ࡱ> y !bjbjLL .b.bN( &&ZQZQZQnQnQnQ8Q<VnQ[Z\\\\egggggg$`!ZQ,&&\\cz&\ZQ\eeB [vE cf\@Ғ?YI^jQ…09_*IcfcfZQIzWbB X%: Security Butler Lampson TECS Week 2005 January 2005 Outline Introduction: what is security? Principals, the speaks for relation, and chains of responsibility Secure channels and encryption Names and groups Authenticating systems Authorization Implementation REAL-WORLD SECURITY Its about value, locks, and punishment. Locks good enough that bad guys dont break in very often. Police and courts good enough that bad guys that do break in get caught and punished often enough. Less interference with daily life than value of loss. Security is expensivebuy only what you need. People do behave this way We dont tell them thisa big mistake Perfect security is the worst enemy of real security Elements of Security Policy: Specifying security What is it supposed to do? Mechanism: Implementing security How does it do it? Assurance: Correctness of security Does it really work? Abstract Goals for Security Secrecy controlling who gets to read information Integrity controlling how information changes or resources are used Availability providing prompt access to information and resources Accountability knowing who has had access to information or resources Dangers Dangers Vandalism or sabotage that damages information integrity disrupts service availability Theft of money integrity Theft of information secrecy Loss of privacy secrecy Vulnerabilities Vulnerabilities Bad (buggy or hostile) programs Bad (careless or hostile) people giving instructions to good programs Bad guys corrupting or eavesdropping on communications Threats Adversaries that can and want to exploit vulnerabilities Defensive strategies Coarse: IsolateKeep everybody out Disconnect Medium: ExcludeKeep the bad guys out Code signing, firewalls Fine: RestrictLet the bad guys in, but keep them from doing damage Hardest to implement Sandboxing, access control RecoverUndo the damage. Helps with integrity. Backup systems, restore points PunishCatch the bad guys and prosecute them Auditing, police Assurance Trusted Computing Base (TCB) Everything that security depends on Must get it right Keep it small and simple Elements of TCB Hardware Software Configuration Defense in depth Assurance: Defense in Depth Network, with a firewall Operating system, with sandboxing Basic OS (such as NT) Higher-level OS (such as Java) Application that checks authorization directly All need authentication TCB Examples Policy: Only outgoing Web access TCB: firewall allowing outgoing port 80 TCP connections, but no other traffic Hardware, software, and configuration Policy: Unix users can read system directories, and read and write their home directories TCB: hardware, Unix kernel, any program that can write a system directory (including any that runs as superuser). Also /etc/passwd, permissions on all directories. TCB: Configuration Done again for each system, unlike HW or SW New chance for mistakes each time Done by amateurs, not experts No learning from experience Little training Needs to be very simple At the price of flexibility, fine granularity Making Configuration Simple Userskeep it simple At most three levels: self, friends, others Three places to put objects Everything else done automatically with policies Administratorskeep it simple Work by defining policies. Examples: Each user has a private home folder Each user in one workgroup with a private folder System folders contain vendor-approved releases All executable programs signed by a trusted party Todays systems dont support this very well Assurance: Configuration Control Its 2 am. Do you know what software is running on your machine? Secure configuration ( some apps dont run Hence must be optional: Secure my system Usually used only in an emergency Affects the entire configuration Software: apps, drivers, macros Access control: shares, authentication Also need configuration audit Why We Dont Have Real Security A. People dont buy it Danger is small, so its OK to buy features instead. Security is expensive. Configuring security is a lot of work. Secure systems do less because theyre older. Security is a pain. It stops you from doing things. Users have to authenticate themselves. B. Systems are complicated, so they have bugs. Especially the configuration Principles for Security Security is not formal Security is not free Security is fractal Abstraction cant keep secrets Covert channels leak them Its all about lattices ELEMENTS OF SECURITY Policy: Specifying security What is it supposed to do? Mechanism: Implementing security How does it do it? Assurance: Correctness of security Does it really work? Specify: Policies and Models Policy specifies the whole system informally. Secrecy Who can read information? Integrity Who can change things, and how? Availability How prompt is the service? Modelspecifies just the computer system, but does so precisely. Access control model guards control access to resources. Information flow model classify information, prevent disclosure. Implement: Mechanisms and Assurance Mechanisms tools for implementation. Authentication Who said it? Authorization Who is trusted? Auditing What happened? Trusted computing base. Keep it small and simple. Validate each component carefully. Information flow model (Mandatory security) A lattice of labels for data: unclassified < secret < top secret; public < personal < medical < financial label( f (x)) = max(label( f ), label(x)) Labels can keep track of data properties: how secret Secrecy how trustworthy Integrity When you use (release or act on) the data, user needs a ( clearance Access Control Model Guards control access to valued resources.  Access Control Guards control access to valued resources. Structure the system as Objects entities with state. Principals can request operations on objects. Operations how subjects read or change objects.  SHAPE \* MERGEFORMAT  Access Control Rules Rules control the operations allowed for each principal and object. Principal may doOperation onObjectTaylorReadFile RaisesLampsonSend HelloTerminal 23Process 1274RewindTape unit 7SchwarzkopfFire three shotsBow gunJonesPay invoice 432Account Q34MechanismsThe Gold Standard Authenticating principals Mainly people, but also channels, servers, programs (encryption makes channels, so key is a principal) Authorizing access Usually for groups, principals that have some property, such as Microsoft employee or type-safe or safe for scripting Auditing Assurance Trusted computing base Standard Operating System Security Assume secure channel from user (without proof) Authenticate user by local password Assign local user and group SIDs Access control by ACLs: lists of SIDs and permissions Reference monitor is the OS, or any RPC target Domains: same, but authenticate by RPC to controller Web servers: same, but simplified Establish secure channel with SSL Authenticate user by local password (or certificate) ACL on right to enter, or on users private state NT Domain Security Just like OS except for authentication OS does RPC to domain for authentication Secure channel to domain Just do RPC(user, password) to get users SIDs Domain may do RPC to foreign domain Pairwise trust and pairwise secure channels SIDs include domain ID, so a domain can only authenticate its own SIDs Web Security Today Server: Simplified from single OS Establish secure channel with SSL Authenticate user by local password (or certificate) ACL on right to enter, or on users private state Browser (client): Basic authentication Of server by DNS lookup, or by SSL + certificate Of programs by suppliers signature Good programs run as user Bad ones rejected or totally sandboxed END-TO-END EXAMPLE Alice is at Intel, working on Atom, a joint Intel-Microsoft project Alice connects to Spectra, Atoms web page, with SSL  SHAPE \* MERGEFORMAT  Chain of responsibility Alice at Intel, working on Atom, connects to Spectra, Atoms web page, with SSL Chain of responsibility: KSSL ( Ktemp ( KAlice ( Alice@Intel ( Atom@Microsoft ( Spectra  SHAPE \* MERGEFORMAT  Principals Authentication: Who sent a message? Authorization: Who is trusted? Principal abstraction of who: People Lampson, Taylor Machines VaxSN12648, Jumbo Services SRC-NFS, X-server Groups SRC, DEC-Employees Roles Taylor as Manager Joint authority Taylor and Lampson Weakening Taylor or UntrustedProgram Channels Key #7438 Theory of Principals Principal says statement P says s Lampson says read /SRC/Lampson/foo SRC-CA says Lampsons key is #7438 Axioms If A says s and A says (s implies s') then A says s' If A = B then (A says s) = (B says s) The  Speaks for Relation Principal A speaks for B about T A T B If A says something in set T, B does too: Thus, A is stronger than B, or responsible for B, about T Precisely: (A says s) ( (s ( T) implies (B says s) These are the links in the chain of responsibility Examples Alice Atom group of people Key #7438 Alice key for Alice Delegating Authority How do we establish a link in the chain: a fact Q (R The  verifier of the link must see evidence, of the form  P says Q (R There are three questions about this evidence How do we know that P says the delegation? Why do we trust P for this delegation? Why is P willing to say it? How Do We Know P says X? If P isthena keyP signs X cryptographicallysome other channelmessage X arrives on channel Pthe verifier itselfX is an entry in a local databaseThese are the only ways that the verifier can directly know who said something: receive it on a secure channel or store it locally Otherwise we need C(P, where C is one of these cases Get this by recursion Why Do We Trust The Delegation? We trust A to delegate its own authority. Delegation rule: If P says Q (R then Q (R Reasonable if P is competent and accessible. Why Is P Willing To Delegate To Q? Some facts are installed manually KIntel ( Intel, when Intel and Microsoft establish a direct relationship The ACL entry Lampson ( usr/Lampson Others follow from the properties of some algorithm If Diffie-Hellman yields KDH, then I can say KDH ( me, provided You are the other end of the KDH run You dont disclose KDH to anyone else You dont use KDH to send anything yourself. In practice I simply sign KDH ( Kme Why Is P Willing To Delegate To Q? Others follow from the properties of some algorithm If server S starts process P from and sets up a channel C from P, it can say C ( SQLv71 Of course, only someone who believes S ( SQLv71 will believe this To be conservative, S might compute a strong hash HSQLv71 of SQLv71.exe and require Microsoft says HSQLv71 ( SQLv71 before authenticating C Chain of responsibility Alice at Intel, working on Atom, connects to Spectra, Atoms web page, with SSL Chain of responsibility: KSSL ( Ktemp ( KAlice ( Alice@Intel ( Atom@Microsoft ( Spectra  SHAPE \* MERGEFORMAT  Authenticating Channels Chain of responsibility: KSSL(Ktemp(KAlice(Alice@Intel( ...Ktemp saysKAlice says(SSL setup)(via smart card) SHAPE \* MERGEFORMAT  Authenticating Names: SDSI A name is in a name space, defined by a principal P P is like a directory. The root principals are keys. Rule: P speaks for any name in its name space KIntel ( Intel ( Intel/Alice (= Alice@Intel)  SHAPE \* MERGEFORMAT  Authenticating Names KIntel ( Intel ( Intel/Alice (= Alice@Intel) Ktemp(KAlice(Alice@Intel( ...KIntel says SHAPE \* MERGEFORMAT  Authenticating Groups A group is a principal; its members speak for it Alice@Intel ( Atom@Microsoft Bob@Microsoft ( Atom@Microsoft Evidence for groups: Just like names and keys. KMicrosoft ( Microsoft ( Microsoft/Atom (= Atom@Microsoft)  SHAPE \* MERGEFORMAT  Authenticating Groups KMicrosoft ( Microsoft ( Atom@Microsoft ... (KAlice(Alice@Intel(Atom@Microsoft( ...KMicrosoft says SHAPE \* MERGEFORMAT  Authorization with ACLs View a resource object O as a principal P on Os ACL means P can speak for O Permissions limit the set of things P can say for O If Spectras ACL says Atom can r/w, that means Spectra says Atom@Microsoft (r/w Spectra  SHAPE \* MERGEFORMAT  Authorization with ACLs Spectras ACL says Atom can r/w ...(Alice@Intel(Atom@Microsoft(r/wSpectraSpectra says SHAPE \* MERGEFORMAT  End-to-End Example: Summary Request on SSL channel: KSSL says read Spectra Chain of responsibility: KSSL ( Ktemp ( KAlice ( Alice@Intel ( Atom@Microsoft ( Spectra  SHAPE \* MERGEFORMAT  Compatibility with Local OS? (1) Put network principals on OS ACLs (2) Let network principal speak for local one Alice@Intel Alice@microsoft Use network authentication replacing local or domain authentication Users and ACLs stay the same (3) Assign SIDs to network principals Do this automatically Use network authentication as before Summaries The chain of responsibility can be long Ktemp says KSSL ( Ktemp KAlice says Ktemp ( KAlice KIntel says KAlice ( Alice@Intel KMicrosoft says Alice@Intel ( Atom@Microsoft Spectra says Atom@Microsoft (r/w Spectra Can replace a long chain with one summary certificate Spectra says KSSL (r/w Spectra Need a principal who speaks for the end of the chain This is often called a capability Lattice of Principals A and B max, least upper bound (A and B) says s (A says s) and (B says s) A or B min, greatest lower bound (A or B) says s (A says s) or (B says s) Now A B ( A = A and B ) ( B = A or B ) Thus is the lattice s partial order Could we interpret this as sets? Not easily: and is not intersection Facts about Principals A = B is equivalent to (A B) and (B A) is transitive and, or are associative, commutative, and idempotent and, or are monotonic: If A' A then (A' and B) (A and B) (A' or B) (A or B) Important because a principal may be stronger than needed Lattices: Information Flow to Principals A lattice of labels: unclassified < secret < top secret; public < personal < medical < financial Use the same labels as principals, and let represent clearance lampson secret Or, use names rooted in principals as labels lampson/personal, lampson/medical Then the principal can declassify SECURE CHANNELS A secure channel: says things directly C says s has known possible receivers secrecy possible senders integrity if P is the only possible sender, then C P Examples Within a node: operating system (pipes, etc.) Between nodes: Secure wire difficult to implement Network fantasy for most networks Encryption practical Names for Channels A channel needs a name to be authenticated properly KAlice says Ktemp ( KAlice Its not OK to have KAlice says this channel ( KAlice unless you trust the receiver not to send this on another channel! Thus it is OK to authenticate yourself by sending a password to Alpha XR on an SSL channel already authenticated (by a Verisign certificate) as going to Amazon. Multiplexing a Channel Connect n channels A, B, ... to one channel X to make n new sub-channels X|A, X|B, ... Each subchannel has its own address on X The multiplexer must be trusted  Quoting A | B A quoting B A | B says s A says (B says s) Axioms | is associative | distributes over and, or A *A|B A | B Multiplexing a Channel: Examples MultiplexerMain channelSubchannelsAddressOSnode nodeprocess process port or process ID Network routing node network node node node address Signed Secure Channels The channel is defined by the key: If only A knows K 1, then K A (Actually, if only A uses K 1, then K A) K says s is a message which K can verify  SHAPE \* MERGEFORMAT  The bits of  K says s can travel on any path Abstract Cryptography: Sign/Verify Verify(K, M, sig) = true iff sig = Sign(K', M) and K' = K-1 Is sig Ks signature on M? Concretely, with RSA public key: Sign(K-1, M) = RSAencrypt(K-1, SHA1(M)) Verify(K, M, sig) = (SHA1(M) = RSAdecrypt(K, sig)) Concretely, with AES shared key: Sign(K, M) = SHA1(K, SHA1(K || M)) Verify(K, M, sig) = ( SHA1(K, SHA1(K || M)) = sig) Concrete crypto is for experts only! Abstract Cryptography: Seal/Unseal Unseal(K-1, Seal(K, M)) = M, and without K-1 you cant learn anything about M from Seal(K, M) Concretely, with RSA public key: Seal(K, M) = RSAencrypt(K-1, IV || M) Unseal(K, Msealed) = RSAdecrypt(K, M sealed).M Concretely, with AES shared key: Seal(K, M) = AESencrypt(K, IV || M) Unseal(K, M sealed) = AESdecrypt(K, M sealed).M Concrete crypto is for experts only! Sign and Seal Normally when sealing must sign as well! Seal(Kseal-1, M || Sign(K sign-1, M)) Often Sign is replaced with a checksum ??? Concrete crypto is for experts only!  