scalabilit)n(y)f(prob-)565 3756 y(lem,)c(the)h(notion)f(of)g(domains)f
(is)h(in)n(tro)r(duced.)h(Three)e(t)n(yp)r(es)h(of)h(domains)e(with)i
(regard)565 3856 y(to)j(securit)n(y)g(are)g(de\014ned)i(b)n(y)e(the)h
(CORBA)g(Securit)n(y)g(sp)r(eci\014cation:)f(securit)n(y)g(p)r(olicy)
565 3956 y(domains,)e(securit)n(y)h(en)n(vironmen)n(t)f(domains,)h(and)
g(securit)n(y)g(tec)n(hnology)f(domains.)h(A)565 4055
y(securit)n(y)j(p)r(olicy)g(domain)h(is)g(the)g(scop)r(e)f(o)n(v)n(er)g
(whic)n(h)g(a)h(securit)n(y)f(p)r(olicy)h(is)g(enforced.)565
4155 y(A)37 b(securit)n(y)f(p)r(olicy)h(domain)f(is)h(administered)f(b)
n(y)h(a)f(single)h(securit)n(y)f(authorit)n(y)-7 b(.)36
b(A)565 4254 y(securit)n(y)24 b(en)n(vironmen)n(t)h(domain)h(is)f(a)h
(domain)f(in)h(whic)n(h)g(the)g(enforcemen)n(t)g(of)f(the)i(se-)565
4354 y(curit)n(y)g(p)r(olicy)i(is)f(ac)n(hiev)n(ed)f(b)n(y)h(lo)r(cal)g
(means)g(\(e.g.,)g(ob)5 b(jects)28 b(on)g(the)g(same)g(mac)n(hine\).)
565 4454 y(The)i(securit)n(y)g(tec)n(hnology)f(domain)h(is)h(a)f(set)h
(of)g(ob)5 b(jects)30 b(for)g(whic)n(h)g(the)i(same)e(secu-)565
4553 y(rit)n(y)h(tec)n(hnology)f(\(e.g.,)i(Kerb)r(eros)d(\(Neuman)k
(and)e(Ts'o)g(1994\)\))f(is)i(used)g(to)f(pro)n(vide)565
4653 y(securit)n(y)-7 b(.)648 4753 y(Eac)n(h)35 b(securit)n(y)h(domain)
g(con)n(tains)g(a)g(domain)g(manager)f(ob)5 b(ject)36
b(that)h(references)565 4852 y(the)h(v)-5 b(alid)38 b(securit)n(y)f(p)r
(olicy)g(ob)5 b(jects)38 b(for)f(that)h(domain.)f(A)i(securit)n(y)e(p)r
(olicy)g(ob)5 b(ject)565 4952 y(is)30 b(the)g(represen)n(tation)e(of)j
(a)e(securit)n(y)h(p)r(olicy)g(\(e.g.,)g(access)f(con)n(trol,)f
(delegation,)i(se-)565 5051 y(cure)19 b(in)n(v)n(o)r(cation,)f(or)h
(audit)h(p)r(olicy\),)g(whic)n(h)g(is)f(de\014ned)h(and)g(managed)e(b)n
(y)i(the)g(securit)n(y)p eop
%%Page: 11 11
11 10 bop 1592 419 a Fb(CORBA)25 b(SECURITY)1028 b Fd(11)565
685 y Fg(administrator)20 b(of)i(the)h(domain.)e(Up)r(on)i(the)f
(creation)f(of)h(an)g(ob)5 b(ject,)22 b(the)g(ORB)g(implic-)565
784 y(itly)k(asso)r(ciates)e(the)j(ob)5 b(ject)26 b(with)g(one)g(or)f
(more)h(securit)n(y)f(domains)g(according)g(to)h(the)565
884 y(construction)d(p)r(olicy)g(\(the)i(ob)5 b(jects)23
b(can)g(b)r(e)i(mo)n(v)n(ed)d(b)r(et)n(w)n(een)i(domains)f(later)g
(on\))h(and)565 983 y(then)e(transparen)n(tly)e(enforces)h(the)h
(securit)n(y)f(p)r(olicies)h(of)g(those)g(domains.)f(In)h(this)g(w)n(a)
n(y)-7 b(,)565 1083 y(securit)n(y)28 b(is)h(pro)n(vided)g(to)g(all)g
(applications,)g(ev)n(en)g(to)g(those)g(that)h(are)f(una)n(w)n(are)e
(of)j(it.)565 1183 y(Additional)22 b(securit)n(y)g(measures)f(ma)n(y)h
(b)r(e)h(enforced)f(b)n(y)g(the)h(applications)f(themselv)n(es.)565
1282 y(This)f(ma)n(y)g(b)r(e)i(done)e(b)n(y)h(additional)f(enforcemen)n
(t)g(of)h(administrator)e(de\014ned)i(p)r(olicies,)565
1382 y(and/or)29 b(direct)i(use)h(of)f(securit)n(y)f(features)h
(\(e.g.,)g(non-repudiation\))g(via)g(application)565
1482 y(in)n(terfaces.)i(The)h(securit)n(y)f(measures)g(enforced)g(b)n
(y)h(the)g(applications)g(cannot)f(o)n(v)n(er-)565 1581
y(ride)c(the)h(securit)n(y)f(p)r(olicies)h(de\014ned)g(b)n(y)f(the)i
(administrator.)d(The)i(rationale)e(b)r(ehind)565 1681
y(these)35 b(t)n(w)n(o)f(lev)n(els)g(of)h(securit)n(y)f(is)h(the)g
(fact)g(that)g(in)h(the)f(general)f(case,)g(application)565
1780 y(dev)n(elop)r(ers)h(cannot)g(b)r(e)i(exp)r(ected)g(to)f(b)r(e)g
(a)n(w)n(are)f(of)h(all)g(the)h(threats)e(to)h(whic)n(h)h(the)565
1880 y(system)24 b(will)g(b)r(e)h(sub)5 b(ject,)25 b(and)f(to)h(put)g
(the)g(righ)n(t)e(coun)n(termeasures)g(in)h(place.)g(On)h(the)565
1980 y(other)f(hand,)i(there)f(are)f(mission)h(critical)g(applications)
g(\(e.g.,)g(in)h(the)f(banking)g(or)g(the)565 2079 y(telecomm)n
(unications)k(w)n(orld\))g(that)h(require)f(the)h(application)f
(programmer)e(to)j(ha)n(v)n(e)565 2179 y(more)c(con)n(trol)h(o)n(v)n
(er)e(securit)n(y)-7 b(.)648 2279 y(The)24 b(securit)n(y)f
(functionalit)n(y)i(describ)r(ed)f(ab)r(o)n(v)n(e)f(\(i.e.,)i(authen)n
(tication,)f(access)f(con-)565 2378 y(trol,)j(message)f(protection,)h
(auditing,)h(etc.\))g(is)f(pro)n(vided)g(b)n(y)g(ORB)h(securit)n(y)e
(services)565 2478 y(that)32 b(ma)n(y)g(rely)f(on)i(some)e(underlying)h
(securit)n(y)f(tec)n(hnology)-7 b(,)31 b(whic)n(h)i(itself)g(ma)n(y)e
(use)565 2577 y(op)r(erating)j(system)h(mec)n(hanisms)g(and)h
(additional)f(securit)n(y)f(hardw)n(are)g(\(Figure)h(5\).)565
2677 y(During)22 b(secure)h(ob)5 b(ject)23 b(in)n(v)n(o)r(cations,)e
(the)j(ORB)e(in)n(tercepts)h(the)h(requests)e(and)h(replies)565
2777 y(b)r(et)n(w)n(een)34 b(the)i(clien)n(t)f(and)f(the)i(target)e(ob)
5 b(ject)34 b(and)h(calls)f(the)i(appropriate)d(securit)n(y)565
2876 y(services.)38 b(Some)h(of)g(the)h(securit)n(y)e(services)g(can)h
(b)r(e)h(in)n(v)n(ok)n(ed)e(b)n(y)h(the)h(applications)565
2976 y(directly)-7 b(,)37 b(to)h(enforce)e(their)i(o)n(wn)f(securit)n
(y)g(preferences.)f(An)i(imp)r(ortan)n(t)g(asp)r(ect)f(of)565
3076 y(this)k(arc)n(hitecture)e(is)i(that)g(the)g(comp)r(onen)n(ts)g
(that)g(implemen)n(t)g(the)g(securit)n(y)f(ser-)565 3175
y(vices)c(are)f(indep)r(enden)n(t)i(of)g(an)n(y)f(sp)r(eci\014c)g
(securit)n(y)g(tec)n(hnology)-7 b(.)35 b(The)h(sp)r(eci\014cation)565
3275 y(allo)n(ws)25 b(the)j(use)e(of)h(an)g(isolating)f(in)n(terface)g
(\(e.g.,)h(GSS-API)g(\(IETF)g(1993\)\))f(b)r(et)n(w)n(een)565
3374 y(this)h(lev)n(el)f(and)g(the)h(securit)n(y)f(tec)n(hnology)-7
b(,)26 b(allo)n(wing)f(di\013eren)n(t)i(securit)n(y)f(tec)n(hnologies)
565 3474 y(to)32 b(b)r(e)h(accommo)r(dated)e(within)i(the)g(arc)n
(hitecture,)e(suc)n(h)h(as)g(tec)n(hnologies)e(based)i(on)565
3574 y(op)r(erating)27 b(system)h(protection)g(mec)n(hanisms,)g
(existing)g(securit)n(y)g(comp)r(onen)n(ts)g(\(e.g.,)565
3673 y(cryptographic)d(libraries\),)i(or)f(a)i(set)f(of)h(distributed)g
(securit)n(y)e(services.)648 3773 y(The)31 b(sp)r(eci\014cation)f(of)h
(secure)f(in)n(terop)r(erabilit)n(y)g(b)r(et)n(w)n(een)h(di\013eren)n
(t)g(CORBA)g(im-)565 3873 y(plemen)n(tations)25 b(extends)h(the)g
(CORBA)g(2.0)f(standard.)g(A)h(new)g(proto)r(col,)f(the)h(Secure)565
3972 y(In)n(ter-ORB)e(Proto)r(col)h(\(SECIOP\))g(is)h(sp)r(eci\014ed,)g
(whic)n(h)g(enables)g(secure)f(in)n(teractions)565 4072
y(of)36 b(clien)n(ts)h(and)g(target)f(ob)5 b(jects)36
b(that)h(reside)f(on)h(di\013eren)n(t)g(ORBs,)f(as)g(long)g(as)h(the)
565 4171 y(same)25 b(securit)n(y)h(tec)n(hnology)f(is)h(used)g(on)g(b)r
(oth)h(sides.)f(The)h(information,)e(whic)n(h)i(secu-)565
4271 y(rit)n(y)20 b(tec)n(hnology)g(an)h(ob)5 b(ject)22
b(supp)r(orts)e(is)i(part)f(of)g(the)h(in)n(terop)r(erable)e(ob)5
b(ject)21 b(reference)565 4371 y(\(IOR\).)34 b(Based)e(on)i(the)g
(information)e(in)i(the)g(IOR,)g(a)f(securit)n(y)g(con)n(text)g
(acceptable)565 4470 y(for)c(b)r(oth)i(sides)f(can)g(b)r(e)g
(established.)g(The)h(establishmen)n(t)f(of)g(the)h(securit)n(y)e(asso)
r(cia-)565 4570 y(tion)c(and)g(the)g(protection)g(of)g(messages)e(are)h
(con)n(trolled)g(b)n(y)h(securit)n(y)f(tok)n(ens)h(that)g(are)565
4670 y(added)35 b(to)g(the)h(in)n(ter-ORB)e(proto)r(cols.)g(Key)h
(managemen)n(t)g(is)g(not)g(explicitly)h(dealt)565 4769
y(with)28 b(in)g(the)f(CORBA)h(Securit)n(y)f(sp)r(eci\014cation.)648
4869 y(The)i(Common)f(Secure)h(In)n(terop)r(erabilit)n(y)e(do)r(cumen)n
(t)i(\(OMG)g(1996\))f(sp)r(eci\014es)h(the)565 4968 y(use)36
b(of)h(the)g(proto)r(cols)e(of)i(three)f(securit)n(y)g(tec)n(hnologies)
f(within)j(SECIOP)-7 b(,)35 b(namely)p eop
%%Page: 12 12
12 11 bop 565 419 a Fd(12)1028 1766 y @beginspecial @setspecial
%%BeginDocument: CORBASecModel.epsss
/sf {142 199 div} def
/llx {-0} def
/lly {-0} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
%Magnification: 1.05 
/$F2psDict 200 dict def 
$F2psDict begin 
$F2psDict /mtrx matrix put 
/col-1 {0 setgray} bind def 
/col0 {0.000 0.000 0.000 srgb} bind def 
/col1 {0.000 0.000 1.000 srgb} bind def 
/col2 {0.000 1.000 0.000 srgb} bind def 
/col3 {0.000 1.000 1.000 srgb} bind def 
/col4 {1.000 0.000 0.000 srgb} bind def 
/col5 {1.000 0.000 1.000 srgb} bind def 
/col6 {1.000 1.000 0.000 srgb} bind def 
/col7 {1.000 1.000 1.000 srgb} bind def 
/col8 {0.000 0.000 0.560 srgb} bind def 
/col9 {0.000 0.000 0.690 srgb} bind def 
/col10 {0.000 0.000 0.820 srgb} bind def 
/col11 {0.530 0.810 1.000 srgb} bind def 
/col12 {0.000 0.560 0.000 srgb} bind def 
/col13 {0.000 0.690 0.000 srgb} bind def 
/col14 {0.000 0.820 0.000 srgb} bind def 
/col15 {0.000 0.560 0.560 srgb} bind def 
/col16 {0.000 0.690 0.690 srgb} bind def 
/col17 {0.000 0.820 0.820 srgb} bind def 
/col18 {0.560 0.000 0.000 srgb} bind def 
/col19 {0.690 0.000 0.000 srgb} bind def 
/col20 {0.820 0.000 0.000 srgb} bind def 
/col21 {0.560 0.000 0.560 srgb} bind def 
/col22 {0.690 0.000 0.690 srgb} bind def 
/col23 {0.820 0.000 0.820 srgb} bind def 
/col24 {0.500 0.190 0.000 srgb} bind def 
/col25 {0.630 0.250 0.000 srgb} bind def 
/col26 {0.750 0.380 0.000 srgb} bind def 
/col27 {1.000 0.500 0.500 srgb} bind def 
/col28 {1.000 0.630 0.630 srgb} bind def 
/col29 {1.000 0.750 0.750 srgb} bind def 
/col30 {1.000 0.880 0.880 srgb} bind def 
/col31 {1.000 0.840 0.000 srgb} bind def 
end 
save 
-27.0 228.0 translate 
1 -1 scale 
/cp {closepath} bind def 
/ef {eofill} bind def 
/gr {grestore} bind def 
/gs {gsave} bind def 
/sa {save} bind def 
/rs {restore} bind def 
/l {lineto} bind def 
/m {moveto} bind def 
/rm {rmoveto} bind def 
/n {newpath} bind def 
/s {stroke} bind def 
/sh {show} bind def 
/slc {setlinecap} bind def 
/slj {setlinejoin} bind def 
/slw {setlinewidth} bind def 
/srgb {setrgbcolor} bind def 
/rot {rotate} bind def 
/sc {scale} bind def 
/sd {setdash} bind def 
/ff {findfont} bind def 
/sf {setfont} bind def 
/scf {scalefont} bind def 
/sw {stringwidth} bind def 
/tr {translate} bind def 
/tnt {dup dup currentrgbcolor 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} 
bind def 
/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 
4 -2 roll mul srgb} bind def 
/DrawEllipse { 
/endangle exch def 
/startangle exch def 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y tr xrad yrad sc 0 0 1 startangle endangle arc 
closepath 
savematrix setmatrix 
} def 
/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def 
/$F2psEnd {$F2psEnteredState restore end} def 
$F2psBegin 
10 setmiterlimit 
n 0 792 m 0 0 l 612 0 l 612 792 l cp clip 
0.06299 0.06299 sc 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
1174 835 m 
gs 1 -1 sc (Client) col-1 sh gr 
7.500 slw 
% Ellipse 
n 4448 795 306 307 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
4220 835 m 
gs 1 -1 sc (Target) col-1 sh gr 
% Ellipse 
n 2963 1948 392 395 0 360 DrawEllipse gs col-1 s gr 
% Ellipse 
n 3001 1986 392 395 0 360 DrawEllipse gs col-1 s gr 
% Ellipse 
n 2926 1910 392 395 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
2620 1872 m 
gs 1 -1 sc (Security) col-1 sh gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
2620 2064 m 
gs 1 -1 sc (Services) col-1 sh gr 
% Polyline 
n 831 2486 m 4981 2486 l 4981 2755 l 831 2755 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
2581 2678 m 
gs 1 -1 sc (ORB Core) col-1 sh gr 
% Polyline 
n 831 3062 m 4981 3062 l 4981 3331 l 831 3331 l cp gs col-1 s gr 
% Polyline 
n 831 3331 m 4981 3331 l 4981 3600 l 831 3600 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
2124 3255 m 
gs 1 -1 sc (Security Technology) col-1 sh gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
1668 3523 m 
gs 1 -1 sc (Basic Protection & Communication) col-1 sh gr 
% Polyline 
n 959 1793 m 869 1793 869 1896 90 arcto 4 {pop} repeat 
869 1986 1769 1986 90 arcto 4 {pop} repeat 
1859 1986 1859 1883 90 arcto 4 {pop} repeat 
1859 1793 959 1793 90 arcto 4 {pop} repeat 
cp gs col-1 s gr 
% Ellipse 
n 1364 795 314 316 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
991 1948 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Polyline 
n 3953 1910 m 3344 1910 l gs col-1 s gr 
% Polyline 
n 4043 1793 m 3953 1793 3953 1896 90 arcto 4 {pop} repeat 
3953 1986 4853 1986 90 arcto 4 {pop} repeat 
4943 1986 4943 1883 90 arcto 4 {pop} repeat 
4943 1793 4043 1793 90 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 165.00 scf sf 
4074 1948 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Polyline 
n 450 2140 m 640 1181 l 640 1372 l 5210 1372 l 5210 1181 l 5400 2140 l 
5210 3101 l 5210 2909 l 640 2909 l 640 3101 l 450 2140 l gs col-1 s gr 
% Polyline 
gs clippath 
1280 1609 m 1250 1729 l 1220 1609 l 1220 1771 l 1280 1771 l cp clip 
n 1250 1142 m 1250 1756 l gs col-1 s gr gr 
% arrowhead 
n 1280 1609 m 1250 1729 l 1220 1609 l 1250 1609 l 1280 1609 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1448 1289 m 1478 1169 l 1508 1289 l 1508 1127 l 1448 1127 l cp clip 
n 1478 1142 m 1478 1756 l gs col-1 s gr gr 
% arrowhead 
n 1448 1289 m 1478 1169 l 1508 1289 l 1478 1289 l 1448 1289 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
4304 1289 m 4334 1169 l 4364 1289 l 4364 1127 l 4304 1127 l cp clip 
n 4334 1142 m 4334 1756 l gs col-1 s gr gr 
% arrowhead 
n 4304 1289 m 4334 1169 l 4364 1289 l 4334 1289 l 4304 1289 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
4591 1609 m 4561 1729 l 4531 1609 l 4531 1771 l 4591 1771 l cp clip 
n 4561 1142 m 4561 1756 l gs col-1 s gr gr 
% arrowhead 
n 4591 1609 m 4561 1729 l 4531 1609 l 4561 1609 l 4591 1609 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1448 2172 m 1478 2052 l 1508 2172 l 1508 2010 l 1448 2010 l cp clip 
n 1478 2025 m 1478 2447 l gs col-1 s gr gr 
% arrowhead 
n 1448 2172 m 1478 2052 l 1508 2172 l 1478 2172 l 1448 2172 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
4304 2172 m 4334 2052 l 4364 2172 l 4364 2010 l 4304 2010 l cp clip 
n 4334 2025 m 4334 2447 l gs col-1 s gr gr 
% arrowhead 
n 4304 2172 m 4334 2052 l 4364 2172 l 4334 2172 l 4304 2172 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
4591 2300 m 4561 2420 l 4531 2300 l 4531 2462 l 4591 2462 l cp clip 
n 4561 2025 m 4561 2447 l gs col-1 s gr gr 
% arrowhead 
n 4591 2300 m 4561 2420 l 4531 2300 l 4561 2300 l 4591 2300 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1280 2300 m 1250 2420 l 1220 2300 l 1220 2462 l 1280 2462 l cp clip 
n 1250 2025 m 1250 2447 l gs col-1 s gr gr 
% arrowhead 
n 1280 2300 m 1250 2420 l 1220 2300 l 1250 2300 l 1280 2300 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
n 1859 1910 m 2506 1910 l gs col-1 s gr 
% Polyline 
[15 50.0] 50.0 sd 
n 2926 2332 m 2926 2486 l gs col-1 s gr [] 0 sd 
% Polyline 
[15 50.0] 50.0 sd 
n 2926 2755 m 2926 3062 l gs col-1 s gr [] 0 sd 
$F2psEnd 
rs 
%%EndDocument
 @endspecial 1222 1965 a Fh(Figure)31 b(5)48 b Fg(Mo)r(del)27
b(of)h(Securit)n(y)f(in)h(CORBA)565 2246 y(SPKM,)36 b(Kerb)r(eros,)g
(and)h(the)g(ECMA)h(securit)n(y)e(proto)r(col.)g(If)i(the)f(in)n(terop)
r(erabilit)n(y)565 2346 y(b)r(et)n(w)n(een)i(the)h(ORBs)f(is)h(based)f
(on)h(DCE)g(\(OSF)g(1992\),)e(then)i(the)g(DCE)g(securit)n(y)565
2445 y(tec)n(hnology)23 b(\(X/Op)r(en)i(1994\))e(based)h(on)h(the)g
(Kerb)r(eros)e(proto)r(cols)g(can)h(also)g(b)r(e)h(used.)565
2545 y(A)30 b(recen)n(t)g(addendum)h(\(OMG)g(1997\))e(allo)n(ws)g(also)
g(the)i(Secure)f(So)r(c)n(k)n(et)g(La)n(y)n(er)e(\(SSL\))565
2645 y(\(Netscap)r(e)f(1996\))f(to)i(b)r(e)g(the)g(basis)f(of)g(in)n
(ter-ORB)g(securit)n(y)-7 b(.)565 2959 y Ff(5)91 b(THE)30
b(CR)-8 b(YSTINA)30 b(SECURITY)f(AR)m(CHITECTURE)565
3159 y Fg(Securit)n(y)22 b(features)g(in)h(TINA)h(are)e(implemen)n(ted)
h(at)g(v)-5 b(arious)22 b(lev)n(els.)g(In)h(our)f(approac)n(h,)565
3258 y(the)h(DPE)g(o\013ers)g(general)f(securit)n(y)g(functionalit)n(y)
h(to)h(the)f(applications)g(on)g(eac)n(h)g(DPE)565 3358
y(no)r(de)j(as)f(part)h(of)h(the)f(DPE)g(functionalit)n(y)-7
b(.)26 b(T)-7 b(o)26 b(ease)g(in)n(tegration)f(in)h(applications,)g(as)
565 3457 y(m)n(uc)n(h)21 b(functionalit)n(y)g(as)g(p)r(ossible)g
(should)h(b)r(e)g(pro)n(vided)e(as)h(self-con)n(tained)g(DPE)g(secu-)
565 3557 y(rit)n(y)k(services.)g(Ho)n(w)n(ev)n(er,)f(the)i(DPE)f
(should)h(also)f(pro)n(vide)g(lo)n(w)n(er)f(lev)n(el)h(DPE)h(securit)n
(y)565 3657 y(mec)n(hanisms)17 b(to)i(the)g(applications)f(for)g
(handling)g(application)g(sp)r(eci\014c)h(securit)n(y)f(tasks.)565
3756 y(The)27 b(la)n(y)n(ering)d(of)j(the)h(securit)n(y)e(functionalit)
n(y)h(is)g(illustrated)f(in)i(Figure)e(6.)h(The)g(DPE)565
3856 y(securit)n(y)e(services)h(are)f(exclusiv)n(ely)h(based)g(on)h
(the)g(DPE)f(securit)n(y)g(mec)n(hanisms.)g(The)565 3956
y(implemen)n(tation)j(of)h(these)g(mec)n(hanisms)f(ma)n(y)g(directly)h
(use)f(cryptographic)f(mec)n(ha-)565 4055 y(nisms)k(or)g(ma)n(y)g(b)r
(e)h(built)g(on)g(a)n(v)-5 b(ailable)31 b(higher)h(lev)n(el)g(securit)n
(y)g(tec)n(hnology)-7 b(,)31 b(suc)n(h)i(as)565 4155
y(Kerb)r(eros.)17 b(The)j(underlying)f(securit)n(y)f(tec)n(hnology)g
(ma)n(y)h(use)g(the)h(same)f(cryptographic)565 4254 y(mec)n(hanisms)h
(as)h(the)h(DPE)e(securit)n(y)h(mec)n(hanisms)f(or)h(proprietary)e
(implemen)n(tations.)565 4354 y(The)24 b(use)h(of)f(cryptographic)f
(mec)n(hanisms)h(and/or)f(higher)h(lev)n(el)g(securit)n(y)g(tec)n
(hnology)565 4454 y(ma)n(y)k(b)r(e)i(accomplished)f(through)f
(standardized)h(in)n(terfaces)f(\(e.g.,)i(GSS-API\))f(to)g(fa-)565
4553 y(cilitate)35 b(the)h(in)n(tegration)e(of)h(existing)g(pro)r
(ducts)g(in)n(to)g(the)h(DPE.)f(Ab)r(o)n(v)n(e)g(the)h(DPE)565
4653 y(lev)n(el,)g(there)h(are)f(sp)r(ecial)h(securit)n(y)f(services,)g
(whic)n(h)h(also)f(rely)g(exclusiv)n(ely)g(on)h(the)565
4753 y(DPE)24 b(securit)n(y)f(services)g(and)i(mec)n(hanisms.)e(They)i
(are)e(used)i(b)n(y)f(TINA)h(applications,)565 4852 y(but)31
b(are)e(applications)h(themselv)n(es.)g(The)h(sp)r(ecial)f(securit)n(y)
g(services)f(are)g(not)i(imple-)565 4952 y(men)n(ted)g(on)h(eac)n(h)e
(DPE)h(no)r(de.)h(Examples)e(are)h(electronic)f(cash)h(supp)r(ort)h(or)
e(notary)565 5051 y(services.)p eop
%%Page: 13 13
13 12 bop 1139 419 a Fb(THE)26 b(CR)-5 b(YSTINA)25 b(SECURITY)h(AR)n
(CHITECTURE)575 b Fd(13)1136 1388 y @beginspecial @setspecial
%%BeginDocument: layers.epsss
/sf {96 158 div} def
/llx {-124} def
/lly {-593} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
/tgifdict 36 dict def 
tgifdict begin 
/tgifpatdict 10 dict def 
/tgifpatbyte 
{ currentdict /retstr get exch 
pat i cellsz mod get put 
} def 
/tgifpatproc 
{ 0 1 widthlim {tgifpatbyte} for retstr 
/i i 1 add def 
} def 
/tgifpatfill 
{ tgifpatdict begin 
/h exch def 
/w exch def 
/lty exch def 
/ltx exch def 
/cellsz exch def 
/pat exch def 
/widthlim w cellsz div cvi 1 sub def 
/retstr widthlim 1 add string def 
/i 0 def 
tgiforigctm setmatrix 
ltx lty translate 
w h true [1 0 0 1 0 0] {tgifpatproc} imagemask 
ltx neg lty neg translate 
end 
} def 
/pat3 <8000000008000000> def 
/pat4 <8800000022000000> def 
/pat5 <8800220088002200> def 
/pat6 <8822882288228822> def 
/pat7 <aa55aa55aa55aa55> def 
/pat8 <77dd77dd77dd77dd> def 
/pat9 <77ffddff77ffddff> def 
/pat10 <77ffffff77ffffff> def 
/pat11 <7fffffff7fffffff> def 
/pat12 <8040200002040800> def 
/pat13 <40a00000040a0000> def 
/pat14 <ff888888ff888888> def 
/pat15 <ff808080ff080808> def 
/pat16 <f87422478f172271> def 
/pat17 <038448300c020101> def 
/pat18 <081c22c180010204> def 
/pat19 <8080413e080814e3> def 
/pat20 <8040201008040201> def 
/pat21 <8844221188442211> def 
/pat22 <77bbddee77bbddee> def 
/pat23 <c1e070381c0e0783> def 
/pat24 <7fbfdfeff7fbfdfe> def 
/pat25 <3e1f8fc7e3f1f87c> def 
/pat26 <0102040810204080> def 