Public Key vs. Shared Key Public key: K ( K-1 Broadcast Slow Non-repudiable (only one possible sender) Used for certificates Key ( name: KIntel says KAlice ( Alice@Intel Temp key ( key: Ktemp says KSSL ( Ktemp KAlice says Ktemp ( KAlice Shared key: K = K-1 Point to point Fast Can simulate public key with trusted on-line server How Fast is Encryption?  UseNotesrsa encrypt 5 ms (25 KB/s)sign1000 bit modulusrsa decrypt 0.2 ms (625 KB/s)verifyExponent=17sha-1 70 MBytes/ssignhmacaes 50 MBytes/sseal256 bit key On 2 GHz Pentium, Microsoft Visual C++. Data from Wei Dai at www.cryptopp.com Might be 2x faster with careful optimization Fast Encryption in Practice Want to run at network speed. How? Put encryption into the data path. Network interface parses the packet to find a key identifier and maps it to a key for decryption Parsing depends on network protocol (e.g., TCP/IP)  Messages on Encrypted Channels If K says s, we say that s is signed by K Sometimes we call K says s a certificate The channel isnt real-time: K says s is just bits K says s can be viewed as An event: s transmitted on channel K A pile of bits which makes sense if you know the decryption key A logical formula Messages vs. Meaning Standard notation for Seal(Kseal-1, M || Sign(K sign-1, M)) is {M}K. This does not give the meaning Must parse message bits to get the meaning Need unambiguous language for all Ks messages In practice, this implies version numbers Meaning could be a logical formula, or English A, B, {K}KCA means C says (to A) K is a key. C says nothing about A and B. This is useless {A, B, K}KCA means C says K is a key for A to talk to B. C says nothing about when K is valid {A, B, K, T}KCA means C says K is a key for A to talk to B first issued at time T Replay Encryption doesnt stop replay of messages. Receiver must discard duplicates. This means each message must be unique. Usually done with sequence numbers. Receiver must remember last sequence number while the key is valid. Transport protocols solve the same problem. Timeliness Must especially protect authentication against replay If C says KA ( A to B and Eve records this, she can get B to believe in KA just by replaying Cs message. Now she can replay As commands to B. If she ever learns KA, even much later, she can also impersonate A. To avoid this, B needs a way to know that Cs message is not old. Sequence numbers impracticaltoo much long-term state. Timestamps and Nonces Timestamps With synchronized clocks, C just adds the time T, saying to B KC says KA A at T Nonces Otherwise, B tells C a nonce NB which is new, and C sends to B KC says KA A after NB NAMES FOR PRINCIPALS Authorization is to named principals. Users have to read these to check them. Lampson may read file report Root names must be defined locally KIntel ( Intel From a root you can build a path name Intel/Alice (= Alice@Intel) With a suitable root principals can have global names. /DEC/SRC/Lampson may read file /DEC/SRC/udir/Lampson/report Authenticating Names KIntel ( Intel ( Intel/Alice (= Alice@Intel) Ktemp(KAlice(Alice@Intel( ...KIntel says SHAPE \* MERGEFORMAT  Authenticating a Channel Authentication who can send on a channel. C P; C is the channel, P the sender. Initialization  some such facts are built in: Kca CA. To get new ones, must trust some principal, a certification authority. Simplest: trust CA to authenticate any name: CA Anybody Then CA can authenticate channels: Kca says Kws WS Kca says Kbwl bwl One-Way Authentication  Mutual Authentication  This also works with shared keys, as in Kerberos. Who Is The CA  Built In CA s in browsers There are lots Because of politics Look at Tools / Internet options / Content / Publishers / Trusted root certification authorities This is a configuration problem Revocation Revoke a certificate by making the receiver think its invalid. To do this fast, the source of certificates must be online. This loses a major advantage of public keys, and reduces security. Solution: countersigning An offline CAassert, highly secure. An online CArevoke, highly timely. Both must sign for the certificate to be believed, i.e., CAassert and CArevoke Anybody Large-Scale Authentication A large system can t have CA Anybody. Instead, must have many CA's, one for each part. One natural way is based on a naming hierarchy: A tree of directories with principals as the leaves  Large-Scale Authentication: Example Keep trust as local as possible: Authenticating A to B needs trust only up to least common ancestor dec for /dec/lampson /dec/abadi root for /dec/lampson /mit/clark  Rules for Path Names New operator except: Informally, P except M can speak for P / N as long as N `" M Axioms Pexcept M P(Pexcept M) | N P / N except  .. if N `" Mchild(P / Nexcept M) |  ..  P except Nif N `"  .. parent Effect: Authentication can traverse the tree outward from the starting point, but can never retrace its steps Rules for Path Names: Example Start with Clampson /dec/lampson except nil known Clampson says Cdec /dec except lampson parent Cdec says Croot / except dec parent Croot says Cmit /mit except  .. child Cmit says Cclark /mit/clark except  .. child  Trusting Fewer Authorities: Cross-Links For less trust, add links to the tree Now lampson trusts only dec for /dec/lampson /dec/mit/clark  Login Chain of responsibility: KSSL(Ktemp(KAlice(Alice@Intel( ...Ktemp saysKAlice says(SSL setup)(via smart card) SHAPE \* MERGEFORMAT  Authenticating Users Goals Hide the secret that authenticates the user Authenticate without disclosing it Let a node N speak for the user: N Alice Method KAlice Alice KAlice says N Alice KAlice 1 is the user s secret It can be stored encrypted by her password, or better, held inside a smart card. Identifying Nodes for Login Delegation Usually a workstation has no permanent identity Not true for servers Workstation might have a  meets ITG policy identity Need a temporary principal for Alice to delegate to at login Generate login session key Ktemp User Credentials CA generates: user key: KAlice 1 child certificate: KCA says KAlice Alice Certificate is public Where to keep KAlice1? Smart card Encrypted by password On a server Server-mediated Login Workstation talks to login server Server confining users presence Password One-time password Time-varying password Smart card Biometrics Two-factor Authentication Problems with passwords Advantages of physical tokens What if token is stolen? Combine token and something tied to user Password / PIN Biometrics Problem with passwords: exhaustive search Problems with biometrics: not secret, cant change Login with Node Identity Check Kca says KAlice Alice Generate Ktemp  1, a login session key. Delegate to session key K temp and node key Kn KAlice says (Ktemp and Kn) KAlice Then the session key countersigns with a short timeout, say 30 minutes: Ktemp says Kn Ktemp OS discards Ktemp  1 at logout, and the delegation expires within 30 minutes. GROUPS and Group Credentials Defining groups: A group is a principal; its members speak for it Alice@Intel Atom@Microsoft Bob@Microsoft Atom@Microsoft . . . Proving group membership: Use certificates K Microsoft says Alice@Intel Atom@Microsoft Authenticating Groups KMicrosoft ( Microsoft ( Atom@Microsoft ... (KAlice(Alice@Intel(Atom@Microsoft( ...KMicrosoft says SHAPE \* MERGEFORMAT  What Is A Group Set of principals Alice@Intel Atom@Microsoft Principals with some property Resident over 21 years old Type-checked program Can think of the group (or property) as an attribute of each principal that is a member Certifying Properties Need a trusted authority: CA typesafe Actually KMS says CA KMS / typesafe Usually done manually Can also be done by a program P A compiler A class loader A more general proof