/pat27 <1122448811224488> def 
/pat28 <eeddbb77eeddbb77> def 
/pat29 <83070e1c3870e0c1> def 
/pat30 <fefdfbf7efdfbf7f> def 
/pat31 <7cf8f1e3c78f1f3e> def 
/tgifcentertext { dup stringwidth pop 2 div neg 0 rmoveto } def 
end 
tgifdict begin 
/tgifsavedpage save def 
1 setmiterlimit 
1 setlinewidth 
0 setgray 
72 0 mul 72 11.70 mul translate 
72 128 div 100.000 mul 100 div dup neg scale 
gsave 
/tgiforigctm matrix currentmatrix def 
% BOX 
0 setgray 
gsave 
newpath 
224 260 moveto 804 260 lineto 804 340 lineto 224 340 lineto 
closepath 1 setgray fill 
0 setgray 
newpath 
224 260 moveto 804 260 lineto 804 340 lineto 224 340 lineto 
closepath eoclip newpath 
pat5 8 216 256 592 88 tgifpatfill 
grestore 
gsave 
10 setmiterlimit 
gsave 
newpath 
224 260 moveto 804 260 lineto 804 340 lineto 224 340 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
gsave 
newpath 
224 340 moveto 804 340 lineto 804 440 lineto 224 440 lineto 
closepath 1 setgray fill 
0 setgray 
newpath 
224 340 moveto 804 340 lineto 804 440 lineto 224 440 lineto 
closepath eoclip newpath 
pat7 8 216 336 592 112 tgifpatfill 
grestore 
gsave 
10 setmiterlimit 
gsave 
newpath 
224 340 moveto 804 340 lineto 804 440 lineto 224 440 lineto 
closepath 
stroke 
grestore 
grestore 
% BOX 
0 setgray 
gsave 
10 setmiterlimit 
gsave 
newpath 
224 164 moveto 804 164 lineto 804 440 lineto 224 440 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
514 204 moveto (Applications) tgifcentertext show 
grestore 
% BOX 
0 setgray 
gsave 
newpath 
612 200 moveto 804 200 lineto 804 260 lineto 612 260 lineto 
closepath 1 setgray fill 
0 setgray 
newpath 
612 200 moveto 804 200 lineto 804 260 lineto 612 260 lineto 
closepath eoclip newpath 
pat3 8 608 192 200 72 tgifpatfill 
grestore 
gsave 
10 setmiterlimit 
gsave 
newpath 
612 200 moveto 804 200 lineto 804 260 lineto 612 260 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
708 228 moveto (Special) tgifcentertext show 
708 248 moveto (Security Services) tgifcentertext show 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
newpath 
224 340 moveto 
224 440 lineto 
440 440 lineto 
440 380 lineto 
548 380 lineto 
548 340 lineto 
224 340 lineto 
closepath 1 setgray eofill 
0 setgray 
newpath 
224 340 moveto 
224 440 lineto 
440 440 lineto 
440 380 lineto 
548 380 lineto 
548 340 lineto 
224 340 lineto 
closepath eoclip newpath 
pat6 8 224 336 328 104 tgifpatfill 
grestore 
gsave 
newpath 
224 340 moveto 
224 440 lineto 
440 440 lineto 
440 380 lineto 
548 380 lineto 
548 340 lineto 
224 340 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
grestore 
% POLY/OPEN-SPLINE 
0 setgray 
gsave 
[4 4] 0 setdash 
newpath 
440 380 moveto 
224 380 lineto 
tgiforigctm setmatrix 
1 setlinewidth 
stroke 
[] 0 setdash 
grestore 
% RCBOX 
0 setgray 
newpath 
624 316 moveto 624 336 lineto 384 336 lineto 384 316 lineto 
closepath 1 setgray fill 
0 setgray 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
504 332 moveto (DPE Security Mechanisms) tgifcentertext show 
grestore 
% RCBOX 
0 setgray 
newpath 
491 350 moveto 491 370 lineto 299 370 lineto 299 350 lineto 
closepath 1 setgray fill 
0 setgray 
% TEXT 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
395 366 moveto (Security Technology) tgifcentertext show 
grestore 
% TEXT 
0 setgray 
newpath 
456 388 moveto 786 388 lineto 786 431 lineto 456 431 lineto 
closepath 1 setgray fill 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
621 409 moveto (Common Cryptographic Mechanisms) tgifcentertext show 
621 427 moveto (\(protocols, algorithms\)) tgifcentertext show 
grestore 
% BOX 
0 setgray 
newpath 
244 389 moveto 420 389 lineto 420 433 lineto 244 433 lineto 
closepath 1 setgray fill 
0 setgray 
% TEXT 
0 setgray 
/Helvetica findfont [17 0 0 -17 0 0] makefont setfont 
gsave 
333 402 moveto (Security Technology ) tgifcentertext show 
333 417 moveto (Specific Cryptographic ) tgifcentertext show 
333 432 moveto (Mechanisms) tgifcentertext show 
grestore 
% BOX 
0 setgray 
gsave 
newpath 
272 260 moveto 760 260 lineto 760 312 lineto 272 312 lineto 
closepath 1 setgray fill 
0 setgray 
newpath 
272 260 moveto 760 260 lineto 760 312 lineto 272 312 lineto 
closepath eoclip newpath 
pat8 8 264 256 504 64 tgifpatfill 
grestore 
gsave 
10 setmiterlimit 
gsave 
newpath 
272 260 moveto 760 260 lineto 760 312 lineto 272 312 lineto 
closepath 
stroke 
grestore 
grestore 
% TEXT 
0 setgray 
newpath 
421 271 moveto 622 271 lineto 622 296 lineto 421 296 lineto 
closepath 1 setgray fill 
0 setgray 
/Helvetica findfont [20 0 0 -20 0 0] makefont setfont 
gsave 
522 292 moveto (DPE Security Services) tgifcentertext show 
grestore 
grestore 
tgifsavedpage restore 
end 
%MatchingCreationDate: Fri Nov 14 17:24:59 1997 
%%EndDocument
 @endspecial 1033 1587 a Fh(Figure)31 b(6)47 b Fg(La)n(y)n(ering)26
b(of)h(CrySTINA)h(securit)n(y)f(features)648 1863 y(Since)i(the)g(TINA)
g(DPE)g(is)g(pro)n(vided)e(b)n(y)i(CORBA)g(pro)r(ducts,)f(a)h(natural)f
(starting)565 1963 y(p)r(oin)n(t)35 b(for)f(the)i(TINA)g(securit)n(y)e
(arc)n(hitecture)g(is)h(the)g(CORBA)g(Securit)n(y)g(sp)r(eci\014ca-)565
2063 y(tion.)e(The)g(generalit)n(y)f(of)h(the)h(CORBA)f(Securit)n(y)g
(sp)r(eci\014cation)g(mak)n(es)f(it)i(suitable)565 2162
y(to)d(b)r(e)g(the)h(basis)f(of)g(securit)n(y)f(for)h(a)g(broad)f(sp)r
(ectrum)h(of)h(business)e(applications.)h(In)565 2262
y(some)h(resp)r(ects,)h(it)h(is)f(ev)n(en)g(more)g(general)f(than)h
(required,)g(and)g(it)h(is)f(questionable)565 2362 y(whether)22
b(this)g(ric)n(h)g(functionalit)n(y)g(is)g(necessary)f(for)h(certain)f
(families)i(of)f(applications,)565 2461 y(suc)n(h)31
b(as)h(telecomm)n(unication)f(services)g(based)h(on)g(the)g(TINA)h(arc)
n(hitecture.)e(Let)h(us)565 2561 y(consider,)e(for)g(instance,)h(the)g
(access)f(con)n(trol)g(sc)n(hemes)g(and)h(delegation)f(mo)r(dels)h(de-)
565 2660 y(scrib)r(ed)f(in)h(the)g(CORBA)g(Securit)n(y)f(sp)r
(eci\014cation.)h(TINA)g(service)f(comp)r(onen)n(ts)g(are)565
2760 y(implemen)n(ted)e(as)f(TINA)h(COs)f(or)g(CO)g(groups.)g(TINA)h
(COs)f(ma)n(y)g(ha)n(v)n(e)g(m)n(ultiple)h(in-)565 2860
y(terfaces,)22 b(as)h(opp)r(osed)g(to)g(CORBA)g(ob)5
b(jects,)23 b(whic)n(h)g(ha)n(v)n(e)f(exactly)h(one)g(in)n(terface.)g
(W)-7 b(e)565 2959 y(assume)35 b(that)i(eac)n(h)e(in)n(terface)h(of)g
(a)g(TINA)h(CO)f(will)g(b)r(e)h(implemen)n(ted)g(b)n(y)f(a)g(dedi-)565
3059 y(cated)d(CORBA)h(ob)5 b(ject,)34 b(and)g(th)n(us)g(eac)n(h)f
(TINA)i(CO)e(will)i(b)r(e)f(realized)f(as)g(a)h(set)g(of)565
3159 y(CORBA)23 b(ob)5 b(jects)22 b(\(Kitson)h(1995\).)f(Since)h(the)h
(functionalit)n(y)f(o\013ered)g(b)n(y)g(a)g(TINA)g(CO)565
3258 y(is)29 b(structured)f(in)n(to)h(in)n(terfaces)g(according)e(to)i
(the)h(coherence)e(of)h(subfunctionalities,)565 3358
y(access)e(con)n(trol)g(to)h(a)f(TINA)i(CO)f(can)g(b)r(e)h(applied)f
(at)g(the)h(gran)n(ularit)n(y)c(of)k(TINA)f(CO)565 3457
y(in)n(terfaces,)23 b(whic)n(h)g(means)h(that)g(w)n(e)g(only)f(need)h
(to)g(con)n(trol)e(access)h(to)h(whole)f(CORBA)565 3557
y(ob)5 b(jects.)29 b(F)-7 b(urthermore,)30 b(TINA)h(service)e(comp)r
(onen)n(ts)h(alw)n(a)n(ys)e(act)i(on)h(b)r(ehalf)f(of)h(the)565
3657 y(stak)n(eholder)20 b(that)j(o)n(wns)f(them,)h(therefore)f(it)h
(is)f(su\016cien)n(t)h(to)f(supp)r(ort)h(iden)n(tit)n(y)g(based)565
3756 y(access)j(con)n(trol)g(sc)n(hemes)h(at)h(the)g(target)e(side)i
(and)f(no)g(delegation)g(is)h(required.)648 3856 y(F)-7
b(or)20 b(other)g(asp)r(ects,)g(secure)g(in)n(terop)r(erabilit)n(y)f
(pro)n(vided)g(b)n(y)i(CORBA)f(securit)n(y)g(ma)n(y)565
3956 y(not)i(b)r(e)g(su\016cien)n(t)g(for)g(the)g(TINA)h(arc)n
(hitecture.)e(Secure)g(in)n(terop)r(eration)g(b)r(et)n(w)n(een)h(ob-)
565 4055 y(jects)32 b(dep)r(ends)g(on)g(the)h(mem)n(b)r(ership)f(of)g
(the)g(ob)5 b(jects)32 b(to)g(securit)n(y)f(p)r(olicy)h(domains,)565
4155 y(securit)n(y)c(tec)n(hnology)f(domains)i(and)f(ORB)h(tec)n
(hnology)f(domains.)g(W)-7 b(e)29 b(assume)g(that)565
4254 y(eac)n(h)22 b(TINA)h(administrativ)n(e)f(domain)h(is)g(mapp)r(ed)
g(on)n(to)f(one)h(securit)n(y)f(p)r(olicy)g(domain)565
4354 y(and)g(one)h(ORB)f(tec)n(hnology)g(domain,)g(and)h(that)g(eac)n
(h)f(b)r(oundary)g(b)r(et)n(w)n(een)h(TINA)h(ad-)565
4454 y(ministrativ)n(e)e(domains)g(is)h(also)f(a)h(b)r(oundary)f(b)r
(et)n(w)n(een)h(securit)n(y)f(tec)n(hnology)g(domains)565
4553 y(\(Staamann)40 b Fe(et)h(al)p Fg(.)g(1997\).)e(The)i(latter)f
(re\015ects)g(that)h(stak)n(eholders)d(with)j(v)-5 b(arious)565
4653 y(kinds)32 b(of)g(customer)f(premises)g(equipmen)n(t,)i(v)-5
b(arying)31 b(priorities)g(regarding)f(securit)n(y)-7
b(,)565 4753 y(and)37 b(under)h(p)r(ossibly)f(di\013eren)n(t)h
(national)f(la)n(ws)g(cannot)g(b)r(e)h(assumed)f(to)h(ha)n(v)n(e)f(the)
565 4852 y(same)d(securit)n(y)h(tec)n(hnologies.)f(In)n(terop)r
(erabilit)n(y)g(b)r(et)n(w)n(een)h(ob)5 b(jects)35 b(in)h(di\013eren)n
(t)g(se-)565 4952 y(curit)n(y)c(p)r(olicy)g(domains)g(can,)g(th)n(us,)h
(only)f(b)r(e)h(ac)n(hiev)n(ed)e(if)i(b)r(oth)g(domains)f(agree)f(on)
565 5051 y(a)k(common)h(securit)n(y)f(p)r(olicy)g(for)h(the)g(resp)r
(ectiv)n(e)f(in)n(teractions.)g(This)h(common)g(se-)p
eop
%%Page: 14 14
14 13 bop 565 419 a Fd(14)565 685 y Fg(curit)n(y)29 b(p)r(olicy)g(can)h
(b)r(e)g(negotiated)f(at)h(in)n(v)n(o)r(cation)e(time)i(or)f(in)h(adv)
-5 b(ance.)29 b(Ob)5 b(jects)30 b(in)565 784 y(di\013eren)n(t)i(ORB)f
(tec)n(hnology)f(domains)i(can)f(in)n(teract)g(securely)g(using)h(the)g
(SECIOP)-7 b(,)565 884 y(as)32 b(long)g(as)g(the)h(same)f(securit)n(y)g
(tec)n(hnology)f(is)i(used)f(at)h(b)r(oth)g(sides.)f(According)g(to)565
983 y(the)26 b(CORBA)g(Securit)n(y)g(sp)r(eci\014cation,)g(in)n
(teraction)f(of)h(ob)5 b(jects)26 b(in)h(di\013eren)n(t)f(securit)n(y)
565 1083 y(tec)n(hnology)32 b(domains)h(\(e.g.,)h(ob)5
b(jects)34 b(b)r(elonging)f(to)h(di\013eren)n(t)g(stak)n(eholders)e(in)
i(dif-)565 1183 y(feren)n(t)f(coun)n(tries\))f(requires)g(a)h(securit)n
(y)g(tec)n(hnology)e(gatew)n(a)n(y)-7 b(.)32 b(Ho)n(w)n(ev)n(er,)f
(this)j(ma)n(y)565 1282 y(cause)22 b(a)h(trust)g(problem,)g(b)r(ecause)
g(suc)n(h)g(a)g(gatew)n(a)n(y)e(cannot)i(b)r(e)h(realized)e(without)i
(the)565 1382 y(administrators)j(of)h(b)r(oth)i(securit)n(y)e(domains)g
(trusting)g(eac)n(h)g(other)h(or)f(a)g(third)h(part)n(y)565
1482 y(that)36 b(runs)h(the)g(gatew)n(a)n(y)-7 b(.)34
b(A)j(less)f(restrictiv)n(e)g(solution)g(that)h(is)f(not)h(supp)r
(orted)f(b)n(y)565 1581 y(CORBA)27 b(w)n(ould)g(b)r(e)h(to)g(negotiate)
e(the)i(securit)n(y)f(tec)n(hnology)-7 b(,)26 b(as)h(w)n(ell.)648
1681 y(Belo)n(w)37 b(in)i(Figure)f(7,)g(w)n(e)g(presen)n(t)g(our)f(mo)r
(del)i(of)f(securit)n(y)g(for)g(distributed)h(ob-)565
1780 y(ject)31 b(based)g(telecomm)n(unication)g(arc)n(hitectures,)f
(suc)n(h)h(as)g(TINA,)h(that)f(is)g(based)g(on)565 1880
y(the)e(CORBA)g(Securit)n(y)g(sp)r(eci\014cation)g(with)h(some)f(mo)r
(di\014cations)g(according)e(to)j(the)565 1980 y(observ)-5
b(ations)25 b(ab)r(o)n(v)n(e.)663 4213 y @beginspecial
@setspecial
%%BeginDocument: CrySTINASecModel.epsss
/sf {241 297 div} def
/llx {-0} def
/lly {-0} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
%Magnification: 1.05 
/$F2psDict 200 dict def 
$F2psDict begin 
$F2psDict /mtrx matrix put 
/col-1 {0 setgray} bind def 
/col0 {0.000 0.000 0.000 srgb} bind def 
/col1 {0.000 0.000 1.000 srgb} bind def 
/col2 {0.000 1.000 0.000 srgb} bind def 
/col3 {0.000 1.000 1.000 srgb} bind def 
/col4 {1.000 0.000 0.000 srgb} bind def 
/col5 {1.000 0.000 1.000 srgb} bind def 
/col6 {1.000 1.000 0.000 srgb} bind def 
/col7 {1.000 1.000 1.000 srgb} bind def 
/col8 {0.000 0.000 0.560 srgb} bind def 
/col9 {0.000 0.000 0.690 srgb} bind def 
/col10 {0.000 0.000 0.820 srgb} bind def 
/col11 {0.530 0.810 1.000 srgb} bind def 
/col12 {0.000 0.560 0.000 srgb} bind def 
/col13 {0.000 0.690 0.000 srgb} bind def 
/col14 {0.000 0.820 0.000 srgb} bind def 
/col15 {0.000 0.560 0.560 srgb} bind def 
/col16 {0.000 0.690 0.690 srgb} bind def 
/col17 {0.000 0.820 0.820 srgb} bind def 
/col18 {0.560 0.000 0.000 srgb} bind def 
/col19 {0.690 0.000 0.000 srgb} bind def 
/col20 {0.820 0.000 0.000 srgb} bind def 
/col21 {0.560 0.000 0.560 srgb} bind def 
/col22 {0.690 0.000 0.690 srgb} bind def 
/col23 {0.820 0.000 0.820 srgb} bind def 
/col24 {0.500 0.190 0.000 srgb} bind def 
/col25 {0.630 0.250 0.000 srgb} bind def 
/col26 {0.750 0.380 0.000 srgb} bind def 
/col27 {1.000 0.500 0.500 srgb} bind def 
/col28 {1.000 0.630 0.630 srgb} bind def 
/col29 {1.000 0.750 0.750 srgb} bind def 
/col30 {1.000 0.880 0.880 srgb} bind def 
/col31 {1.000 0.840 0.000 srgb} bind def 
end 
save 
-10.0 324.0 translate 
1 -1 scale 
/cp {closepath} bind def 
/ef {eofill} bind def 
/gr {grestore} bind def 
/gs {gsave} bind def 
/sa {save} bind def 
/rs {restore} bind def 
/l {lineto} bind def 
/m {moveto} bind def 
/rm {rmoveto} bind def 
/n {newpath} bind def 
/s {stroke} bind def 
/sh {show} bind def 
/slc {setlinecap} bind def 
/slj {setlinejoin} bind def 
/slw {setlinewidth} bind def 
/srgb {setrgbcolor} bind def 
/rot {rotate} bind def 
/sc {scale} bind def 
/sd {setdash} bind def 
/ff {findfont} bind def 
/sf {setfont} bind def 
/scf {scalefont} bind def 
/sw {stringwidth} bind def 
/tr {translate} bind def 
/tnt {dup dup currentrgbcolor 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} 
bind def 
/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 
4 -2 roll mul srgb} bind def 
/DrawEllipse { 
/endangle exch def 
/startangle exch def 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y tr xrad yrad sc 0 0 1 startangle endangle arc 
closepath 
savematrix setmatrix 
} def 
/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def 
/$F2psEnd {$F2psEnteredState restore end} def 
$F2psBegin 
10 setmiterlimit 
n 0 792 m 0 0 l 612 0 l 612 792 l cp clip 
0.06299 0.06299 sc 
7.500 slw 
% Polyline 
n 180 2790 m 630 900 l 630 1125 l 5805 1125 l 5805 900 l 6255 2790 l 
5805 4725 l 5805 4500 l 630 4500 l 630 4725 l 180 2790 l 
cp gs col-1 s gr 
% Polyline 
n 870 1575 m 765 1575 765 1965 105 arcto 4 {pop} repeat 
765 2070 1380 2070 105 arcto 4 {pop} repeat 
1485 2070 1485 1680 105 arcto 4 {pop} repeat 
1485 1575 870 1575 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
855 1710 m 
gs 1 -1 sc (Request) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
945 1875 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
810 2025 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Ellipse 
n 2421 1711 495 315 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2115 1620 m 
gs 1 -1 sc (Association) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2250 1785 m 
gs 1 -1 sc (Setup) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2205 1950 m 
gs 1 -1 sc (Service) col-1 sh gr 
% Ellipse 
n 3686 1399 540 135 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
3285 1440 m 
gs 1 -1 sc (Authentication) col-1 sh gr 
% Ellipse 
n 3779 1711 630 135 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
3240 1755 m 
gs 1 -1 sc (Policy Negotiation) col-1 sh gr 
% Ellipse 
n 3735 2025 540 135 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
3330 2070 m 
gs 1 -1 sc (Key Exchange) col-1 sh gr 
% Polyline 
n 5010 1575 m 4905 1575 4905 1965 105 arcto 4 {pop} repeat 
4905 2070 5520 2070 105 arcto 4 {pop} repeat 
5625 2070 5625 1680 105 arcto 4 {pop} repeat 
5625 1575 5010 1575 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4995 1710 m 
gs 1 -1 sc (Request) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5085 1875 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4950 2025 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Ellipse 
n 5220 675 229 229 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5040 720 m 
gs 1 -1 sc (Target) col-1 sh gr 
% Ellipse 
n 3111 3374 450 270 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2925 3240 m 
gs 1 -1 sc (Secure) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2925 3570 m 
gs 1 -1 sc (Service) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2835 3405 m 
gs 1 -1 sc (Invocation) col-1 sh gr 
% Ellipse 
n 2520 3915 585 135 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2115 3960 m 
gs 1 -1 sc (Confidentiality) col-1 sh gr 
% Ellipse 
n 3555 3915 315 135 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
3330 3960 m 
gs 1 -1 sc (Integrity) col-1 sh gr 
% Polyline 
n 870 3150 m 765 3150 765 3540 105 arcto 4 {pop} repeat 
765 3645 1380 3645 105 arcto 4 {pop} repeat 
1485 3645 1485 3255 105 arcto 4 {pop} repeat 
1485 3150 870 3150 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
855 3285 m 
gs 1 -1 sc (Message) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
945 3450 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
810 3615 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Polyline 
n 5010 3150 m 4905 3150 4905 3540 105 arcto 4 {pop} repeat 
4905 3645 5520 3645 105 arcto 4 {pop} repeat 
5625 3645 5625 3255 105 arcto 4 {pop} repeat 
5625 3150 5010 3150 105 arcto 4 {pop} repeat 
cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4995 3285 m 
gs 1 -1 sc (Message) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5085 3450 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4950 3615 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
% Ellipse 
n 2160 2880 630 225 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
1710 2880 m 
gs 1 -1 sc (Non-repudiation) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
1935 3045 m 
gs 1 -1 sc (Service) col-1 sh gr 
% Ellipse 
n 2835 2387 360 315 0 360 DrawEllipse gs col-1 s gr 
% Ellipse 
n 1130 687 229 229 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2655 2250 m 
gs 1 -1 sc (Access) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
990 765 m 
gs 1 -1 sc (Client) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2655 2415 m 
gs 1 -1 sc (Control) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2655 2580 m 
gs 1 -1 sc (Service) col-1 sh gr 
% Ellipse 
n 4275 2700 315 225 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4140 2655 m 
gs 1 -1 sc (Audit) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4095 2820 m 
gs 1 -1 sc (Service) col-1 sh gr 
% Polyline 
n 810 4590 m 5580 4590 l 5580 4860 l 810 4860 l cp gs col-1 s gr 
% Polyline 
n 810 4860 m 5580 4860 l 5580 5130 l 810 5130 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2565 4770 m 
gs 1 -1 sc (Security Technology) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2160 5040 m 
gs 1 -1 sc (Basic Protection & Communication) col-1 sh gr 
% Polyline 
n 810 4140 m 5580 4140 l 5580 4410 l 810 4410 l cp gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2835 4320 m 
gs 1 -1 sc (ORB Core) col-1 sh gr 
% Ellipse 
n 2790 1035 495 315 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2565 900 m 
gs 1 -1 sc (Security) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2565 1230 m 
gs 1 -1 sc (Services) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2430 1065 m 
gs 1 -1 sc (Management) col-1 sh gr 
% Polyline 
n 1890 1710 m 1485 1710 l gs col-1 s gr 
% Polyline 
n 2880 1575 m 3195 1440 l gs col-1 s gr 
% Polyline 
n 2925 1710 m 3150 1710 l gs col-1 s gr 
% Polyline 
n 2880 1845 m 3195 2025 l gs col-1 s gr 
% Polyline 
n 2655 3375 m 1485 3375 l gs col-1 s gr 
% Polyline 
n 3555 3375 m 4905 3375 l gs col-1 s gr 
% Polyline 
n 2790 2880 m 4905 2025 l gs col-1 s gr 
% Polyline 
n 1440 2070 m 1755 2700 l gs col-1 s gr 
% Polyline 