checker Logic is the same: P typesafe Someone must authorize the program: KMS says P KMS / typesafe Groups As Parameters An application may have some  built-in groups Example: In an enterprise app, each division has groups: manager, employees, finance, marketing folders: budget, advertising plans, ... Thus, the steel division is an instance of this, with steelMgr, steelEmps, steelFinance, steelMarketing folders: steelBudget, steelAdplans, ... P and Q: Separation of Duty Often we want two authorities for something. A and B says s = (A says s) ( (B says s) We use a compound principal with and to express this: Lampson and Taylor two users Lampson and Ingres user running an application CAassert and CArevoke online and offline CAs P or Q: Weakening Sometimes want to weaken a principal A or B says s = (A says s) ( (B says s) A ( B says read f  needs both AR f and BR f Example: Java rule callee caller ( callee-code Example: NT restricted tokens if process P is running untrusted-code for blampson then P blampson ( untrusted-code P as R: Roles To limit its authority, a principal can assume a role. People assume roles: Lampson as Professor Machines assume roles as nodes by running OS programs: Vax#1724 as bsd4.3a4 = Jumbo Nodes assume roles as servers by running services: Jumbo as SRC-NFS Metaphor: a role is a program Encoding: A as R A | R if R is a role Axioms: A *A|R A as R if R is a role B for A: Melding B for A: B acting on behalf of A Workstation22 for Lampson Ingres for Lampson Axiom: (A | B) and (B | A) B for A To delegate  A offers: A | B says B | A B for A B accepts: B | A says B | A B for A Together: (A | B and B | A) says B | A B for A Final delegation: B | A B for A Using a Meld Suppose the ACL for file foo says SRC-WS for Lampson may read  foo If we know WS22 SRC-WS then WS22 for Lampson may read  foo Meld Example: Login Credentials Get Kbwl 1 from Encrypt(PW, Kbwl 1) with user s password Check Kca says Kbwl bwl Offer meld to node key Kn: Kbwl | Kn says Kn (Kws as Taos) for Kbwl Node accepts meld (given Kn Kws as Taos): Kn | Kbwl says Kn (Kws as Taos) for Kbwl And from the for axiom & handoff Kn (Kws as Taos) for Kbwl An Example  Example: Details  AUTHENTICATING SYSTEMS: Loading A digest X can authenticate a program SQL: KMicrosoft says  If image I has digest X then I is SQL formally X KMicrosoft / SQL This is just like KAlice ( Alice@Intel But a program isn t a principal: it can t say things To become a principal, a program must be loaded into a host H Booting is a special case of loading X SQL makes H want to run I if H likes SQL willing to assert that SQL is running Authenticating Systems: Roles A loaded program depends on the host it runs on. We write H as SQL for SQL running on H H as SQL says s = H says SQL says s H cant prove that its running SQL But H can be trusted to run SQL KTCS says H as SQL KTCS / SQL This lets H convince others that it s running SQL H says C KTCS / SQL Node Credentials Machine has some things accessible at boot time. A secret Kws 1 A trusted CA key Kca Boot code does this: Reads Kws 1 and then makes it unreadable. Reads boot image and computes digest Xtaos. Checks Kca says Xtaos Taos. Generates Kn 1, the node key. Signs credentials Kws says Kn Kws as Taos Gives image Kn 1 , Kca , credentials, but not Kws 1. Other systems are similar: Kws as Taos as Accounting Node Credentials: Example  Example: Server s Access Control Kws says Kn Kws as Taosnode credentials Kbwl says Kn (Kws as Taos) for Kbwl login session Kn says C Knchannel C says C | pr (Kws as Taos as Accounting) for Kbwl process C | pr says  read file foo request Sealed Storage: Load and Unseal Instead of authenticating a new key for a loaded system, Kws says Kn Kws as Taos Unseal an existing key SK = Seal(KWSseal-1, < ACL: Taos, Stuff: KTaosOnWS-1>) Save(ACL: Taos, Stuff: KTaosOnWS-1>) returns SK Open(SK) returns KTaosOnWS-1if caller Taos Assurance: NGSCB (Palladium) A cheap, convenient,  physically separate machine A high-assurance OS stack (we hope) A systematic notion of program identity Identity = digest of (code image + parameters) Can abstract this: KMS says digest ( KMS / SQL Host certifies the running programs identity: H says K ( H as P Host grants the program access to sealed data H seals (data, ACL) with its own secret key H will unseal for P if P is on the ACL NGSCB Hardware Protected memory for separate VMs Unique key for hardware Random number generator Hardware attests to loaded software Hardware seals and unseals storage Secure channels to keyboard, display NGSCB Issues Privacy: Hardware key must be certified by manufacturer Use Kws to get one or more certified, anonymous keys from a trusted third party Use zero-knowledge proof that you know a mfg-certified key Upgrade: v7of SQL needs access to v6 secrets v6 signs v7 ( v6 or, both ( SQL Threat model: Other software Wont withstand hardware attacks NGSCB Applications Keep keys secure Network logon Authenticating server Authorizing transactions Digital signing Digital rights management Need app TCB: factor app into a complicated , secure part that runs on Windows a simple, secure part that runs on NGSCB AUTHORIZATION in Access Control Guards control access to valued resources. Structure the system as Objects entities with state. Principals can request operations on objects. Operations how subjects read or change objects.  SHAPE \* MERGEFORMAT  Authorization Rules Rules control the operations allowed for each principal and object. Principal may doOperation onObjectTaylorReadFile RaisesLampsonSend HelloTerminal 23Process 1274RewindTape unit 7SchwarzkopfFire three shotsBow gunJonesPay invoice 432Account Q34Access Matrix File RaisesAccount Q34Tape unit 7LampsonreaddepositProcess 1274read/writer/w/rewindFinance deptdeposit/ withdrawRepresenting the Access Matrix O1 O2 O3 P1 T11 T12 P2 T21 T23 P3 T32  Capability ACL Prefer ACLs for long-tem authorization Usually need to audit who can access a resource Capabilities are fine as a short-term cache OS file descriptors for open files Authorization with ACLs View a resource object O as a principal P on Os ACL means P can speak for O Permissions limit the set of things P can say for O If Spectras ACL says Atom can r/w, that means Spectra says Atom@Microsoft (r/w Spectra  SHAPE \* MERGEFORMAT  Access Control Lists (ACLs) Object Os ACL says: principal P may access O. Lampson may read and write O (Jumbo for SRC) may append to O ACLs need named principals so people can read them. Checking access: Given a request Q says read O an acl P may read/write O Check that Q speaks for P Q P rights suffice read/write e" read Permissions Principal A speaks for B about T A T B If A says something in set T, B does too: Thus, A is stronger than B, or responsible for B, about T Precisely: (A says s) ( (s ( T) implies (B says s) Permissions represent sets of statements P may read/write O = P r/w O Traditionally they appear only in ACLs, not in delegations, which are unrestricted T can specify some objects and some of67K^_    Q S m q   $ C L N Y }   G H P ^ ͼ hxh^hxh^5 hxh)p h^NH h^6]h^hxh 6]hxh 5\ hxh hxhq<6] hxhq< hDhq< hDh(" h3thCghCgh&h3t h]ah h 1  )67?_   F   J gdhq & Fgdhqgdq<gd3tgdq<$a$gd gd gd J d C }  P  6 zxgd^ & F zgd^ zgd^gd^gdq<  ^` gd^gd^ xgd gd & Fgdhq   . 5 F M N ^ _ n  MNckrsƹơƝzre^zZzre^hS7Q hQhS7QhhS7Q5B*phh^ hS7Q6 hxh5Z hzhzhzhh^5B*phh^h)phh)p5B*]phhxh)p6]hh)p5B*ph hxh)phxh)p5hyah)pCJ hxhq<h^h^6] hxh^hxh^6]#6 N ^ _ o Nc)D & F gdn & Fgdn & Fgdngd-3gd5Z & F zgdzgdz & F zgd)p zgd)p zgdyagdq< zxgd^)DK[rs`hivw[\{wsh.}h hh hUhh*O}hhB*phhUhaEB*phhUh8h hxhnhn h 0hnhhn5B*phh-3 hQhS7QhhS7Q5B*phh^ hS7Q6hS7Q hxhS7Q hxh5Z,Ds-FW`iwCD\ & F0gdgdgdgd & F zgd8gdgd^gdn & F gdngd5Z\iZ=_}  & F zgdgd & F zgdumgd*O}^gdzgd+gdgdz^gd+gd.}gd^8^_bc=_dfpqu|}   9:"DG뿻㷧hk{h^5 hxh^ jhh hh h ?h ?h ?hhFh*=humh*O} h.}h+h+h+0J9 h+NH h+h+ hzh+hzhh+ h.}h.}h.} h.}NH/ "Nj3c$Oz"Dgd^ & F/gd & F.gdgdgd & F-gd ? ^gdum & F,gd ?gd ?GZ[XYYmntv<del*0FGTfl #»hO hxhouh}6h hxh 6hxh 6]hxh 5\ hxh hxh}3 hxh5Zh*= h^h5Zh"~h^CJ hxh^hk{h^5hk{h^5B*ph7D[1XY!>?XYngd  & F gd5Zgd5Zgd5Z & Fxgd^gd^ x^gd & Fgd^gd^n4eU4Lfgdou gd  dgd ]gd ^`gd  gd gd gd xgd     !&'()*+,15:;<=>AFGHIJĹ񵭨۹񤭟۹ jhNhxhou6] hJ~76h82 h826h hou6h9H hxhhN hxhNhNhN0J9 hhouh hhhhouB*ph hxhouh1fh$B5!Kv,./012Al xgdJ~7gdJ~7gdJ~7gd>&gd|G_gdgdou & F f!gdyagdou & FgdN+,-2@Akl 5Zyz¾¾¶¶¾¶¾~umhmhm hO6hxhO6hYxhOCJhxhO5 hxhO hxhjh$Ujh]UmHnHuh]jh]UhxhJ~76hJ~7 hxhJ~7h|G_ jhxh|G_UmHnHuh hxhh9H hxhouhhNB*ph( 5yzZ`kd$$IfP4F'7H    4 Pahf4 x$If]xgdO $If]gdO d$If]dgdOgdOgdOgd $ xa$gd]        ( ) . / ; > ? G J L i w !!&6]h]h"~B*ph h]h>&#hxh>&5\fHq hxh>&hpehO0J9PJhO hxhOhVhOOJQJhpehO0J9hxhO6 hO68qdWJ x$If]xgdO $If]gdO d$If]dgdO`kd$$IfP4F'7H    4 Pahf4xx$If]xgdOx$If]gdOdx$If]dgdO w x$If]xgdO $If]gdO d$If]dgdO`kd$$IfP4F'7H    4 Pahf4   ( w x$If]xgdO $If]gdO d$If]dgdO`kd$$IfP4F'7H    4 Pahf4( ) / ? K w x$If]xgdO $If]gdO d$If]dgdO`kdp$$IfP4F'7H    4 Pahf4K L i y!!!!!!yyojgdF, & Fgdhqgd"~ & Fgdhq & Fgdhqgd>&gd>&`kd$$IfP4F'7H    4 Pahf4 T!y!!!!!!""##$$$%%?&@&R&S&X&_&d&q&u&&&&&&&&&&ǽǹwskgkYjh|cUmHnHuh|cjh|cUh>&huf h>&0J9B*phhuf h>&B*phhxh>&0J9h"~h>&0J9aJ8 hxh}3h Xh) h03hF,hF,hIahF,6] hIahF,hxh>&5\hxh>&fHq #hxh>&5\fHq hxh>&!!!"="s""""#P######-$Q$}$$$$%P% & F)gdF, & F(gdF, & F'gdF,gdF, & F$gdF, & F#gdF, & F"gdF,gdF,P%%%%%&?&@&S&&&&'Q'k'''''(  @ Vgd gd $a$gd$igdcgd|cgd|c$a$gd|cgdk{gd>&^gd3t & F*gdF,gdF, & F)gdF,&&&&''' '''' '"'.'5'P'Q'k'l'm'p'q'r's't'x'y'z'{'|'''''¾˳뙒{mˈ{mˈ{ic hc0J9hc jh1fh|cB*phhxh|c6H*]aJ0hxh|c6] h|c6]h Xh|c5B*phhuf h|c0J9B*phhuf h|cB*phh$ihxh|c0J9 hxh|ch"~h|c0J9aJ8 hAh|c hAhAh|cjh|cUjRh6|U!''''''''''''''''''''((4(5(8(9(B(Q([(l(v(((((((((((((((((ȶȧ|w h 5 h X5hnh 5hnh 0J9PJh hxh 6 hxh h$ih$ijhcUjh$iUmHnHuh$ijh$iUh|chchc0J9 hxhchxhc0J9hc jh1fhcB*ph.(;(R(m((((( ))1)T)y))))*:**V++ gdy,gdCu -|]|gdy,gdy, gdRBgdRB^gdRB  P-gdRBgdRB gd gd ((() ))))J)K)L)P)Q)R)\)`)b)w))))))))))))))))))))))))))))))оЖЍЖ~vЖvvЖvvvЖvvvhxhRB6hnhRB0J9PJhRBhnhRB0J9hxhRB5hhRBehr hhRB5ehr#hhRB56ehr hxhRBhnh 0J9PJ hxh h h 0J9PJ h 5 h X5.)))))))))))))*6*8*N*P*h*j*x*z*|*~**********ƾڬwoeo]hRBhy,5hxhy,56hxhy,5!hRBhy,0J>ehr%hYhy,OJQJehr hYhy,5ehr#hYhy,56ehrhRBhy,6hy,hxhy,6hy,OJQJ hxhy,h_5hRB6hxhRB5hxhRB6 hxhRB ************++++@+B+R+T+V+l+n+p+r+z+|+~++++++ö}vnvfvnvb[bWhEwN jh Xh Xh`hy,5h`hy,6 h`hy, hxhy,hRBhy,6B*phhvhhy,6]hvhhy,aJ@ hvhhy,h(hy,B*phh(hy,6B*phhy, hy,5hxhy,56hxhy,5hRBhy,56]hRBhy,5hRBhy,5B*aJ@ph ++++++++++++++ ,",4,>,@,B,D,L,N,l,v,,,,,,,,,,,,,,(-8-<->-úyn jhQihQi5hQihQi56] hEJ5h3hSh3hS5h`hy,hy,6hx7hy,6] hx7hy,hy,OJQJhy,hx7hy,0J9 hxhy, h3hSh3hSh3hSh`hy,5h`hy,6 h`hy, jhEwNhEwNhEwNhEwN6)+",4,n,,,D---.E.l..... $$Ifa$gd5Lgd`T & Fgd`Tgd`T gd}gdy,  xgdy,gdy,gd3hS>-@-B-D-z----------------..$.(.).*.../.0.4.>.?.D.E.O.T.ºɨӖ|tӡkdZhIh}6] h`Th}hIh}NHhQihQi6hQih}h}6 hIh} h}h`Th`T hQi6] h}h} jh}h}h}h}5h}hQi5 h}hQih}hQi6]h} hEJ5hEJhEJ5h3hSh3hS5hQihQi56]hQihQi5#T.U.V.e.f.k.l.s.t.u.|............................/// / ///hXRhU_6hXR hRhU_ hzk6] h qh:nh:nh:n6h:n h qh qhy, hzk6 hxhy,hxhy,5hzkhy,5B*phhzkhzk56B*]phhzkhzk5B*ph jhzkhzk5B*ph!1 1:1;1@1A1E1O1V1W1X1Y1d1e11111111111111111111ü~rk`UhPXhU_CJ8aJ8hPXh+<CJ8aJ8 h:h: jhRhU_aJ hRhU_6H*]aJ hRhU_6]aJ hRhU_aJ h:h(hU_0J>h(hU_6 h(hU_ h(h:h( hRhU_ jh}hXR h(h( h(0J9hXRhXRhU_NH hXRhU_ hXRhXR 1111122222.28292;2G2L2Y2_2`2n2r2s2t2v2w2x2y2z2|2}22222ʹʹ͞|r|kd`[d hPX6hPX h qhPX h[h+< jh[hU_h[hU_6H*]h[hU_6]h[h[hU_NH h[hU_hPXhU_6CJ8H*]aJ8hPXhU_6CJ8]aJ8hPXh+<CJ8aJ8hPXhU_CJ8aJ8hPXh[6CJ8H*]aJ8hPXh[6CJ8]aJ8hPXh[CJ8aJ8!22222222222222222222233333#3$3%3&3'3+3-3.3K3ȼȱȫȫїѡѫых|ib hPXhU_$h_mUh_mU0J9CJ@OJQJ^JaJ@h_mUh_mU0J9 h_mU0J9 jhPXhU_aJ@hPXhU_6aJ@h_mUh_mU6aJ@ h_mUaJ@hPXh_mUNHaJ@hPXhU_6]aJ@hPXh_mUaJ@hPXhU_aJ@hY hRhY hPX6] h qhPXhPXh:nhPX6"22.3p333444i44444555$ 8~  , P$Ifa$gd5Lgd3gd3$a$gd&gd&gd& &d]gdU_ ^gdf p^pgdf^gdY & F zgdPXgdYK3L3S3T3U3V3W3[3]3k3o3p333333333333333333333333333Ļϻvl` jhPXhYaJ@hf6H*]aJ@hfhf5aJ@hfhf0J9hfhY0J9hY6H*]aJ@hPXhY6H*]aJ@ hfaJ@hPXhY6]aJ@hPXhYaJ@hU_ hYhYh_mUhY0J9 hY0J9 jhPXhU_hPXhU_6 hPXhU_hPXhU_NH%3333333334444"4'4(44484:4F4M4h4i444444Ĺ{ng]Phxh&6H*]aJ0hxh&6] h&6]h Xh&5B*phhuf h&0J9B*phhuf h&B*phh&hxh&0J9 hxh&h"~h&0J9aJ8 hAh&hPXh qCJ@aJ@ hPXhYhPXhY6]aJ@hPXhYNHaJ@ hfaJ@hPXhYaJ@h_mUhf0J9 hf0J944444444444444444444444444444444445555ϯϯylah5Lh XB*phh5Lh X0J>B*phh5Lh X6B*]phh3 h3h3 h$ih&jh&Ujh&UmHnHujh&Uhch&0J9hxh&0J9 h&0J9h&hxh&6H*]aJ0hxh&6] hxh& jh1fh&B*ph%5555!5"5#5$5%5*5+5,5-58595:5>5?5@5A5E5F5J5K5L5M5N5S5T5X5Y5Z5`5k5l5|55ؼ沨ؼxؼjc_c_h\Tq h3h\TqjhDUmHnHu)jh5LhDB*UmHnHphuh5Lh X5B*\phh Xh h X0J9h5Lh X6] jh5Lh Xh5Lh X0J>B*phh5Lh X0J>B*]phh5Lh X6B*]phh5Lh XB*ph jh5Lh XB*ph$5"5$5+5-595?5$ 8~  , P$Ifa$gd5L?5@5kd$$Ifִ \ (#%5\:  FvxF t\:    4apPyt5L@5K5M5Y5[5\5]5^5_5 8~  , Ph$Ifgd5L$ 8~  , Ph$Ifa$gd5L$ 8~  , Ph$Ifa$gd5L_5`5kd$$Ifִ \ (#%5\:  FvxF t\:    4apPyt5L`5l5}5~5555 8~  , P$Ifgd5L55555G4/*gdy>gdy>$ 8~  , Pa$gdy>kd$$Ifֈ\ (#%5\:\ FvxF t\:4ap<yt5L5555555555556"6$6*6+676:6Q6R6S6X6Y6Z6[6`6a6b6c6n6r6t666𹲮}slclslcl_clh h hY@0J9 hy>hY@ jh3hY@hY@hV-hY@0J>]hy>hY@6]h&h_5hy>B*phhy>hy>6]hy> hy>hy> h3h3jM h%zh%zB*Uph)jh%zh%zB*UmHnHphuh%zh%zB*phjh%zh%zB*Uph"5$6R66666666667$ 8~  , P$Ifa$gd5LgdY@$a$gdWgdY@gdy> & Fgdy> 66666666666666666666666666666𹵫vrh^ZPI h'uh|o jh5Lh|oh|oh5Lh|o0J>]h5Lh|o6]h  jh3h hy>h h h 0J9 hy>hy> jh3hV-hV-hy>0J>]hy>hy>6]hY@ hy>hY@j h%zhWB*Uph)jh%zhWB*UmHnHphuh%zhWB*phjh%zhWB*Uph666666667777 7777777172737񴰦}o_T_?)jh%zhY@B*UmHnHphuh%zhY@B*phjh%zhY@B*Uphjhb3UmHnHuh5Lhb35B*\phh5Lhb30J>B*phh5Lhb36B*]phh5Lh|o6]h|o jh5Lh|oh5Lh|o0J9B*ph jh5Lh|oB*phh5Lh|oB*phh5Lh|o0J>B*phh5Lh|o6B*]ph777G-$ 8~  , Ph$Ifa$gd5Lkdm $$Ifֈ$ VD%**2 *F t*4ap<yt5L777777$ 8~  , Ph$Ifa$gd5L 8~  , Ph$Ifgd5L7767L7}7G?:5gd'ugd'u$a$gdY@kd2 $$Ifֈ$ VD%**2 *F t*4ap<yt5L37475767K7L7}777777777777788 88888888%8&8'8ŹŹί~uqmmd[dT hy>h7 h7 hqH0J9h h7 0J9h7 h h h 0J9 jh hqH0J9h hqH0J9 hy>hqH jh3hqHhqH hqH0J>]hy>hqH6] jh'uh'u0J9h'uh'u0J9h'u h'uh'u hy>hy>jh%zhY@B*Uphj h%zhY@B*Uph}77777'8D8Z888888888$ 8~  , P$Ifa$gd5LgdqH$a$gd=7D gd7 gd'u & F gdv & F gdv'8(8?8@8A8B8C8D8Y8Z8[8d8e8f8g8q8r8w8x888888888888¸~zpi_VMzpihh840J>hh840J>h5Lh846] hX_|h84 jh5Lh84h84h7 h7 0J9 jh h7 0J9h h7 0J9 hy>h7  jh3h7 h7 h7 0J>]hy>h7 6]hqH h'uhqHh=7Dj h%zh=7DU jh%zh=7DUmHnHu h%zh=7Djh%zh=7DU8888888888888888888888888䦘ˊzozZJzC hvhvjh%zhvB*Uph)jh%zhvB*UmHnHphuh%zhvB*phjh%zhvB*Uphjh84UmHnHuh5Lh845B*\phh5Lh840J>B*phh5Lh846]h84 jh5Lh84h5Lh84B*ph jh5Lh84B*phh5Lh846B*]phh5Lh840J9B*ph888/ 8~  , Ph$Ifgd5Lkd $$If֞ .X 28v* t84apFyt5L8888888 8~  , Ph$Ifgd5L$ 8~  , Ph$Ifa$gd5L8889/'"gdm $a$gdvkd $$If֞ .X 28v* t84apFyt5L89999*9+9/909=9>9M9O9s9t9999999999999999999999999ĹĹĹ~s~h%zhWB*phjh%zhWB*UphhxIh>&0J>6B*ph jhxIh>&B*phhxIh>&5B*\phhxIh>&B*phhxIh>&0J9B*phh>&h>&5\h>&h>&0J9h>&h>&6] h>&h>&hm h>&hm &9*9O99999:0:5:A:C:R:W:_:$ 8~  , P$Ifa$gd5Lgd6$a$gdW^gd>& & Fgd>&gd>&99999::::":#:':,:/:0:3:4:5:@:A:B:C:Q:R:S:üyobTF jh5Lh&B*phh5Lh&6B*]phh5Lh&0J9B*phh5Lh&6]h7 h&0J9 hX_|h& jh5Lh&h& h6h6h>&h65\ h>&h6h>&h60J9hzK h>&h& h>&h>&jh%zhWB*Uphjah%zhWB*Uph)jh%zhWB*UmHnHphuS:V:W:^:_:b:c:j:o:p:q:t:u:::::::::ȾwlwWGw@95huf huf huf h&h&j{h%zh&B*Uph)jh%zh&B*UmHnHphuh%zh&B*phjh%zh&B*Uphjh6UmHnHuh5Lh&6B*]phh5Lh65B*\phh5Lh60J9B*phh5Lh&6]h&h5Lh&B*phh5Lh&0J9B*phh5Lh&0J>B*phh5Lh&0J>6B*ph_:`:a:G0 8~  , Ph$Ifgd5Lkd$$Ifֈ 4).8* t84ap<yt5La:b:c:p:r:s: 8~  , Ph$Ifgd5L$ 8~  , Ph$Ifa$gd5Ls:t:::::;;G?:555gduf gduf $a$gduf kd$$Ifֈ 4).8* t84ap<yt5L::::::::::::::::;;;;;; ;;;;;;;;; ;!;/;1;2;3;:;;;Ӿ~x~o~ofo~hchuf 0J9hxhuf 0J9 huf 0J9huf  jh1fhuf B*ph hxhuf hxhuf 6H*]aJ0hxhuf 6] huf 6]h=7Dhuf 0J9 h=7Dhuf huf huf 5B*\phhuf huf B*phhuf huf 0J>B*phhuf huf 6B*]ph huf huf &;;<;S;T;U;V;W;X;;;<<<"<==>> > >>>>>>>>>>> >%>&>*>+>,>0>1>2>3>4>9>:>ϼϸ~tt~h*9hH^0J>] jh*9hH^h*9hH^]h*9hH^5\ h*9hH^h*9hH^0J>h*9hH^6]hH^h;KJh82OJQJhIah820J9PJ hIah82 huf huf j huf Ujhuf UmHnHuhuf jhuf U*;;X;u;;;$<\<<<4=`===>>:>[> l5^gdH^l=^gdH^l=gdH^gd;KJ & F&gd82^gd82 & F%gd82gd82gd82$a$gduf :>;>A>E>G>L>M>N>O>Z>\>f>j>k>v>w>x>y>>>>>>>>>>>>>>>>>>>>>>>>>>>յŨߤ㋃yph*9hH^0J>h*9hH^6]h*9hH^]h*9hH^5\hlhlB*phhlh;KJ h hH^ hH^0J>h hH^0J>6 hH^0J9h hH^0J9 hH^6] jh hH^hH^h hH^5\h hH^0J>h hH^6]+[>>>>?=?`?v??8@@@>>>>???+?,?2?=?T?^?_?`?k?v?w?|?}?~???????????????οθ}yqiqb[iq h?h> h?h?hxh>5hxh>6h?hh5 hxhhYhehr#h?h56ehr hxh>h hlh*9hlhlB*phh;KJhlhH^h hH^0J9 hH^0J>h hH^0J>6 jh hH^ h*9hH^#?