n 2700 1980 m 2745 2070 l gs col-1 s gr 
% Polyline 
n 3015 3645 m 2925 3825 l gs col-1 s gr 
% Polyline 
n 3240 3645 m 3330 3825 l gs col-1 s gr 
% Polyline 
[66.7] 0 sd 
n 2790 2880 m 3960 2700 l gs col-1 s gr [] 0 sd 
% Polyline 
[66.7] 0 sd 
n 3465 3195 m 4005 2790 l gs col-1 s gr [] 0 sd 
% Polyline 
[66.7] 0 sd 
n 2835 1890 m 4005 2610 l gs col-1 s gr [] 0 sd 
% Polyline 
gs clippath 
1110 1428 m 1080 1548 l 1050 1428 l 1050 1590 l 1110 1590 l cp clip 
n 1080 945 m 1080 1575 l gs col-1 s gr gr 
% arrowhead 
n 1110 1428 m 1080 1548 l 1050 1428 l 1080 1428 l 1110 1428 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1110 3003 m 1080 3123 l 1050 3003 l 1050 3165 l 1110 3165 l cp clip 
n 1080 2070 m 1080 3150 l gs col-1 s gr gr 
% arrowhead 
n 1110 3003 m 1080 3123 l 1050 3003 l 1080 3003 l 1110 3003 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1110 3993 m 1080 4113 l 1050 3993 l 1050 4155 l 1110 4155 l cp clip 
n 1080 3645 m 1080 4140 l gs col-1 s gr gr 
% arrowhead 
n 1110 3993 m 1080 4113 l 1050 3993 l 1080 3993 l 1110 3993 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1140 1092 m 1170 972 l 1200 1092 l 1200 930 l 1140 930 l cp clip 
n 1170 945 m 1170 1575 l gs col-1 s gr gr 
% arrowhead 
n 1140 1092 m 1170 972 l 1200 1092 l 1170 1092 l 1140 1092 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1140 2217 m 1170 2097 l 1200 2217 l 1200 2055 l 1140 2055 l cp clip 
n 1170 2070 m 1170 3150 l gs col-1 s gr gr 
% arrowhead 
n 1140 2217 m 1170 2097 l 1200 2217 l 1170 2217 l 1140 2217 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
1140 3792 m 1170 3672 l 1200 3792 l 1200 3630 l 1140 3630 l cp clip 
n 1170 3645 m 1170 4140 l gs col-1 s gr gr 
% arrowhead 
n 1140 3792 m 1170 3672 l 1200 3792 l 1170 3792 l 1140 3792 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5145 1092 m 5175 972 l 5205 1092 l 5205 930 l 5145 930 l cp clip 
n 5175 945 m 5175 1575 l gs col-1 s gr gr 
% arrowhead 
n 5145 1092 m 5175 972 l 5205 1092 l 5175 1092 l 5145 1092 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5295 1428 m 5265 1548 l 5235 1428 l 5235 1590 l 5295 1590 l cp clip 
n 5265 945 m 5265 1575 l gs col-1 s gr gr 
% arrowhead 
n 5295 1428 m 5265 1548 l 5235 1428 l 5265 1428 l 5295 1428 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5145 2217 m 5175 2097 l 5205 2217 l 5205 2055 l 5145 2055 l cp clip 
n 5175 2070 m 5175 3150 l gs col-1 s gr gr 
% arrowhead 
n 5145 2217 m 5175 2097 l 5205 2217 l 5175 2217 l 5145 2217 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5145 3792 m 5175 3672 l 5205 3792 l 5205 3630 l 5145 3630 l cp clip 
n 5175 3645 m 5175 4140 l gs col-1 s gr gr 
% arrowhead 
n 5145 3792 m 5175 3672 l 5205 3792 l 5175 3792 l 5145 3792 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5295 3993 m 5265 4113 l 5235 3993 l 5235 4155 l 5295 4155 l cp clip 
n 5265 3645 m 5265 4140 l gs col-1 s gr gr 
% arrowhead 
n 5295 3993 m 5265 4113 l 5235 3993 l 5265 3993 l 5295 3993 l cp gs 0.00 setgray ef gr col-1 s 
% Polyline 
gs clippath 
5295 3003 m 5265 3123 l 5235 3003 l 5235 3165 l 5295 3165 l cp clip 
n 5265 2070 m 5265 3150 l gs col-1 s gr gr 
% arrowhead 
n 5295 3003 m 5265 3123 l 5235 3003 l 5265 3003 l 5295 3003 l cp gs 0.00 setgray ef gr col-1 s 
$F2psEnd 
rs 
%%EndDocument
 @endspecial 1225 4412 a Fh(Figure)32 b(7)47 b Fg(CrySTINA)28
b(Mo)r(del)f(of)h(Securit)n(y)648 4653 y(When)20 b(a)g(clien)n(t)h(in)n
(v)n(ok)n(es)d(an)i(op)r(eration)f(on)h(a)g(target)g(ob)5
b(ject,)20 b(a)g(request)g(and)g(in)g(most)565 4753 y(cases)33
b(a)g(reply)h(are)f(passed)h(b)r(et)n(w)n(een)g(them.)h(According)e(to)
h(the)h(CORBA)f(Securit)n(y)565 4852 y(sp)r(eci\014cation)f(and)h
(based)g(on)g(the)g(observ)-5 b(ation)33 b(of)h(v)-5
b(arious)33 b(CORBA)h(implemen)n(ta-)565 4952 y(tions,)h(w)n(e)f
(assume)h(that)g(the)h(request)e(and)h(the)h(reply)e(can)h(b)r(e)h(in)n
(tercepted)f(at)g(t)n(w)n(o)565 5051 y(lev)n(els:)25
b(at)h(the)g(request)f(lev)n(el,)h(where)g(w)n(e)f(ha)n(v)n(e)g(access)
g(to)h(the)g(request)f(and)h(the)h(reply)p eop
%%Page: 15 15
15 14 bop 1287 419 a Fb(IMPLEMENT)-5 b(A)g(TION)25 b(OF)h(THE)g(MODEL)
721 b Fd(15)565 685 y Fg(as)25 b(structured)g(data,)g(and)h(at)f(the)h
(message)e(lev)n(el,)i(where)f(the)h(request)f(and)g(the)i(reply)565
784 y(are)g(a)n(v)-5 b(ailable)26 b(as)i(an)g(unstructured)f(bu\013er)i
(con)n(taining)e(the)h(resp)r(ectiv)n(e)f(messages)g(in)565
884 y(a)k(serialized)g(form.)g(These)h(t)n(w)n(o)f(lev)n(els)g(of)h(in)
n(terceptions)f(are)g(v)n(ery)g(w)n(ell)h(adapted)f(to)565
983 y(supp)r(ort)d(the)h(enforcemen)n(t)e(of)i(securit)n(y)-7
b(,)27 b(since)i(some)e(of)i(the)g(securit)n(y)e(services)g(\(e.g.,)565
1083 y(access)c(con)n(trol\))h(can)h(b)r(est)g(b)r(e)h(p)r(erformed)e
(on)h(structured)g(requests)f(where)g(the)i(infor-)565
1183 y(mation)j(ab)r(out)h(the)g(in)n(v)n(olv)n(ed)f(principals)g(and)h
(the)g(op)r(eration)f(is)h(directly)f(a)n(v)-5 b(ailable,)565
1282 y(while)21 b(other)g(securit)n(y)g(functions)h(\(e.g.,)f
(encryption\))h(can)f(more)f(naturally)h(b)r(e)h(applied)565
1382 y(to)27 b(unstructured)g(ra)n(w)g(data.)648 1482
y(Eac)n(h)18 b(request)h(is)h(in)n(tercepted)f(b)n(y)h(the)g(request)f
(lev)n(el)g(in)n(terceptor)g(at)g(the)h(clien)n(t)g(side.)565
1581 y(If)32 b(there)g(is)g(no)g(securit)n(y)g(asso)r(ciation)e
(established)i(b)r(et)n(w)n(een)g(this)h(clien)n(t)f(and)g(target)565
1681 y(ob)5 b(ject,)33 b(then)h(the)f(Securit)n(y)g(Asso)r(ciation)g
(Setup)h(Service)e(is)i(called)f(and)g(a)g(securit)n(y)565
1780 y(asso)r(ciation)c(is)h(established)h(b)r(et)n(w)n(een)g(them.)g
(This)g(means)f(m)n(utual)h(authen)n(tication,)565 1880
y(securit)n(y)23 b(p)r(olicy)h(negotiation,)f(and)h(exc)n(hange)f(of)h
(securit)n(y)f(related)h(parameters)e(\(e.g.,)565 1980
y(cryptographic)f(k)n(eys,)j(initialization)f(v)n(ectors,)g(etc.\).)h
(The)g(Securit)n(y)g(Asso)r(ciation)f(Ser-)565 2079 y(vice)31
b(uses)g(the)g(iden)n(tit)n(y)h(information)f(of)g(the)h(stak)n
(eholder)d(that)j(o)n(wns)f(the)g(clien)n(t)h(in)565
2179 y(the)27 b(authen)n(tication)f(pro)r(cess.)g(Based)g(on)g(the)h
(authen)n(ticated)g(iden)n(tit)n(y)g(of)g(the)g(clien)n(t,)565
2279 y(access)36 b(con)n(trol)h(on)h(the)g(target)f(ob)5
b(ject)38 b(can)f(b)r(e)i(p)r(erformed)e(in)h(this)h(phase.)e(If)i(the)
565 2378 y(access)31 b(is)h(not)h(allo)n(w)n(ed,)e(then)i(the)g(asso)r
(ciation)e(is)i(not)f(established)g(at)h(all,)f(and)h(the)565
2478 y(clien)n(t)c(is)g(noti\014ed)h(\(e.g,)f(an)h(exception)f(is)g
(raised\).)g(An)h(established)f(securit)n(y)f(asso)r(ci-)565
2577 y(ation)g(is)h(represen)n(ted)f(b)n(y)g(securit)n(y)g(con)n(text)h
(information)f(on)h(b)r(oth)g(sides.)g(Then)g(the)565
2677 y(request)e(is)h(pro)r(cessed)f(further)h(according)e(to)i(the)h
(negotiated)e(securit)n(y)g(p)r(olicy)h(\(e.g.,)565 2777
y(the)g(Non-repudiation)e(Service)h(is)g(called,)h(if)g(it)g(is)f
(mandated\).)648 2876 y(On)h(its)h(w)n(a)n(y)e(to)h(the)h(net)n(w)n
(ork,)e(the)i(request)f(is)h(in)n(tercepted)f(b)n(y)g(the)h(message)f
(lev)n(el)565 2976 y(in)n(terceptor)k(as)h(w)n(ell,)g(whic)n(h)h(calls)
f(the)h(Secure)f(In)n(v)n(o)r(cation)f(Service.)h(According)f(to)565
3076 y(the)j(negotiated)g(securit)n(y)f(p)r(olicy)-7
b(,)36 b(in)n(tegrit)n(y)e(and/or)g(con\014den)n(tialit)n(y)h
(protection)f(is)565 3175 y(applied)22 b(using)g(the)g(securit)n(y)g
(con)n(text)g(information)f(established)h(b)r(efore.)g(The)h(request)
565 3275 y(is)k(then)h(passed)f(to)g(the)h(ORB)f(Core,)f(whic)n(h)i
(transfers)e(it)i(to)f(the)h(target)e(side.)i(A)n(t)g(the)565
3374 y(target)21 b(side,)i(the)g(applied)g(services)f(are)g(called)g
(in)h(rev)n(erse)e(order)g(\(with)j(the)f(exception)565
3474 y(of)33 b(the)h(Securit)n(y)f(Asso)r(ciation)f(Setup)i(Service,)f
(since)g(the)h(asso)r(ciation)e(has)h(already)565 3574
y(b)r(een)28 b(established\).)648 3673 y(Eac)n(h)h(service)h(can)g
(call)g(the)h(Audit)h(Service,)e(if)h(an)f(ev)n(en)n(t)h(o)r(ccurs)e
(that)i(should)g(b)r(e)565 3773 y(audited)40 b(\(e.g.,)g(an)f(in)n
(tegrit)n(y)g(violation)g(has)g(b)r(een)i(detected\).)f(The)g(placemen)
n(t)g(of)565 3873 y(Securit)n(y)26 b(Managemen)n(t)h(Services)f(at)h
(the)h(edge)f(of)g(the)h(ORB)f(system)g(indicates)g(that)565
3972 y(these)e(services)f(are)g(usually)h(called)g(b)n(y)g(managemen)n
(t)g(applications)f(on)h(b)r(ehalf)h(of)g(the)565 4072
y(securit)n(y)g(administrator.)565 4454 y Ff(6)91 b(IMPLEMENT)-8
b(A)g(TION)30 b(OF)h(THE)f(MODEL)565 4653 y Fg(In)g(the)h(follo)n
(wing,)f(w)n(e)g(discuss)g(an)h(ob)5 b(ject-orien)n(ted)29
b(implemen)n(tation)h(of)h(the)g(mo)r(del)565 4753 y(describ)r(ed)e(ab)
r(o)n(v)n(e.)g(Figure)g(8)g(sho)n(ws)g(this)h(implemen)n(tation.)g(The)
g(Securit)n(y)f(Asso)r(cia-)565 4852 y(tion)c(Setup)h(Service,)f(the)g
(Audit)h(Service,)f(and)g(the)h(Securit)n(y)f(Managemen)n(t)f(Services)
565 4952 y(are)c(realized)h(b)n(y)g(a)g(Domain)h(Securit)n(y)f(Manager)
f(ob)5 b(ject)21 b(as)g(an)h(indep)r(enden)n(t)g(CORBA)565
5051 y(service.)k(The)i(Domain)f(Securit)n(y)g(Manager)f(ob)5
b(ject)28 b(pro)n(vides)e(in)n(terfaces)p eop
%%Page: 16 16
16 15 bop 565 419 a Fd(16)563 685 y Fa(\017)41 b Fg(to)29
b(applications,)e(through)h(whic)n(h)g(they)h(can)f(request)g(the)h
(setup)g(of)f(new)h(securit)n(y)664 784 y(asso)r(ciations,)i(get)h
(established)g(con)n(text)g(information,)g(and)g(set)g(securit)n(y)g
(prefer-)664 884 y(ences)27 b(that)h(are)f(not)g(con\015icting)h(with)g
(the)g(domain)f(securit)n(y)g(p)r(olicy)-7 b(,)563 983
y Fa(\017)41 b Fg(to)35 b(other)g(Domain)g(Securit)n(y)g(Manager)f(ob)5
b(jects,)34 b(through)h(whic)n(h)g(they)h(can)f(au-)664
1083 y(then)n(ticate)28 b(eac)n(h)f(other,)g(negotiate)g(p)r(olicies)g
(and)g(exc)n(hange)f(k)n(eys,)h(and)563 1183 y Fa(\017)41