@@@@ @@@@@ @$@&@(@0@2@4@6@8@:@<@>@D@F@H@J@L@N@@@@@@@@@@@Ͼϐ}yqjyejq h?5 hxh?hxh?6h? hh?hh5hh?h?5hvehrh?ehrh?5ehr h?h?5ehr#h?h?56ehrhxh>5hxh>6h>OJQJ hxh>%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@AAA AAAAAAA"A$A*A,A.A4A6A:AF?FOFqFrFFFFFFFFFFFFFFFFF"G#GHɼֵ}vjvbhxh>6hO[ehr hxhI( hxhI(5ehrhxhI(ehr hxhI(6ehr hxh> hxh}3hbhNhmy10J9 hmy10J9 hxhuhmy1hhNh0J9 hxhhuOJQJ hu0J9hN"FFFF HHxHHH"ILIrIIJJ@JJ&K'K & F lgdlugdlu & F lgdde & F lgd(jgd(j ^gd(   0*xgd( 0*xgd(HHHHHLIIIIIIIIIIJJJJJJJJJ"J#J'J(JžsokoaXQGQh*9hlu5\ h*9hluh*9hlu0J>h*9hlu6]hluhdeh(jh(j0J>6H*]aJ jh*9h(jh*9h(j0J>]h*9h(j5\ h*9h(jh*9h(j0J>h*9h(j6]h(j hxh> hxhI( hxhI(6ehrhxhI(ehr%hI(hI(OJQJehr(J+J-J6J7J8J9J>J?J@JJJJK%K&K'KFKGKQKRKTKUKjKkKtKuKKKKKKKKKKKKKKKKKz hYh-6ehrh'Fm6ehr hxh-jhxheEUhxh>6 hxh> h(jh(j hdehluh'h Oh(jh*9hde0J>h*9hde6] h*9hde jh*9hdehluhde*'K>KKKKKK>L@LNLpLLLMM M:MRMbM $If]$IfgdeEgd- gd- gd-   gd-gd-.KKKKKKKKKKLLLLLLLLLLL$L(L*L,L4LLLLLLLLLLLLLLLLLʺʲʺʺʺ²|un hxheE h-h-hh-0J>hh0J>hh0J>6OJQJhh0J>6h &h-5h-h-OJQJhxh-5hxh-6 hxh-h'Fm6ehr hYh-6ehrhYh-ehr)LLMMM M8M:MPMRM`MbMdMhMjM|M~MMMMMMMNNNNO@OBODOhOJQJ hxhhxhCJ$EHhxh6hbh6hh6hh#h>OJQJhxh>CJ$EHh'Fmh> h>6hxh>6hxh>CJ hxh>heE6bMdMjM~MMM $If]nkdt$$IfP4\x8(8 X x4 Paf4MMMNN:N $If]nkdU$$IfP4\x8(8 X x4 Paf4:Nhxh#5 hxh#hxh#6h# hxh2Nrjh2NrUjh2NrUmHnHujh2NrUh>h2Nrh,hxh>5 hxh>hxh>6 h#h%GPJPVPWPZP]PaPbPcPdPfPgPmPnPoPrPsPuPyP~PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPŽŽų󬥡ųųhtGh2Nr6 hVbh2NrhVb hVbhVb hh2Nrhqh2NrH*aJ@hh2Nr6hqh2Nr6 hQ!hh2NrCJ8OJQJ^JaJ8hT<h2Nr6hh2NrOJQJ^Jh2Nrhh2Nr67PP Q.QSQQQQQ-RNRtRRRRSS@SNS`]`gdB_gdB_ & F P gd=Pgdvngd2Nrgd2NrgdVb & F gd[$YgdVb & F zgdVbPPPQQQQQ Q Q QQ-Q.Q2Q3Q4Q6Q7Q9Q:Qh2NrCJ8OJQJ^JaJ8h2Nrh2Nr6htGh2Nr6hqh2NrH*aJ@hvnhqht26ht2ht2CJ8OJQJ^JaJ8hVb hVbhVbhqh2Nr6h2Nr hQ!hh2NrCJ8OJQJ^JaJ8-RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRS S S S SSSSSSSS9S>S@S㾶ۭלۭ㶍~v~hB_B*phhz*hB_B*phhB_ htGh2NrhO_h2Nr6 hO_h2NrCJ8OJQJ^JaJ8hB_hB_0J>h2Nrh2Nr6htGh2Nr6 hQ!hh2NrCJ8OJQJ^JaJ8h=Phqh2Nr6h2Nrh2NrCJ8OJQJ^JaJ8hVb hVbhVb,@SVScSvSwS|S}S~SSSSSSSSSSSSSSSSSSSSSSȾѭsd]RJRhB_B*phhz*hB_B*ph hIQhLG#hB_hLG#B*H*aJ@phhB_hLG#0J>B*phhB_hLG#6B*ph)hB_hLG#B*CJ8OJQJ^JaJ8phhB_hLG#B*ph hQ!hhLG#CJ8OJQJ^JaJ8hqhLG#H*aJ@h ShLG#0J>hqhLG#6hLG#CJ8OJQJ^JaJ8 h ShLG#CJ8OJQJ^JaJ8hnxshLG#NSxSSSSS TT(T-TWTmTTTTTUU:Ugd$Ngd\vl p^pgd*_ zp^pgd*_ & F zgdgd'Fmgd*_$a$gdLG#gdB_ & F zgdLG#gdLG#SSS TTTTTTTTT'TWTqTrTxTyTzTTTTTTTTTTTTTTTTT彳{qha h*9hLh*9hL0J>h*9hL6] h*_6]h hL0J9 hL6]h hL5\h hL0J>h hL6]hL jh hLhh$Nh\vlB*phhqh\vlH*aJ@ jh\vlhqh\vl6h\vlh'Fm hLG#hLG#jhxhB_U"TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTU}vrnfnf\rhqhH*aJ@hqh6hh\vl h*_h*_ jh*9h*_h*9h*_0J>]h*9h*_5\ h*9h*_h*9h*_0J>h*9h*_6] h*_6]hLh*9hL0J>] jh*9hL h*9hLh*9hL0J>h*9hL6]h*9hL]h*9hL5\UUU9U:URUVUYUZU`UaUdUmUnUsUtU}U~UUUUUUUUUUUUUUUUUUUUUUջzvnzvzbh(h-:CJ@aJ@hqCJ0aJ0h?ihW<h?i6CJ@aJ@hqhqCJ0aJ0hqCJ@aJ@h(h-CJ@aJ@h(h?iCJ@aJ@h(h?i:CJ@aJ@ h?i5hW<h?i5CJ@aJ@hW<5CJ@aJ@h(h?i5CJ@aJ@ h-h>h*_h$Nh\vlh$Nh\vlB*ph&:URUSUUUVUZU`UaUmUfY 4d$./Ifkd$$IfP4r J&t9,  E4 Paf44$d$./Ifa$mUqU~UUUUUUUURkdO$$IfP4r J&t9,  E4 Paf4 4d$./If4$  d$./Ifa$gd- UUUUUUUUkR4$  d$./Ifa$gd-kd$$IfP4r J&t9,  E4 Paf4 4d$./IfUUUUUUUUUU V V V VV3V?VFVZV[VaVdVmVVVWW'W(W,WKW_W}WWWWWWWwphphxhnxs6 hxhnxsjhxh>Uh hm!6hxh>6hm! hxh>hh hmhW< hmhmhmhW<hk hxh?ih(h0TCJ@aJ@hW<h?i6CJ@aJ@h(h-CJ@aJ@h(h?i:CJ@aJ@h?ih(h?iCJ@aJ@&UUUUUU VxiNiii4$  d($./Ifa$gd-4d($./Ifkd$$IfP4r J&t9,  E4 Paf4 V V V[VVVVVLWWWxsssqoomdb. P]Pgdm! gdW<kd;$$IfP4r J&t9,  E4 Paf4 WWWW(XBXiXXXX8YcYYYYIZZZ[0[gdEEgdEE & F zxgdXK & F zgdXKgdnxsgdnxs ^`gdnxsgdnxs gdnxs ^gdnxs`]`gdnxsWWWWWWWWWWWWWWWWWWWXXXXXXX'X(X)X/X0XNXOXgXhXXXXXXXXXXXXXXXXXYYYY Y Y YY佴余体 hnxs0J> hQ!hhnxsCJ8OJQJ^JaJ8hqhnxsH*aJ@h Shnxs0J>hqhnxs6hnxsCJ8OJQJ^JaJ8 hz*hnxsCJ8OJQJ^JaJ8hnxshxhnxs6 hxhnxshxhnxs5:YYYYY7Y8Y=YBYbYcYhYsYYYYYYYYYYYYYYYYYYYYYYZZZ Z ZZZZZ0Z1Z6Z7ZJZKZMZNZPZQZRZSZUZ礝h Yhnxs6hGhnxs5 hwhnxsh88hnxs0J>hwhnxs6hXKhLhL6hLhh!h!6h! hz*hnxshz*hnxsB*phh Yhnxs6CJ0aJ0hnxshz*hnxs67UZVZ\Z]Z^ZbZdZeZsZtZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ[[[\\*\1\P\T\U\V\Ļ h*9hl} h,6]hKh &hEE5B*phhEE hxhEEhGhnxs6h88hnxs0J>h Yhnxs6CJ0aJ0 hnxs6hsQhnxs6hhnxs6hGhnxs5hwhnxs6hnxs hwhnxs40[R[[[\\Q\\\%]g]]]]]$^2^^^ ___` gd, ]^gdEE ^gdEEgdEEgdEE ]gdEE gdEEV\Z\[\\\]\^\_\`\a\b\e\f\g\j\k\o\w\{\~\\\\\\\\\\\\\\\\\\\\\\ ] ]"]#]4]5]O]P]v]ž| hxh,hvh,0J>hxh,6hxhEE6hv hxhEE hxhl}hl}h,h,6h, hl}hl} hl}6] jh*9hl} h*9hl}hvhl}0J>hxhl}6h*9hl}]h*9hl}5\0v]]]]]]]]]]^^ ^ ^^^^^^^^^ ^"^H^J^X^Z^`^j^l^n^p^r^^^^^^^^^^^^^^^^^^^^^^^^ _V_X___ hxhVe0 hVe0hVe0 hxh> hxh}3hEEOJQJhxhEE5 hxh,hxh,6CJ$EHhxh,6hxhEE6 hxhEEh &=_______``````#`I`J`U`Y`[`f`g`h`|`````````````ƿuleaWhy>h {q6]h {q hy>h {qhxh>CJ$hphp0J:5h2CJ$OJQJhph>0J:5h\ hxhZ hy>hZh hZ0J9h>hZh hZ0J9 hZ6] jh hZh hZ0J>h hZ6] hxhVe0hVe0 hxh>hVh>OJQJ"`$`J`h```` a&a(a/a1a=aCa$ 8~  , P$Ifa$gd5Lgd {qgd {q gd,^gdZ ``````aaa aaaa a!a%a&a'a(a)a.a/a0a1aaBaCaFaGaMaQaRa񹲤~qch5Lh {q5B*\phh5Lh {q0J9B*ph jh5Lh {qB*phh5Lh {qB*phh5Lh {q0J>B*phh5Lh {q6B*]ph h'uh {q jh5Lh {qh5Lh {q0J>]h5Lh {q6]h h {q0J9 hy>h {q jh3h {qh {qhV-h {q0J>]!CaDaEaG-$ 8~  , Ph$Ifa$gd5Lkd%$$Ifֈ$ VD%**2 *F t*4ap<yt5LEaFaRaTaUaVa$ 8~  , Ph$Ifa$gd5L 8~  , Ph$Ifgd5LRaSaWaXaoapaqarasataaaaabbbb b b.b0bfbjblbbbbbbbbbbbcHclcpcc޾ާ~pg~~h>5OJQJhxh>56CJ$EHhxh>56h>OJQJhxh>6hxh>5 hxh> hy>h {qj9'h%zh {qB*Uph)jh%zh {qB*UmHnHphuh%zh {qB*phjh%zh {qB*Uphh {qjh {qUmHnHu'VaWataaaJbG?=75 h]h$a$gd {qkdt&$$Ifֈ$ VD%**2 *F t*4ap<yt5LJbbLcc dbddddd(eDeZe|eeeCfcfnfff-gHglggggd<) & F zgdA gd {q. ccccccc d dddd d"d&d*d,d.d2d6d:d@dHdJdLdRdTdVdXdZd`ddddde$e(eZeze|eeƿzvrnrnhA h {qhejm,hxh>Uj'hxh>UhVh>OJQJh>OJQJhxh>5hxh>6CJ$EHhxh>6 hxh> hxhxh<=hxehr%h<=h<=OJQJehr h<=hx6ehr)eeeeffBfCfbfcfuffffSgUg[gvgxg~ggggggggghhhh÷÷Ӧq^q%h<=h<=OJQJehr h<=h<=5ehrh<=h<=ehr(h<=h<=6CJ$EHehr h<=h<=6ehrhxh>6CJ$EHhxh>6hxh>5 hxh> h {qh<)h<) ht*s0J9ht*sht*s0J9ht*shA h8ghLhhh^iiijTjj$kjknkkk:lHlLl^lflhl $Ifgd7\ $]a$gd3 t]tgd3  \]\gd3.  ^hhLhrhhhhhhhiirjtj|j~jjjjjjjjjjjk k kkk"k$k,k.k4kƷ馜sg[gsghEEh>5OJQJhEEh>5OJQJ$hEEh<=0J:5ehrhEEh>5CJOJQJhEEh>5hEEh30J:5hEEh>0J:5 hxhhhehrhj,3hxh>Uh>OJQJhxh>6hEE hxh>h<=h>ehr#4k6k8kNkPkRkTkVkhkjklknkkkkkkkkkk llll.l0l6l:lHlJlLlXlZl\l^l`lȼȱzrh\h5Lh:x5OJQJh5Lh:x56h5Lh:x5 h:xh:xh5Lh7\5h5Lh7\56hxh>6hxh>5 hixh> hxh>j6hxh>UhEEh>5OJQJhEEh>5OJQJhEEh>0J:5$hEEh0J:5ehrhEEh>5CJOJQJ$`lbldljlllnlplrl~lllllllllllllllllllllllllllllllmmm m mmmmm m&m(m6m8mDmFmHmJmVmZmԮԮhxh>5hx h:xhI&h5LhI&5#h5Lh:x56ehrh5Lh7\5OJQJh5Lh7\56 h:xh7\h5Lh7\5h5Lh:x56h5Lh:x5:hljlllrlllllVPPPPP$Ifkd8$$Ifr")T3\:V2  t\:4ap2yt5L $Ifgd7\lllm m8mFm_YYYYY$Ifkd9$$Ifr")T3\:V2  t\:4ap2yt5LFmHmJm&nbnn.p_ZZXL= b xF2gdu HF2gdu gdxkdP:$$Ifr")T3\:V2  t\:4ap2yt5LZmmmbnzn|nnnnnnnnnnnnnnnnnnnnnnnno oooo*o,o.o4o8o@oBoDoNoPoRoToVobodojoloxozo|oooooooooooooooݹݹhu h>0J95PJ\hxh>CJ$hxh>5hu h>0J9PJh>OJQJhxh>6CJ$EHhxh>6hzJh/( hxh>Coooooooooooooop pppp"p,p.p0pppqqqq,q.q0q2qhxh>U%hu h(0J9PJehr%hu hzJ0J9PJehrj:hxhu Uhu h>0J9PJh>OJQJhxh>5hxh>CJ$hxh>6CJ$EHhxh>6 hxh>(.p2pppPqTq`qqqqqqqqqq$ 8~  , P$Ifa$gd5LgdxT7gdxT7. d]d $]a$gdzJqqqqqqqqqqqqqqqqqqqqqqqqqrrrrrrrrrɾأ晐挙qأcUjhxT7UmHnHuh5LhxT75B*\ph jhxT7hxT7UmHnHuh5LhxT75\hxT7h hxT70J9h5LhxT76]h5LhxT70J>B*ph jh5LhxT7B*phh5LhxT7B*phh5LhxT70J>B*]phh5LhxT76B*]ph jh5LhxT7 hxT7hxT7hxT7hxT70J>!qqkdB$$Ifִ \ (#%5\:  FvxF t\:    4apPyt5Lqrrr r"r$r&r(r 8~  , Ph$Ifgd5L$ 8~  , Ph$Ifa$gd5L$ 8~  , Ph$Ifa$gd5L(r*rkdC$$Ifִ \ (#%5\:  FvxF t\:    4apPyt5Lr*r@rBrbrnrprrrrrrrssssssssssssssstt ttttttt t*t,t.t8thOJQJhOJQJhxh6 hxhj{Eh%zhxT7B*Uph)jh%zhxT7B*UmHnHphuh%zhxT7B*phjh%zhxT7B*Uph h3hxT7hxT7+*rBrdrfrhrjrlr 8~  , P$Ifgd5LlrnrrrrG4/*gdgd$ 8~  , Pa$gdxT7kdD$$Ifֈ\ (#%5\:\ FvxF t\:4ap<yt5Lr6s|sss,tltu^uuuRvvww2wNwvwwwx!x & F zgd{Ggd{G & F zgdEgdE & F zgd*5gdxT7 ^gdgd gdVttttt uu0u2u\u^uuuRvvvvwww wwwNwbwdwnwrwwwwwwwwwwwwwww屨zrjh@X0J9PJh>OJQJhxh>5 hxhixhxhix6CJ$EHhxhix6hxh>CJ$EHh@Xh@X0J>hxh>6 hxh> hxT7h! h{G0J>hxh{G6h{Gh!h*5h1hEhxT7hxh6h hxh)ww x x xxx!x6x7xCxDxZx{x|xxxxxyyyyzz z$z(z0z2z4z>z@zBzDzNzbzdznz{ske hj0J>hjOJQJhOJQJh@Xhj0J>hxh5hxh6CJ$EHhxh6hj hxh hCh Kvh KvhC hhZ;IhZ;Ih h{Gh{GhEhxh{GCJ$EHh@Xh{G0J>hxh{G6h{Gh{G6h{Gh>&!x7xCxDxZx|xxxxxxxxy6yOyxyyyyyyzgd Kv & F zgdCgdCgd & F zgdZ;Igdgd{G & F zgd{GzPzz{T{{|||r}}}}L~~~~&2$ 8~  , P$Ifa$gd5Lgdogdo.gdF gdF dgdhO dgdhO]gd gdgdnzrzzzzzzzzzzz{{ {{{{ {({*{0{2{4{6{<{>{@{B{L{{{{{{{{|||| |||zh@XhW#0J>hOJQJhxh6CJ$EH hW#0J>hxh5h@Xhj0J>hxh6hjh5B*phhEhj0J>B*ph hj0J>hjh6B*phhjhB*ph hxhhxhCJ$EH+||0|2|<|@|||}p}r}}}}}}}}}}}}}*~J~L~N~b~d~l~n~~~~~~~~~~ļĴļęļĴ}rkgho h'uhohVh>OJQJhhOOJQJh(hhO0J9PJhhO6CJ$EHhxh>6h*$OJQJh(h>0J9PJhhO0J9PJhxh>5 hxh> hxh}3hxhCJ$EH hW#0J>hxh6 hxhjh UmHnHu'~~~~~~$&.024<>@BDZ\^`|~Ѽѵ뫤뫤{m_T{mmh5LhoB*ph jh5LhoB*phh5Lho6B*]phh5Lho0J9B*phhho0J>hho0J>h5Lho6] hX_|ho jh5Lho h'uhoh7 ho0J9 jh ho0J9h ho0J9 hy>ho jh3hoho ho0J>]hy>ho6]2@D\`~$ 8~  , P$Ifa$gd5L/ 8~  , Ph$Ifgd5Lkd F$$If֞ .X 28v* t84apFyt5L 8~  , Ph$Ifgd5L$ 8~  , Ph$Ifa$gd5L:RTVrfx}vrjbWjrSKSD hNhNh~h~6h~h(hN0J9PJhNOJQJhN0J9PJhN hvhojGh%zhoB*Uph)jh%zhoB*UmHnHphuh%zhoB*phjh%zhoB*Uphhoh5Lho6]jhoUmHnHuh5LhoB*phh5Lho5B*\phh5Lho0J>B*ph/'"gd<$a$gdokdF$$If֞ .X 28v* t84apFyt5L:t< *d$Ngdl?