b Fg(to)36 b(managemen)n(t)f(applications,)g(through)g(whic)n(h)h(they)
g(can)g(manage)f(creden)n(tial)664 1282 y(and)28 b(p)r(olicy)f(ob)5
b(jects.)565 1565 y(The)25 b(Domain)h(Securit)n(y)f(Manager)f(ob)5
b(ject)25 b(is)h(unique)g(in)g(eac)n(h)f(domain)g(and)g(a)n(v)-5
b(ailable)565 1664 y(to)20 b(all)g(applications)g(in)h(the)g(domain.)f
(The)g(established)h(securit)n(y)e(asso)r(ciation)g(b)r(et)n(w)n(een)
565 1764 y(a)26 b(clien)n(t)g(and)g(a)h(target)e(ob)5
b(ject)26 b(is)h(represen)n(ted)e(b)n(y)h(the)h(Securit)n(y)f(Con)n
(text)g(ob)5 b(jects)26 b(at)565 1863 y(the)d(clien)n(t)h(and)f(the)h
(target)f(side)g(that)h(are)e(lo)r(cal)h(to)g(the)h(clien)n(t)g(and)f
(the)h(target.)e(These)565 1963 y(Con)n(text)g(ob)5 b(jects)23
b(con)n(tain)g(all)f(the)i(information)e(of)i(the)f(asso)r(ciation)f
(and)h(pro)n(vide)f(the)565 2063 y(Secure)k(In)n(v)n(o)r(cation)g(and)h
(Non-repudiation)f(Services.)g(Access)h(con)n(trol)f(is)h(p)r(erformed)
565 2162 y(explicitly)21 b(at)h(asso)r(ciation)e(setup)h(time,)h
(therefore)f(it)h(do)r(es)f(not)h(ha)n(v)n(e)e(to)i(b)r(e)g(p)r
(erformed)565 2262 y(b)n(y)k(the)h(Con)n(text)f(ob)5
b(jects.)27 b(Access)f(con)n(trol)f(is)i(implicitly)g(pro)n(vided)f
(for)g(eac)n(h)g(in)n(v)n(o)r(ca-)565 2362 y(tion)j(within)h(a)f
(securit)n(y)f(asso)r(ciation)g(b)n(y)h(the)g(iden)n(ti\014cation)h(of)
f(the)g(clien)n(t.)h(In)f(order)565 2461 y(to)34 b(iden)n(tify)h(the)h
(righ)n(t)e(lo)r(cal)g(Con)n(text)g(ob)5 b(ject)35 b(that)g(should)g(b)
r(e)g(applied)f(to)h(handle)565 2561 y(the)h(curren)n(t)g(in)n(v)n(o)r
(cation,)f(w)n(e)i(require)e(a)h(Lo)r(cal)g(Con)n(text)g(Manager)f(ob)5
b(ject,)36 b(whic)n(h)565 2660 y(manages)h(the)i(v)-5
b(arious)38 b(lo)r(cal)g(Con)n(texts.)g(The)h(Lo)r(cal)f(Con)n(text)h
(Manager)e(requests)565 2760 y(the)g(asso)r(ciation)e(establishmen)n(t)
i(and)g(do)n(wnloads)e(the)j(con)n(text)e(information)g(from)565
2860 y(the)26 b(Domain)h(Securit)n(y)f(Manager.)f(The)h(Con)n(text)h
(and)f(the)h(Lo)r(cal)f(Con)n(text)g(Manager)565 2959
y(ob)5 b(jects)27 b(are)f(not)i(CORBA)f(ob)5 b(jects,)27
b(they)h(do)g(not)f(ha)n(v)n(e)g(visible)g(in)n(terfaces.)648
3059 y(Let)f(us)h(no)n(w)f(lo)r(ok)g(again)f(and)i(in)g(more)e(detail)i
(at)g(ho)n(w)f(this)h(implemen)n(tation)f(real-)565 3159
y(izes)h(the)h(CrySTINA)g(mo)r(del)g(b)n(y)f(tracing)g(a)g(secure)g(ob)
5 b(ject)28 b(in)n(v)n(o)r(cation.)e(The)i(clien)n(t's)565
3258 y(request)f(is)h(in)n(tercepted)g(b)n(y)f(the)i(request)e(lev)n
(el)h(in)n(terceptor)f(at)h(the)g(clien)n(t)g(side.)g(This)565
3358 y(in)n(terceptor)36 b(in)n(v)n(ok)n(es)f(the)j(Lo)r(cal)e(Con)n
(text)h(Manager)e(to)i(obtain)g(the)h(con)n(text)f(that)565
3457 y(should)h(b)r(e)h(applied)f(to)g(the)h(request.)f(If)h(there)f
(is)g(a)g(con)n(text)g(already)f(established)565 3557
y(b)r(et)n(w)n(een)23 b(this)h(clien)n(t)g(and)g(target,)f(then)h(the)g
(Lo)r(cal)f(Con)n(text)h(Manager)e(returns)h(a)g(ref-)565
3657 y(erence)g(to)h(it.)g(If)h(there)f(is)f(no)h(suc)n(h)g(con)n
(text,)g(then)g(the)g(Lo)r(cal)g(Con)n(text)f(Manager)g(calls)565
3756 y(the)d(Domain)g(Securit)n(y)f(Manager)f(to)i(establish)g(one.)f
(The)h(Domain)g(Securit)n(y)g(Manager)565 3856 y(ob)5
b(ject)29 b(uses)g(the)h(iden)n(tit)n(y)g(information)f(of)g(the)h
(stak)n(eholder)e(that)i(o)n(wnes)f(the)h(clien)n(t)565
3956 y(in)i(the)g(con)n(text)f(establishmen)n(t)h(pro)r(cess.)e(This)i
(information)f(is)h(stored)f(in)h(the)g(Cre-)565 4055
y(den)n(tials)d(ob)5 b(ject.)29 b(Once)h(the)g(con)n(text)f(is)h
(established,)f(the)h(Lo)r(cal)f(Con)n(text)h(Manager)565
4155 y(do)n(wnloads)e(it,)i(and)g(returns)f(a)h(reference)f(for)g(it)i
(to)e(the)i(request)e(lev)n(el)g(in)n(terceptors.)565
4254 y(Explicit)g(access)f(con)n(trol)g(is)h(p)r(erformed)g(b)n(y)g
(the)h(Domain)f(Securit)n(y)g(Manager)f(in)i(the)565
4354 y(asso)r(ciation)25 b(establishmen)n(t)h(phase.)g(Access)g(is)h
(allo)n(w)n(ed)e(or)h(denied)h(at)f(ob)5 b(ject)27 b(gran)n(u-)565
4454 y(larit)n(y)20 b(lev)n(el.)h(If)g(access)f(is)h(allo)n(w)n(ed,)f
(then)i(the)g(asso)r(ciation)d(is)j(established)e(b)r(et)n(w)n(een)i
(the)565 4553 y(clien)n(t)29 b(and)g(the)h(target,)f(and)g(the)h(Lo)r
(cal)e(Con)n(text)h(Manager)f(returns)h(a)g(reference)f(to)565
4653 y(the)j(appropriate)e(Con)n(text)i(ob)5 b(ject;)31
b(otherwise)f(no)g(asso)r(ciation)g(is)g(established,)h(and)565
4753 y(the)24 b(Lo)r(cal)f(Con)n(text)h(Manager)e(raises)h(an)h
(exception.)g(When)g(the)h(request)e(lev)n(el)h(in)n(ter-)565
4852 y(ceptor)g(obtains)h(the)g(reference)g(to)g(the)g(Con)n(text)g(ob)
5 b(ject,)25 b(it)h(calls)f(it)g(with)h(the)g(request)565
4952 y(as)31 b(the)i(parameter.)e(The)h(Con)n(text)g(ob)5
b(ject)32 b(will)h(p)r(erform)e(the)i(required)e(services)g(on)565
5051 y(the)d(request)e(\(e.g.,)i(non-repudiation)e(of)i(origin\))f
(according)f(to)h(the)h(securit)n(y)f(p)r(olicy)-7 b(.)p
eop
%%Page: 17 17
17 16 bop 1287 419 a Fb(IMPLEMENT)-5 b(A)g(TION)25 b(OF)h(THE)g(MODEL)
721 b Fd(17)622 2475 y @beginspecial @setspecial
%%BeginDocument: ObjModel.epsss
/sf {227 323 div} def
/llx {-0} def
/lly {-0} def
/vx {llx sf mul} def
/vy {lly sf mul} def
vx vy translate
sf sf scale
%Magnification: 1.05 
/$F2psDict 200 dict def 
$F2psDict begin 
$F2psDict /mtrx matrix put 
/col-1 {0 setgray} bind def 
/col0 {0.000 0.000 0.000 srgb} bind def 
/col1 {0.000 0.000 1.000 srgb} bind def 
/col2 {0.000 1.000 0.000 srgb} bind def 
/col3 {0.000 1.000 1.000 srgb} bind def 
/col4 {1.000 0.000 0.000 srgb} bind def 
/col5 {1.000 0.000 1.000 srgb} bind def 
/col6 {1.000 1.000 0.000 srgb} bind def 
/col7 {1.000 1.000 1.000 srgb} bind def 
/col8 {0.000 0.000 0.560 srgb} bind def 
/col9 {0.000 0.000 0.690 srgb} bind def 
/col10 {0.000 0.000 0.820 srgb} bind def 
/col11 {0.530 0.810 1.000 srgb} bind def 
/col12 {0.000 0.560 0.000 srgb} bind def 
/col13 {0.000 0.690 0.000 srgb} bind def 
/col14 {0.000 0.820 0.000 srgb} bind def 
/col15 {0.000 0.560 0.560 srgb} bind def 
/col16 {0.000 0.690 0.690 srgb} bind def 
/col17 {0.000 0.820 0.820 srgb} bind def 
/col18 {0.560 0.000 0.000 srgb} bind def 
/col19 {0.690 0.000 0.000 srgb} bind def 
/col20 {0.820 0.000 0.000 srgb} bind def 
/col21 {0.560 0.000 0.560 srgb} bind def 
/col22 {0.690 0.000 0.690 srgb} bind def 
/col23 {0.820 0.000 0.820 srgb} bind def 
/col24 {0.500 0.190 0.000 srgb} bind def 
/col25 {0.630 0.250 0.000 srgb} bind def 
/col26 {0.750 0.380 0.000 srgb} bind def 
/col27 {1.000 0.500 0.500 srgb} bind def 
/col28 {1.000 0.630 0.630 srgb} bind def 
/col29 {1.000 0.750 0.750 srgb} bind def 
/col30 {1.000 0.880 0.880 srgb} bind def 
/col31 {1.000 0.840 0.000 srgb} bind def 
end 
save 
-21.0 336.0 translate 
1 -1 scale 
/cp {closepath} bind def 
/ef {eofill} bind def 
/gr {grestore} bind def 
/gs {gsave} bind def 
/sa {save} bind def 
/rs {restore} bind def 
/l {lineto} bind def 
/m {moveto} bind def 
/rm {rmoveto} bind def 
/n {newpath} bind def 
/s {stroke} bind def 
/sh {show} bind def 
/slc {setlinecap} bind def 
/slj {setlinejoin} bind def 
/slw {setlinewidth} bind def 
/srgb {setrgbcolor} bind def 
/rot {rotate} bind def 
/sc {scale} bind def 
/sd {setdash} bind def 
/ff {findfont} bind def 
/sf {setfont} bind def 
/scf {scalefont} bind def 
/sw {stringwidth} bind def 
/tr {translate} bind def 
/tnt {dup dup currentrgbcolor 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add 
4 -2 roll dup 1 exch sub 3 -1 roll mul add srgb} 
bind def 
/shd {dup dup currentrgbcolor 4 -2 roll mul 4 -2 roll mul 
4 -2 roll mul srgb} bind def 
/DrawEllipse { 
/endangle exch def 
/startangle exch def 
/yrad exch def 
/xrad exch def 
/y exch def 
/x exch def 
/savematrix mtrx currentmatrix def 
x y tr xrad yrad sc 0 0 1 startangle endangle arc 
closepath 
savematrix setmatrix 
} def 
/$F2psBegin {$F2psDict begin /$F2psEnteredState save def} def 
/$F2psEnd {$F2psEnteredState restore end} def 
$F2psBegin 
10 setmiterlimit 
n 0 792 m 0 0 l 612 0 l 612 792 l cp clip 
0.06299 0.06299 sc 
7.500 slw 
% Polyline 
n 4950 3525 m 5100 3750 l gs col-1 s gr 
% Polyline 
n 1275 3450 m 1425 3600 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2400 1800 m 
gs 1 -1 sc (Domain) col-1 sh gr 
% Ellipse 
n 2643 826 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 2642 753 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 2652 675 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2325 750 m 
gs 1 -1 sc (Credentials) col-1 sh gr 
% Ellipse 
n 2250 1275 301 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 2250 1200 301 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 2250 1125 301 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2025 1200 m 
gs 1 -1 sc (Policies) col-1 sh gr 
% Ellipse 
n 1824 3699 450 225 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
1650 3675 m 
gs 1 -1 sc (Current) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
1650 3840 m 
gs 1 -1 sc (Context) col-1 sh gr 
% Ellipse 
n 3225 3975 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 3225 3900 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 3225 3825 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
3000 3900 m 
gs 1 -1 sc (Contexts) col-1 sh gr 
% Ellipse 
n 2625 3300 375 375 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2475 3150 m 
gs 1 -1 sc (Local) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2400 3315 m 
gs 1 -1 sc (Context) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2400 3480 m 
gs 1 -1 sc (Manager) col-1 sh gr 
% Ellipse 
n 985 2438 270 270 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
825 2475 m 
gs 1 -1 sc (Client) col-1 sh gr 
% Ellipse 