[gd< & F gd# & Fgd#  & Fgd# gd# gd#  zgdN & F zgdNgdN $&(*2:NPTV`fhjlpv~ "$|Ą ,0BFThpZhpZPJhpZh72PJ hhPJhpZh72h8hl?[h!h# 5\h!h# 0J>h:h# 0J9 hl?[0J9h# OJQJh!h# 6]h# h!h#  & F!gd< ! \ gdzgdzgd<gd< & F zgddH & F zgdhgdh & F zgdpZÆĆņɆʆˆφІцӆԆֆ׆؆܆݆ކ!"(3:;>?ESVabdjknoqwҿҿҿҿҳҳhu7h Qo6 h Qoh Qoh Qoh Qo5h Qoh Qoh Qo6CJ$EHh Qoh Qo6h<h QoOJQJh(h<0J9PJhxh<5 hxh< jhzh!hz5\ hz5 h!hzh!hz6]4ƇLJȇʇˇ͇̇ч҇Ӈׇ؇ه݇އ߇ "$&02468<rt ԻԻԲۣԲۣԲԣԻhph<0J>h<OJQJ h<6]hzh<0J9 jh!h<h!h<5\ hz5 h!h<h!h<6] h!hzhvyh<hu7h Qo6h Qo; (2BNRTVfhjl>@NPTVh֊؊>JLNdtxƿhxh>CJ$hF hxhFhxh>:hxh>5h(h>0J9PJh5hxh>6 hxh>hvyhvyhvy6 jh!h<h<OJQJh!h<6] h!h<hph<0J9PJ1jx؋*z<<Hgdu7! xf!&8]8gd   gdu7gdu7gdu7gdu7  Jgd?  gd5؋*6:<>@BDHJLNPTVX`bz|ǹ좛hxhu76 hxhu7hDBhxhvy5 hxhvyhxhvy6 hvy0J>h5h50J>h5h50J>6OJQJh5h50J>6h5h5OJQJh>OJQJhxh>6 hxh>h5h5h>50ތ"$*,:LNPVX\bfhnptvxz|εun hxhvyhxhvy6:h*hxhu76hDBhu7B*OJQJphhDBhu756B*phhDBhu75B*phhDBhu7B*phhDBhvy56B*phhDBhvy5B*phh(hu70J9PJ hxhu7hxhu756hxhu75+čƍ΍Ѝԍ؍ڍ܍ލ  $&(*,.068:PRTVZ\`fhlprv~ƎȎ߻hDBhu7B*phhDB hxh hxh 6:hxhu7:hxhu76:hu7OJQJhxhu76h hxhu75 hxhu7 h 6AȎʎ̎ΎЎҎԎ֎؎ڎ܎6<HTV\^lʏ̏Ώҏԏڏ܏󶯨ynyh;hhu7OJQJh;hh;h0J:5h;hhu7:h;hhu75h;hhu70J:5 h;hhu7hDB hxhu7 h!>}hu7h!>}hu7CJhDBhu75B*phhDBhu7B*OJQJphhDBhu7B*phhDBhu7B*CJphhDBhu76B*ph+H J*B’ؒڒޒDgd*$gd*$gd:.gd:gd:gd: ]^gdGe gdu7gd# xgdu7 N gd gdu7 JRTZ^jxz~ȐʐΐҐڐܐސ"$&*,28:<>BJNPRTVZ\`ǼҖh;h6CJ$EHhxh;h6 hxh;hh*hVhu7OJQJhu7OJQJhxhu75h# hxhu7hxhu7CJ$EHhxhu76CJ$EHhxhu76h;hhDB h;hhu7h;hhu70J:54`bhptz|~đƑȑʑΑБԑ֑ޑ  (,246<\bƱh*hu7B*CJ$ph h*hu76B*CJ$EHphh*hu76B*phhu7OJQJhGehDBh*hxhu76CJ$EHhxhu76hVhu7OJQJhxhu75 hxhu79’ڒܒ0BDVX˺ح˺ؙvohdhZhPhZh*$h*$5\h*$h*$6]h*$ h*$h*$ h*$h}3hxh:CJjKhxh:Uh:jUHhxh:U hxh:h*hu75B*phh*hu7B*CJ$ph h*hu76B*CJ$EHphh*hu76B*phh*hu7B*phh*hu7B*CJphh*hu7B*OJQJphΓГ "$&(:@Flnz|~T`p~ȕʕ̕ΕЕ֕67OTUuy𳬨h*h*5h)fh)f6]h)fh* h)fh)fh)fh*$6] jh*$h*$h*$OJQJhGeh*$0J9h*$h*$6]h*$h*$h*$5\ h*$h*$h*$h*$0J>7H~ȕ7UՖ~Θ0 & F zgdX" & Fgd)f & Fgd)fgd)fgd)f & Fgd)f & Fgd)fgd*$ & Fgd)fÖĖŖɖʖ͖ΖҖӖ֖ݖ "$%&(), .0v|~䶲h)fhX"6] h)fPJh# h# 0J>h)fOJQJ h ?0J>hGeh)f6h)fh)f5\h*h*5h)fh)f6] h)fh)fh)fh)f0J9PJ=BDHLhlvx|FHPbdhltvx}skh>OJQJhxh>:CJhxh>5hxh>CJ$EHhxh>6CJ$EHhxh>6 hxh> h)fh)f hX"hX"h)fhX"0J9PJhX" hX"0J>h)fhX"6]hX"OJQJhX"hX"6 hX"5\h)fhX"5\ h)fhX")0~TК*28|ڜ$If]gdTP$If]gdTPgd=^.dh]d (h](^h h^hh^hΚ &(*BDFJPRVʛ̛幨rk hL;hR#hsChR#0J9B*PJphhsChR#B*OJQJphhsChR#5B*phhsChR#B*ph hsChR#6B*CJ$EHphhsChR#6B*phhxh>CJ$EHhxh>6CJ$EHhxh>6hxh>EH hxh>hVh>OJQJ*̛Лқ֛؛2468FH|~·찬znzz_zznzhTPh=^CJ,OJQJaJ,hTPh=^5CJ4aJ4hTPh=^CJ4aJ4hTPh=^CJ4EHaJ4hTPh=^6CJ4EHaJ4hTPh=^6CJ4aJ4h=^ hxh=^jRhxh=^Ujh:esUmHnHuhxh>EHh(h>0J9PJhxh>5 hxh>hxh>6CJ$EH"؜ܜޜ "$&,RTVXZfhlnprtƝʝΝНε覗εεhTPh=^CJ4OJQJaJ4hTPh=^CJ,OJQJaJ,hTPh=^CJ4EHaJ4hTPh=^5CJ4aJ4hTPh=^6CJ4EHaJ4hTPh=^6CJ4aJ4hTPh=^CJ4aJ4hTPh=^0J9CJ4aJ4;ڜܜ2PR$If]gdTP$If]gdTP`kdMZ$$IfP4F !+8\!x      4 Paf4RTv$If]gdTP$If]gdTP`kdZ$$IfP4F !+8\!x      4 Paf4$If]gdTP$If]gdTP`kd%[$$IfP4F !+8\!x      4 Paf4Н,FHJLZ^`b$&(*,.0268<>FHtv跳ynh.h.0J9PJh.h.OJQJh.h.5 h.h.h.h.6CJ$EHh.h.6h.hsChNhh=^jw\hxhTPUhTPh=^6CJ4EHaJ4hTPh=^6CJ4aJ4hTPh=^5CJ4aJ4hTPh=^CJ4aJ4hTPh=^0J9CJ4aJ4)JL\$If]gdTP$If]gdTP`kd[$$IfP4F !+8\!x      4 Paf4\^bHvDؠ>֡{{{gd*` & F zgd.gdsCgd*`$a$gd=^`kd[$$IfP4F !+8\!x      4 Paf4 vz~ğƟʟڟޟ$(<>BDNżŒͮwqg_WShNhhNhhsw6hswhsw6h2hswH*aJ@ hsw0J>h2hsw6hlShswCJ0aJ0hswh. hlS0J>hlShlSCJ0aJ0hlSh2CJ0aJ0h2h2h2H*aJ@h2h20J>h2h26hlS hlShlSCJ8OJQJ^JaJ8hlSCJ8OJQJ^JaJ8 hNhhlShNhhlS6 NRdfhxz|-15<=>?@BEH}~ôí{pldhNhhNh5hNhhO^h*`0J9PJhO^h*`0J> jhO^h*`hO^h*`5\hO^h*`6]hR0 hO^h*` hNhhlShQAhNhB*OJQJphhQAhNhB*phhQAhNhH*aJ@h2hNhH*aJ@ hNh0J>h2hNh6 hNhhNhhNhhNh6'֡I"D\t%uݤgdQA & F+gdD>gdD> & F+gd!}gd!}gd{ gdA6.gdWy ^gd*` & F+gd*`D[\tߣ$)*,uݤ<=CĽדױדς{whBw hO^hBw h!}hQA jhO^h{ hO^h{ 6]h.h!}6CJ$EHh.h!}6hD>hqh!} hO^h!} h{ hQAhihQAhswh{ hO^h{ hxhWyCJh*`hO^h*`6] hO^h*`,=PaoȥɥBbĦ$AUgd_q $ xa$gduj) xgduj)gduj)gduj)gduj) & F+gdBwgdBwgdBw & F+gdQAǥȥ;<ABJPRSabĦΦ#$%<=>?@AOz¾{tlchYxh_qCJhxh_q5 hxh_qh?Njchuj)Ujhuj)UmHnHujhuj)Uhxhuj)6 hxhuj)huj) hxh}3 h}3h}3h}3h)4K5\fHq #hxh)4K5\fHq hO^h hhhhBw hBwhBw%Uħŧ̧ѧk\Mx$If]gd_qdx$If]dgd_q`kdgd$$IfP4F'7H    4 Pahf4 x$If]xgd_q $If]gd_q d$If]dgd_qgd_qgd_qçħŧ˧̧Чѧקݧާߧ  !"#./:?@HINO[^_gjlyz{hpehO0J9hOhO0J9 hxhOh5LhOB*phhA6 hBQh?Nhpeh_q0J9PJh_qhVh_qOJQJhpeh_q0J9 h_q6 hxh_qhxh_q6<ѧߧuh x$If]xgd_q $If]gd_q d$If]dgd_q`kdd$$IfP4F'7H    4 Pahf4xx$If]xgd_q"w x$If]xgd_q $If]gd_q d$If]dgd_q`kdee$$IfP4F'7H    4 Pahf4"#/@Hw x$If]xgd_q $If]gd_q d$If]dgd_q`kde$$IfP4F'7H    4 Pahf4HIO_kw x$If]xgd_q $If]gd_q d$If]dgd_q`kdGf$$IfP4F'7H    4 Pahf4klz{ $Ifgd gdA6`kdf$$IfP4F'7H    4 Pahf4èĨШڨܨ !#$&(+./2578;=@BEFILMO[eտh5Lhzx5h5Lhk@r5 hh()h()h5Lh()5h5Lh()5B*phhBQ hBQhBQhzx hxhh hxhO hh hhOhOhO0J9h5LhOB*phhpehO0J9/H??66 $Ifgd $Ifgdpekd)g$$Ifl\xO&'2   t0644 lap(yt5LĨϨШۨH??66 $Ifgd $Ifgdpekdg$$Ifl\xO&'2   t0644 lap(yt5LۨܨH??66 $Ifgd $Ifgdpekdh$$Ifl\xO&'2   t0644 lap(yt5L!$'HC6666 $Ifgd5LK$gdBQkdEi$$Ifl\xO&'2   t0644 lap(yt5L'(+/34H;;;; $Ifgd5LK$kdi$IfK$L$l\E E0000F0J t044 lap(yt5L458<=AH;;;; $Ifgd5LK$kdj$IfK$L$l\E E00000F00J0 t044 lap(yt5LABEFJKH;;;; $Ifgd5LK$kdk$IfK$L$l\E E00000000F000J000 t044 lap(yt5LKLMNOZH==== $Ifgd5Lkd7m$IfK$L$l\E E000000F00J0 t044 lap(yt5LZ[ijkl83gdBQ^kdn$$Ifl0c7  t44 lapyt5L $Ifgd5L^kd9n$$Ifl0c7  t44 lapyt5Lehik)*ABRSWXefuwŪʪͪڪηέηηΠyjhxIhQ0J>6B*ph jhxIhQB*phhxIhQ5B*\phhxIhQB*phhxIhQ0J9B*phh>&hQ5\h>&hQ0J9h>&hQ6]hQ h>&hQ hBQhCy8h()hCy8 hh()h5Lh()5h5Lh()5B*ph)lé*Rwڪ <kܫgdv8gd7'PgdA6!^gdA6gdA6$a$gdQ^gdQ & FgdQgdQgdQ & FgdCy8gdCy8 & FgdBQgdBQ .;CDFGJ[\hikr«ܫĴ䭦zsghVhA66OJQJ hv8hA6hv8hA65hxhA65hvhA60J9 hm!hA6hxhA66hA6 hxhA6 h>&hQjoh%zhQB*Uph)jh%zhQB*UmHnHphuh%zhQB*phjh%zhQB*UphhxIhQB*ph' &(*4HJLfhԬ֬,.02ٸْْwe#hYh&.o56ehrhRBh&.o6h&.ohxh&.o6 hxh&.ohA6%h9hA6OJQJehrhxhA6ehr hxhA66ehrhxhA66hxhA6: hxhA6hVhA66OJQJhVhA6OJQJh0ThA60J9"P֬ p® p/pdpppp&qYq & Fgd|gd|gdx=gduj) & FgdA6gdA6 & Fgdx=gd&.o -|]|gd&.ogdA6  <gdA62468:<FHTfhvx|~ȭʭ̭έﴬ~niie^V^V^MF hvhh&.ohvhh&.oaJ@hCuh&.o6 hCuh&.oh&.o h&.o5hCuh&.o56B*]phhCuh&.o5B*phhRBh&.o5B*aJ@phhRBh&.o5hxh&.o56hxh&.o5#hYh&.o56ehr*hCuh&.o0J>B*ehphr%hYh&.oOJQJehr hYh&.o5ehr "$&.02468<>@BDFH\^`hjlp®ƮήԈ|ul|hdhdhhx=hr h0Thr 0J9 hxhr hr hr 6hqlhuj) jhCuh&.oB*phhCuh&.o6B*phhCuh&.oB*ph jhCuh&.oB*phh&.oh`h&.o5h`h&.o6 h`h&.o hxh&.ohRBh&.o6B*ph hvhh&.ohvhh&.o6]' ppp.p/p6pcppppppppqqq%q&q+q0q1qXqYqcqdqeqiqoqpq{q|q{qhhw[6] hhQhL hQ0J9hQhh|NH hh| hhL hL hL 0J9hL hL 0J9h|hi y hhw[Uh:qh:qh:q6hahx=hr hr hr 0J>6hr hr OJQJhr hr 6) their methods Expressing sets of statements. SDSI / SPKI uses tags to define sets of statements A tag is a regular expression, that is, a set of strings The object interprets a string as a set of statements Read(*.doc) = reads of files named *.doc < 5000 = purchase orders less than $5000 Also can express unions and intersections of sets Read(*.doc) and < 5000 Expressive T allows bigger objects: a single permission for all .doc files Transitivity: Intersecting Sets If A T B and B U C then A T(U C Why? A T B a" (A says s) ( (s ( T) implies (B says s) B U C a" (B says s) ( (s ( U) implies (C says s) How to implement set intersection ? Might be able to simplify the expression Always can test s against both T and U Pragmatics Authorization must be set up later checked for correctness changed as life goes on This works best when the authorization data is small and simple But, want to authorize the least privilege needed to get the job done Conflict. Who wins? Keeping Authorization Simple ACLs on large sets of resources Big subtrees of the file system Large sets of web sites Usually for groups, principals that have some property, such as Microsoft employee or type-safe or safe for scripting IMPLEMENTATION  Process Credentials Make a node-to-node channel C = des(Ksr) using shared key encryption. Establishing Ksr yields C Kn. The OS multiplexes this single channel among processes. The OS issues credentials for the subchannels C | pr. More multiplexing lets a process speak for several principals.  