n 3150 1275 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 3150 1200 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 3150 1125 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2925 1200 m 
gs 1 -1 sc (Contexts) col-1 sh gr 
% Ellipse 
n 4950 1275 300 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 4950 1200 300 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 4950 1125 300 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4725 1200 m 
gs 1 -1 sc (Policies) col-1 sh gr 
% Ellipse 
n 5850 1275 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 5850 1200 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 5850 1125 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5625 1200 m 
gs 1 -1 sc (Contexts) col-1 sh gr 
% Ellipse 
n 5325 1950 375 375 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5100 2130 m 
gs 1 -1 sc (Manager) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5100 1965 m 
gs 1 -1 sc (Security) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5100 1800 m 
gs 1 -1 sc (Domain) col-1 sh gr 
% Ellipse 
n 5343 826 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 5342 753 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 5352 675 450 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5025 750 m 
gs 1 -1 sc (Credentials) col-1 sh gr 
% Ellipse 
n 4800 3600 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 4800 3525 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
% Ellipse 
n 4800 3450 375 150 0 360 DrawEllipse gs col7 1.00 shd ef gr gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
4575 3525 m 
gs 1 -1 sc (Contexts) col-1 sh gr 
% Ellipse 
n 5325 4050 375 375 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5175 3900 m 
gs 1 -1 sc (Local) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5100 4065 m 
gs 1 -1 sc (Context) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5100 4230 m 
gs 1 -1 sc (Manager) col-1 sh gr 
% Ellipse 
n 6985 2363 270 270 0 360 DrawEllipse gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6825 2400 m 
gs 1 -1 sc (Target) col-1 sh gr 
% Ellipse 
n 6099 3624 450 225 0 360 DrawEllipse gs col-1 s gr 
% Polyline 
n 6975 4350 m 6975 4650 l gs col-1 s gr 
% Polyline 
n 5325 3675 m 5325 2325 l gs col-1 s gr 
% Polyline 
n 5325 1575 m 5325 975 l gs col-1 s gr 
% Ellipse 
n 2625 1950 375 375 0 360 DrawEllipse gs col-1 s gr 
% Polyline 
n 5550 1650 m 5700 1425 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
750 1275 m 
gs 1 -1 sc (Manager) col5 sh gr 
% Polyline 
n 5100 1650 m 4950 1425 l gs col-1 s gr 
% Polyline 
[66.7] 0 sd 
n 4350 375 m 6375 375 l 6375 2475 l 4350 2475 l cp gs col-1 s gr [] 0 sd 
% Polyline 
n 6525 3525 m 6675 3375 l gs col-1 s gr 
% Polyline 
n 6525 3750 m 6675 3900 l gs col-1 s gr 
% Polyline 
n 6975 2625 m 6975 2925 l gs col-1 s gr 
% Polyline 
n 6975 3450 m 6975 3825 l gs col-1 s gr 
% Polyline 
n 5700 4050 m 6600 4050 l gs col-1 s gr 
% Polyline 
n 5625 3825 m 5700 3750 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2400 2130 m 
gs 1 -1 sc (Manager) col-1 sh gr 
% Polyline 
n 6705 2925 m 6600 2925 6600 3345 105 arcto 4 {pop} repeat 
6600 3450 7245 3450 105 arcto 4 {pop} repeat 
7350 3450 7350 3030 105 arcto 4 {pop} repeat 
7350 2925 6705 2925 105 arcto 4 {pop} repeat 
cp gs col7 1.00 shd ef gr gs col-1 s gr 
% Polyline 
n 6705 3825 m 6600 3825 6600 4245 105 arcto 4 {pop} repeat 
6600 4350 7245 4350 105 arcto 4 {pop} repeat 
7350 4350 7350 3930 105 arcto 4 {pop} repeat 
7350 3825 6705 3825 105 arcto 4 {pop} repeat 
cp gs col7 1.00 shd ef gr gs col-1 s gr 
% Polyline 
n 4095 4860 m 4275 4500 l 4275 4680 l 7425 4680 l 7425 4500 l 7605 4860 l 
7425 5220 l 7425 5040 l 4275 5040 l 4275 5220 l 4095 4860 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5925 3600 m 
gs 1 -1 sc (Current) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5925 3765 m 
gs 1 -1 sc (Context) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6750 3975 m 
gs 1 -1 sc (Message) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6825 4140 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6675 4305 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6750 3075 m 
gs 1 -1 sc (Request) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6825 3240 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
6675 3405 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
5715 4920 m 
gs 1 -1 sc (ORB Core) col-1 sh gr 
% Ellipse 
n 975 1200 335 335 0 360 DrawEllipse gs col5 s gr 
% Polyline 
n 975 4425 m 975 4650 l gs col-1 s gr 
% Polyline 
n 2625 2925 m 2625 2325 l gs col-1 s gr 
% Polyline 
n 2625 1575 m 2625 975 l gs col-1 s gr 
% Polyline 
n 2850 1650 m 3000 1425 l gs col-1 s gr 
% Polyline 
n 2400 1650 m 2250 1425 l gs col-1 s gr 
% Polyline 
n 975 2700 m 975 3000 l gs col-1 s gr 
% Polyline 
n 975 3525 m 975 3900 l gs col-1 s gr 
% Polyline 
n 1275 3975 m 1425 3825 l gs col-1 s gr 
% Polyline 
n 2250 3600 m 2325 3525 l gs col-1 s gr 
% Polyline 
n 2850 3600 m 2925 3750 l gs col-1 s gr 
% Polyline 
n 1350 3300 m 2250 3300 l gs col-1 s gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
2400 1965 m 
gs 1 -1 sc (Security) col-1 sh gr 
% Polyline 
n 705 3000 m 600 3000 600 3420 105 arcto 4 {pop} repeat 
600 3525 1245 3525 105 arcto 4 {pop} repeat 
1350 3525 1350 3105 105 arcto 4 {pop} repeat 
1350 3000 705 3000 105 arcto 4 {pop} repeat 
cp gs col7 1.00 shd ef gr gs col-1 s gr 
% Polyline 
n 705 3900 m 600 3900 600 4320 105 arcto 4 {pop} repeat 
600 4425 1245 4425 105 arcto 4 {pop} repeat 
1350 4425 1350 4005 105 arcto 4 {pop} repeat 
1350 3900 705 3900 105 arcto 4 {pop} repeat 
cp gs col7 1.00 shd ef gr gs col-1 s gr 
% Polyline 
[66.7] 0 sd 
n 1650 375 m 3675 375 l 3675 2475 l 1650 2475 l cp gs col-1 s gr [] 0 sd 
% Polyline 
n 360 4860 m 540 4500 l 540 4680 l 3690 4680 l 3690 4500 l 3870 4860 l 
3690 5220 l 3690 5040 l 540 5040 l 540 5220 l 360 4860 l gs col-1 s gr 
% Polyline 
n 3015 1980 m 4950 1980 l gs col-1 s gr 
% Polyline 
[133.3] 0 sd 
n 465 225 m 360 225 360 5205 105 arcto 4 {pop} repeat 
360 5310 3765 5310 105 arcto 4 {pop} repeat 
3870 5310 3870 330 105 arcto 4 {pop} repeat 
3870 225 465 225 105 arcto 4 {pop} repeat 
cp gs col-1 s gr [] 0 sd 
% Polyline 
[133.3] 0 sd 
n 4200 225 m 4095 225 4095 5205 105 arcto 4 {pop} repeat 
4095 5310 7500 5310 105 arcto 4 {pop} repeat 
7605 5310 7605 330 105 arcto 4 {pop} repeat 
7605 225 4200 225 105 arcto 4 {pop} repeat 
cp gs col-1 s gr [] 0 sd 
% Polyline 
[15 133.3] 133.3 sd 
n 465 225 m 360 225 360 5205 105 arcto 4 {pop} repeat 
360 5310 3765 5310 105 arcto 4 {pop} repeat 
3870 5310 3870 330 105 arcto 4 {pop} repeat 
3870 225 465 225 105 arcto 4 {pop} repeat 
cp gs col-1 s gr [] 0 sd 
% Polyline 
[15 133.3] 133.3 sd 
n 4200 225 m 4095 225 4095 5205 105 arcto 4 {pop} repeat 
4095 5310 7500 5310 105 arcto 4 {pop} repeat 
7605 5310 7605 330 105 arcto 4 {pop} repeat 
7605 225 4200 225 105 arcto 4 {pop} repeat 
cp gs col-1 s gr [] 0 sd 
% Polyline 
n 1350 1275 m 2250 1875 l gs col5 s gr 
% Polyline 
n 1275 2400 m 2250 2100 l gs col5 s gr 
% Polyline 
n 1125 4860 m 1755 4860 l gs col-1 s gr 
% Polyline 
n 2475 4860 m 5670 4860 l gs col-1 s gr 
% Polyline 
n 6840 4860 m 6300 4860 l gs col-1 s gr 
% Interp Spline 
gs n 990 4680 m 
988.1 4705.8 988.1 4717.0 990 4725 curveto 
995.6 4748.8 1016.8 4796.8 1035 4815 curveto 
1048.7 4828.7 1071.2 4839.9 1125 4860 curveto 
gs col-1 s gr 
gr 
% Interp Spline 
gs n 6975 4680 m 
6976.9 4705.8 6976.9 4717.0 6975 4725 curveto 
6969.4 4748.8 6948.2 4796.8 6930 4815 curveto 
6916.3 4828.7 6893.8 4839.9 6840 4860 curveto 
gs col-1 s gr 
gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
750 3150 m 
gs 1 -1 sc (Request) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
825 3315 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
675 3480 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
750 4050 m 
gs 1 -1 sc (Message) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
825 4215 m 
gs 1 -1 sc (Level) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
675 4380 m 
gs 1 -1 sc (Interceptor) col-1 sh gr 
/Helvetica-Narrow-Bold ff 120.00 scf sf 
1845 4920 m 
gs 1 -1 sc (ORB Core) col-1 sh gr 
$F2psEnd 
rs 
%%EndDocument
 @endspecial 1016 2674 a Fh(Figure)31 b(8)47 b Fg(Implemen)n(tation)28
b(of)f(the)h(CrySTINA)g(Mo)r(del)648 2959 y(Then,)33
b(the)g(request)g(is)g(passed)f(on)h(and)g(it)h(is)f(in)n(tercepted)g
(b)n(y)f(the)i(message)e(lev)n(el)565 3059 y(in)n(terceptor.)19
b(This)g(in)n(terceptor)g(already)g(kno)n(ws)g(whic)n(h)h(Con)n(text)f
(to)h(apply)-7 b(,)20 b(and)g(it)g(can)565 3159 y(call)j(this)h(Con)n
(text)f(ob)5 b(ject)23 b(with)h(the)g(message)f(as)f(the)i(parameter.)f
(Note,)g(that)h(at)g(this)565 3258 y(lev)n(el)e(w)n(e)h(ha)n(v)n(e)f
(access)g(to)h(the)h(message)e(as)g(an)h(unstructured)g(stream)g(of)g
(b)n(ytes,)g(so)g(the)565 3358 y(Con)n(text)29 b(ob)5
b(ject)30 b(can)g(easily)f(p)r(erform)h(the)g(Secure)g(In)n(v)n(o)r
(cation)f(Services,)g(according)565 3457 y(to)37 b(the)h(securit)n(y)f
(p)r(olicy)-7 b(.)38 b(The)f(last)h(step)g(is)f(to)h(put)g(a)f(sp)r
(ecial)h(securit)n(y)e(header)h(at)565 3557 y(the)27
b(b)r(eginning)h(of)f(the)h(message)e(that)i(con)n(tains)e(the)i
(necessary)e(information)h(for)g(the)565 3657 y(target)22
b(side)h(message)e(lev)n(el)i(in)n(terceptor)f(to)h(iden)n(tify)g(whic)
n(h)g(con)n(text)g(it)g(should)g(use)g(to)565 3756 y(reclaim)i(the)i
(message.)f(Then)g(the)i(protected)e(message)f(is)h(passed)g(to)h(the)g
(ORB)f(Core)565 3856 y(that)h(sends)h(it)g(to)f(the)h(target.)648
3956 y(A)n(t)22 b(the)h(target)e(side,)h(the)h(incoming)f(message)f(is)
h(in)n(tercepted)g(b)n(y)g(the)h(message)e(lev)n(el)565
4055 y(in)n(terceptor.)d(This)i(in)n(terceptor)f(in)n(terprets)g(the)h
(securit)n(y)f(header,)h(and)f(calls)h(the)g(Lo)r(cal)565
4155 y(Con)n(text)33 b(Manager)e(with)j(the)g(parameters)e(found)h(in)h
(the)g(securit)n(y)e(header)h(\(e.g.,)g(a)565 4254 y(con)n(text)c(ID\))
i(to)e(obtain)h(a)f(reference)g(to)h(the)g(Con)n(text)g(ob)5
b(ject)29 b(that)h(should)g(b)r(e)g(used)565 4354 y(for)g(this)h
(message.)f(If)i(the)f(con)n(text)g(is)g(already)e(a)n(v)-5
b(ailable)30 b(\(i.e.,)i(this)f(is)g(not)g(the)g(\014rst)565
4454 y(message)23 b(from)i(the)h(giv)n(en)e(clien)n(t\),)h(then)h(a)f
(reference)f(to)h(it)h(is)f(returned)f(b)n(y)h(the)h(Lo)r(cal)565
4553 y(Con)n(text)i(Manager,)f(otherwise)h(the)i(Lo)r(cal)e(Con)n(text)
g(Manager)g(\014rst)g(do)n(wnloads)g(the)565 4653 y(con)n(text)35
b(from)h(the)h(Domain)f(Securit)n(y)f(Manager,)g(and)h(then)g(passes)f
(the)i(reference)565 4753 y(to)28 b(the)g(in)n(terceptor.)g(Note,)g
(that)h(the)f(con)n(text)g(is)g(already)f(a)n(v)-5 b(ailable)27
b(at)h(the)h(Domain)565 4852 y(Securit)n(y)c(Manager,)g(b)r(ecause)g
(the)i(asso)r(ciation)d(is)i(already)f(established)h(b)r(et)n(w)n(een)g
(the)565 4952 y(clien)n(t)38 b(and)f(the)i(target)e(b)n(y)h(the)g(time)
h(when)f(the)g(message)f(arriv)n(es)f(at)h(the)i(target.)565
5051 y(When)29 b(the)g(message)e(lev)n(el)h(in)n(terceptor)f(receiv)n
(es)h(the)h(reference)e(to)i(the)g(appropriate)p eop
%%Page: 18 18
18 17 bop 565 419 a Fd(18)565 685 y Fg(Con)n(text)32
b(ob)5 b(ject,)33 b(it)h(calls)e(it)i(with)f(the)h(message)e(as)g(the)i
(parameter.)d(The)i(Con)n(text)565 784 y(ob)5 b(ject)27
b(reclaims)f(the)i(original)e(clear)h(message.)648 884
y(In)e(the)g(next)h(step,)f(the)h(request)e(is)h(in)n(tercepted)g(b)n
(y)g(the)h(request)e(lev)n(el)h(in)n(terceptor.)565 983
y(The)e(in)n(terceptor)f(already)g(kno)n(ws)g(whic)n(h)h(Con)n(text)g
(to)g(apply)g(for)g(this)h(request,)e(and)i(it)565 1083
y(can)j(call)h(this)g(Con)n(text)f(ob)5 b(ject)28 b(with)h(the)f
(request)f(as)h(the)g(parameter.)e(The)i(Con)n(text)565
1183 y(ob)5 b(ject)33 b(p)r(erforms)g(the)h(appropriate)d(op)r
(erations)i(\(e.g.,)g(non-repudiation)f(of)i(origin\))565
1282 y(on)e(the)i(request.)f(The)g(fact)g(that)g(the)h(request)e(arriv)
n(ed)g(at)h(the)g(target)g(side)g(request)565 1382 y(lev)n(el)d(in)n
(terceptor)f(already)g(means)h(that)h(access)e(is)h(allo)n(w)n(ed.)f
(Finally)i(the)f(request)g(is)565 1482 y(passed)c(to)i(the)g(target)f
(ob)5 b(ject.)648 1581 y(The)22 b(reply)f(is)h(handled)g(in)g(a)g
(similar)f(w)n(a)n(y)-7 b(.)21 b(The)h(di\013erence)g(is)g(that)g(the)g
(in)n(terceptors)565 1681 y(already)31 b(kno)n(w)h(whic)n(h)h(con)n
(text)g(to)g(apply)g(b)r(ecause)g(they)g(ha)n(v)n(e)f(temp)r(orarily)g
(stored)565 1780 y(this)27 b(information)g(when)h(handling)f(the)h
(request.)565 2063 y Ff(7)91 b(CONCLUSION)565 2262 y
Fg(W)-7 b(e)35 b(in)n(tro)r(duced)g(the)g(TINA-C)g(arc)n(hitecture,)f
(an)h(op)r(en)g(arc)n(hitecture)f(for)h(telecom-)565
2362 y(m)n(unication)f(services)f(ranging)h(from)g(teleconferencing)g
(o)n(v)n(er)f(video-on-demand)g(to)565 2461 y(electronic)22
b(commerce.)g(W)-7 b(e)23 b(pro)n(vided)f(an)g(analysis)g(of)h(the)g
(securit)n(y)f(problem)g(domain)565 2561 y(in)h(this)h(arc)n
(hitecture.)f(As)g(a)h(result)f(of)h(this)f(analysis,)g(w)n(e)g(allo)r
(cated)g(the)h(necessary)e(se-)565 2660 y(curit)n(y)k(functionalit)n(y)
h(to)g(eac)n(h)g(administrativ)n(e)f(domain)h(and)g(within)h(the)f
(domain)g(to)565 2760 y(the)20 b(middlew)n(are)e(la)n(y)n(er)g
(\(DPE\),)i(whic)n(h)f(is)h(basically)e(pro)n(vided)h(b)n(y)g(CORBA)g
(pro)r(ducts.)565 2860 y(CrySTINA,)25 b(our)f(securit)n(y)g(arc)n
(hitecture)g(for)h(TINA,)h(w)n(as)e(presen)n(ted.)h(Because)f(of)h(its)
565 2959 y(allo)r(cation)i(to)g(the)i(middlew)n(are)e(la)n(y)n(er,)f
(the)j(implemen)n(tation)f(of)g(our)f(arc)n(hitecture)g(is)565
3059 y(closely)d(related)h(to)g(CORBA)g(securit)n(y)-7
b(.)25 b(Unlik)n(e)h(the)f(CORBA)h(securit)n(y)e(arc)n(hitecture,)565
3159 y(CrySTINA)30 b(can)h(cop)r(e)g(with)g(the)h(heterogeneit)n(y)d
(of)i(securit)n(y)f(p)r(olicies)h(and)g(securit)n(y)565
3258 y(tec)n(hnologies,)19 b(whic)n(h)i(m)n(ust)g(b)r(e)g(exp)r(ected)h
(as)e(a)g(side)h(e\013ect)h(of)f(the)g(self-administration)565
3358 y(of)h(the)i(administrativ)n(e)e(domains)g(in)h(TINA.)h(This)f(is)
f(ac)n(hiev)n(ed)g(b)n(y)h(the)g(negotiation)f(of)565
3457 y(securit)n(y)28 b(con)n(texts.)g(Our)g(future)h(w)n(ork)f(will)h
(b)r(e)g(concerned)f(with)i(the)f(generalization)565
3557 y(of)24 b(CrySTINA's)g(negotiation)g(concept)g(to)h(CORBA)f(as)g
(a)g(general)g(middlew)n(are)f(plat-)565 3657 y(form.)g(Ongoing)f(w)n
(ork)g(is)i(concerned)f(with)h(the)g(protot)n(ypical)e(implemen)n
(tation)i(of)g(the)565 3756 y(concept)31 b(using)g(a)g(commercial)f
(ORB)h(pro)r(duct)g(\(Orbix)g(1997\))f(and)h(a)g(free)g(CORBA)565
3856 y(implemen)n(tation)c(\(Brose)g(1997\).)565 4138
y Ff(A)m(CKNO)m(WLEDGMENT)565 4338 y Fg(This)41 b(w)n(ork)f(has)h(b)r
(een)h(supp)r(orted)f(b)n(y)g(the)h(Swiss)f(National)g(Science)g(F)-7
b(oundation)565 4437 y(as)33 b(part)h(of)g(the)h(Swiss)f(Priorit)n(y)e
(Programme)g(Information)i(and)g(Comm)n(unications)565
4537 y(Structures)27 b(\(SPP-ICS\))g(under)g(pro)5 b(ject)27
b(n)n(um)n(b)r(er)h(5003-045364.)p eop
%%Page: 19 19
19 18 bop 1682 419 a Fb(CONCLUSION)1116 b Fd(19)565 685
y Ff(REFERENCES)565 884 y Fg(Barr,)23 b(W.J.)49 b(Bo)n(yd,)24
b(T.)49 b(and)24 b(Inoue,)g(Y.)h(\(1993\))f(The)g(TINA)h(Initiativ)n
(e.)g Fe(IEEE)j(Com-)915 983 y(munic)l(ations)i(Magazine)p
Fg(,)f(Marc)n(h)e(1993,)f(70-76.)565 1083 y(Brose,)e(G.)52
b(\(1997\))25 b(JacORB:)f(Implemen)n(tation)i(and)g(Design)g(of)f(a)h
(Ja)n(v)-5 b(a)24 b(ORB.)i Fe(pr)l(o)l(c.)915 1183 y(D)n(AIS'97,)31
b(IFIP)g(WG)g(6.1)h(International)f(Working)g(Confer)l(enc)l(e)h(on)e
(Dis-)915 1282 y(tribute)l(d)i(Aplic)l(ations)h(and)f(Inter)l(op)l(er)l
(able)h(Systems)p Fg(,)d(Cottbus,)g(German)n(y)-7 b(,)915
1382 y(Septem)n(b)r(er)28 b(1997,)e(Chapman)h(&)g(Hall.)565
1482 y(Dupuy)-7 b(,)37 b(F.)73 b(Nilsson,)36 b(G.)73
b(and)37 b(Inoue,)f(Y.)h(\(1995\))e(The)h(TINA)h(Consortium:)f(T)-7
b(o-)915 1581 y(w)n(ard)32 b(Net)n(w)n(orking)g(T)-7
b(elecomm)n(unications)33 b(Information)f(Services.)h
Fe(IEEE)915 1681 y(Communic)l(ations)e(Magazine)p Fg(,)e(No)n(v)n(em)n
(b)r(er)d(1995,)g(78-83.)565 1780 y(Garrahan,)35 b(J.J.)75
b(Russo,)37 b(P)-7 b(.A.)75 b(Kitami,)38 b(K.)75 b(and)37
b(Kung,)g(R.)h(\(1993\))e(In)n(telligen)n(t)915 1880
y(Net)n(w)n(ork)28 b(Ov)n(erview.)f Fe(IEEE)32 b(Communic)l(ations)f
(Magazine)p Fg(,)g(Marc)n(h)d(1993,)915 1980 y(30-36.)565
2079 y(In)n(ternet)h(RF)n(C)h(1508)58 b(\(1993\))29 b(Generic)h
(Securit)n(y)f(Service)g(-)h(Applications)g(Program)915
2179 y(In)n(terface)d(\(GSS-API\).)565 2279 y(IONA)g(T)-7
b(ec)n(hnologies)54 b(\(1997\))26 b(Orbix)h(2.1.)565
2378 y(Kitson,)22 b(B.)45 b(\(1995\))21 b(CORBA)h(and)g(TINA:)i(The)e
(Arc)n(hitectural)g(Relationships.)g Fe(pr)l(o)l(c.)915
2478 y(TINA'95)31 b(Confer)l(enc)l(e)p Fg(,)e(Melb)r(ourne,)e
(Australia,)g(F)-7 b(ebruary)26 b(1995.)565 2577 y(Magedanz,)j(T.)62
b(and)30 b(P)n(op)r(escu-Zeletin)g(R.)h(\(1996\))e Fe(Intel)t(ligent)k
(Networks)p Fg(.)e(In)n(terna-)915 2677 y(tional)c(Thomson)g(Computer)g
(Press,)g(London,)g(1996.)565 2777 y(Netscap)r(e)55 b(\(1996\))26
b(Secure)h(So)r(c)n(k)n(et)g(La)n(y)n(er)f(\(SSL\).)565
2876 y(Neuman,)36 b(C.)71 b(and)36 b(Ts'o,)f(T.)h(\(1994\))e(Kerb)r
(eros:)g(An)i(Authen)n(tication)h(Service)e(for)915 2976
y(Computer)30 b(Net)n(w)n(orks.)f Fe(IEEE)k(Communic)l(ations)h
(Magazine)p Fg(,)e(Septem)n(b)r(er)915 3076 y(1994,)26
b(33-38.)565 3175 y(Ob)5 b(ject)23 b(Managemen)n(t)g(Group)h(\(1995\))e
(The)i(Common)g(Ob)5 b(ject)24 b(Request)g(Brok)n(er,)d(Ar-)915
3275 y(c)n(hitecture)27 b(and)h(Sp)r(eci\014cation,)g(Revision)f(2.0.)
565 3374 y(Ob)5 b(ject)27 b(Managemen)n(t)g(Group)g(\(1995\))f(CORBA)h
(Securit)n(y)-7 b(.)565 3474 y(Ob)5 b(ject)27 b(Managemen)n(t)g(Group)g
(\(1996\))f(Common)h(Secure)g(In)n(terop)r(erabilit)n(y)f(\(CSI\).)565
3574 y(Ob)5 b(ject)27 b(Managemen)n(t)g(Group)g(\(1997\))f
(CORBAsecurit)n(y/SSL)g(In)n(terop)r(erabilit)n(y)-7
b(.)565 3673 y(Op)r(en)27 b(Soft)n(w)n(are)f(F)-7 b(oundation)28
b(\(1992\))e Fe(Intr)l(o)l(duction)j(to)h(OSF)f(DCE)p
Fg(.)f(Pren)n(tice)f(Hall.)565 3773 y(Ruepp)r(el,)h(R.)55
b(\(1986\))27 b Fe(A)n(nalysis)j(and)g(Design)g(of)h(Str)l(e)l(am)e
(Ciphers)p Fg(.)g(Springer,)e(1986.)565 3873 y(Sc)n(hneier,)g(B.)55
b(\(1996\))26 b Fe(Applie)l(d)31 b(Crypto)l(gr)l(aphy)p
Fg(,)g(2nd)c(edition.)h(Wiley)-7 b(,)28 b(1996.)565 3972
y(Staamann,)36 b(S.)75 b(Butt)n(y\023)-42 b(an,)36 b(L.)75
b(Hubaux,)37 b(J-P)-7 b(.)73 b(Sc)n(hip)r(er,)37 b(A.)75
b(and)f(Wilhelm,)38 b(U.)915 4072 y(\(1997\))23 b(Securit)n(y)h(in)h
(the)g(T)-7 b(elecomm)n(unications)24 b(Information)g(Net)n(w)n(orking)
915 4171 y(Arc)n(hitecture)39 b({)g(the)h(CrySTINA)g(Approac)n(h.)e
Fe(pr)l(o)l(c.)k(TINA'97)g(Confer-)915 4271 y(enc)l(e)p
Fg(,)28 b(San)n(tiago,)e(Chile,)i(No)n(v)n(em)n(b)r(er)e(1997,)g(IEEE)g
(CS)i(Press.)565 4371 y(Staamann,)d(S.)52 b(and)g(Wilhelm,)27
b(U.)f(\(1997\))e(Cryptographic)g(Protection)h(of)h(Connec-)915
4470 y(tion)g(In)n(tegrit)n(y)e(with)i(In)n(terruption)f(Detection)h
(in)g(TINA.)g Fe(pr)l(o)l(c.)j(D)n(AIS'97,)915 4570 y(IFIP)49
b(WG)f(6.1)h(International)f(Working)h(Confer)l(enc)l(e)g(on)f
(Distribute)l(d)915 4670 y(Aplic)l(ations)30 b(and)g(Inter)l(op)l(er)l
(able)g(Systems)p Fg(,)c(Cottbus,)h(German)n(y)-7 b(,)26
b(Septem-)915 4769 y(b)r(er)i(1997,)d(Chapman)j(&)f(Hall.)565
4869 y(TINA)h(Consortium)e(\(1997\))h(Service)g(Arc)n(hitecture,)g(V)-7
b(ersion)27 b(5.0.)565 4968 y(X/Op)r(en)g(Guide)h(G410)e(\(1994\))h
(Distributed)h(Securit)n(y)f(F)-7 b(ramew)n(ork.)p eop
%%Trailer
end
userdict /end-hook known{end-hook}if
%%EOF