API for Authentication Prin represents principals, with a subtype Auth for that a process can speak for AID is an Auth identifier, a byte string Authenticating messages GetChan(dest:Address): Chan; GetAID(p:Auth): AID; Send(dest:Chan; m:Msg); Receive(): (Chan, Msg); GetPrin(c:Chan; aid:AID): Prin; RPC marshals an Auth parameter and unmarshals an aid automatically, thus hiding all these procedures API for Authentication (2) Authorization Check(acl:ACL; p:Prin): BOOL Managing principals Inheritance(): ARRAY OF Auth; Login (name, password: TEXT): Auth; AdoptRole(a:Auth; role:TEXT): Auth; Offer (a:Auth; b:Prin): Auth; Claim(b:Auth; meld:Prin): Auth; Discard(a:Auth; all:BOOL); API for Melding Offer (a:Auth; b:Prin): Auth; Claim(b:Auth; meld :Prin): Auth;  Implementation Internals  Secure Channel, Authority Managers The secure channel manager creates process-to-process secure channels. TYPE ChanID = { nk:KeyDigest; pr:INT; addr:Address }; GetChanID(ch:Chan): ChanID; PTagFromChan(c:ChanID): PTag; The authority manager associates Auths with processes and handles authentication requests. TYPE PrinID = { ch:ChanID; aid:AID }; Delegate(a:Auth; ptag:PTag); PurgePTag(ptag: PTag); Credentials Manager Maintains credentials for local processes and validates certificates from other nodes. TYPE Cred = TEXT, CredT = ...; New(name, password: TEXT): CredT; AdoptRole(t:CredT; role: TEXT): CredT; Sign(t:CredT; p:PrinID): Cred; Validate(cr:Cred; p:PrinID): TEXT; Extract(cr:Cred): Cred; SignMeld(t:CredT; cr:Cred): Cred; ClaimMeld(t:CredT; cr:Cred): CredT; Certification Library Establishes a trusted mapping between principal names and keys, and between groups and their members. CheckKey(name:TEXT; k:Key): BOOL; IsMember(name, group: TEXT): BOOL; CheckImage(d:Digest; prog, cert: TEXT);  Interfaces to Authentication There are two styles: Implicit in communication Authenticate at connection establishment; a client can find out the principal that the connection speaks for. Authenticate as part of a remote procedure call; the procedure can find the principal the caller speaks for. Explicit Pass the sending principal explicitly in every message. More flexible: can pass more than one principal. Either way abstracts authentication protocol details. The interface just tell you the authenticated principal. Implementing Authentication: Push vs. Pull Two ways for receiver B to authenticate sender A: Push credentials: sender to receiver (Windows SIDs): A sends B credentials of channel C: proof that C A. Pull credentials: receiver from sender (ACLs, Taos): A just sends to B on C. B calls back to A to get credentials. B may cache them Variations A pushes part of the credentials, and B pulls the rest. B gets part of the credentials from A, stores part himself, and gets part from network services. Pull Authentication: Example Process pr sends on C | pr; OS multiplexes C. Receivers auth agent asks for C | pr credentials.  Abbreviations Extend pull to names: Sender has some long names for principals Choose a short (integer, byte string) abbreviation for each name AID is an example Send the short name; if receiver doesnt know its definition, it calls back to pull it over Short names must not be reused Receiver can discard its short name cache anytime It will be refreshed by pull if needed Example: Details  The Example Reviewed Kws says Kn Kws as Taosnode credentials Kbwl says Kn (Kws as Taos) for Kbwl login session Kn says C Knchannel C says C | pr (Kws as Taos as Accounting) for Kbwl process C | pr says read file foorequest Bytes vs. Secure Data Can choose the the flow and storage of encrypted bytes optimize simplicity performance availability. Public key = off-line broadcast channel. Write certificate on a tightly secured offline system Store it in untrusted system; anyone can verify it. Certificates are secure answers to pre-determined queries, (for example, What is Alices key?) not magic. Its the same to query an on-line secure database (say Kerberos KDC) over a secure channel Caching Secure Data Caching can greatly improve performance It doesnt affect security or availability as long as theres always a way to reload the cache if gets cleared or invalidated Auditing Checking access: Given a request Q says read O an ACL P may read/write O Check that Q speaks for P Q P rights are enough read/write e" read Auditing Each step is justified by a signed statement, or a rule Implement: Tools and Assurance Services  tools for implementation Authentication Who said it? Authorization Who is trusted? Auditing What happened? Trusted computing base Keep it small and simple Validate each component carefully The  Speaks for Relation Principal A speaks for B about T A T B If A says something in set T, B does too: Thus, A is stronger than B, or responsible for B, about T Precisely: (A says s) ( (s ( T) implies (B says s) These are the links in the chain of responsibility Examples Alice Atom group of people Key #7438 Alice key for Alice Chain of responsibility Alice at Intel, working on Atom, connects to Spectra, Atom s web page, with SSL Chain of responsibility: KSSL ( Ktemp ( KAlice ( Alice@Intel ( Atom@Microsoft ( Spectra  SHAPE \* MERGEFORMAT  References Look at my web page for these: research.microsoft.com/lampson Computer security in the real world. At ACSAC 2000. A shorter version is in IEEE Computer, June 2004 Authentication in distributed systems: Theory and practice. ACM Trans. Computer Sys. 10, 4 (Nov. 1992) Authentication in the Taos operating system. ACM Trans. Computer Systems 12, 1 (Feb. 1994) SDSIA Simple Distributed Security Infrastructure, Butler W. Lampson and Ronald L. Rivest. References Jon Howell and David Kotz. End-to-end authorization. In Proc. OSDI 2000 Paul England et al. A Trusted Open Platform, IEEE Computer, July 2003 Ross Andersonwww.cl.cam.ac.uk/users/rja14 Bruce SchneierSecrets and Lies Kevin MitnickThe Art of Deception      Security in Distributed Systems B. W. Lampson 4 January 2005 Reference monitor Object Do operation Resource Principal Guard Request Source Audit log Authentication Authorization Reference monitor Object Do operation Resource Principal Guard Request Source Audit log Authentication Authorization says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Yqpqqqqh5 h56h5h50J>h5h5OJQJh5h56 h5h5h)4K hEEhx=hL hQ0J9hhQNH hhQ hhw[hQ hQhQ$0r2r4r6r8r:rh5hy%OJQJ h5hy%h5hy%6hy%h)4Khy%hy%6B*phhy%hy%B*ph" jhy%hy%0J>6B*phhy%hy%0J>B*ph)rrrrrrrrrrrrrrrrrrrrrrrrsss sPsRsssssssstAtBtYtZttttttttt u uu깱 hahah@hh@hB*phha h)gh@hh@hh?N hy%h)gh)gh)g6h)g jhy%hEwNhy%6 jhy%h`hy%6h`hy%5 h`hy%hy% hy%6 h5hy% hy%0J>4uu4uluxu~uuuuuuuuuvTvVv\vbvdvfvjvlvvvvvvvvvvvXwZwɻwoco[och-&OJQJhxh-&6CJ$EHhxh-&6 hh-&6B*CJ$EHphhh-&:B*phhh-&B*phhh-&6B*ph hxh-& h-&h-&jhUmHnHu he0he0johxhe0UhUh?Nhxh?N6] hxh?Nh:qhah@h"u4uTuluuuuvvvXw"x&x=xxxxxyy6yEgdjhEgd-&gdUgd ~.gd-&gd-& gd-&]gd-&gd-&gde0gdU & FgdagdaZwwwwwww"x$x%x&x=xAxYx^xhxlxmxxxxxxxxxxVy|uh^hVIhe0hjh0JDCJ8aJ8he0hjh5he00JDCJ8aJ8he0hU0JDCJ8aJ8 he0hUhe0he00JDCJ@aJ@heheaJ@heh ~aJ@he0h ~0JDCJ8aJ8hU hxh-&jvhxhUjhUmHnHuh-&CJ8aJ8hh-&B*CJ8aJ8ph hh-&6B*CJ8aJ8phh87h-&CJ8aJ86yVyyyyzz4zYz~zzzzz{({+{D{F{j{{{gdfCgd ;Pgd4#4gd ;P$a$gd ;Pgd.gd.gd-&gd#gd#gde0EgdjhVyfyjy}y~yyyyyyyyyyyyyyzz4z:z~zzzzzz{{({){*{+{D{E{F{µ¨žštpla]h8jhw,h4#4Uh ;PhEjQ~hw,h ;PUjh.UmHnHuh#h.0JDCJ8aJ8h.h9&0JDCJ8aJ8h#h 0JDCJ8aJ8h#hgU0JDCJ8aJ8h#hjh0JDCJ8aJ8h#hjh5h#h#5h#he0h-NHhe0h-0JDCJ@aJ@ he0h-$F{T{U{g{h{i{j{k{o{{{{{{{$|%|&|*|;|G|K|||||||||||||||| }}:}ǺǺԘǺ}ohhdh  h?Th jh-&UmHnHu h4#4h4#4hfC0JDCJ8aJ8h9&0JDCJ8aJ8!jhIh 0JDCJ,UaJ,h ;Ph|0JDCJ8aJ8hfCh4#4h4#40JDCJ8aJ8hIh4#40JDCJ,aJ,h?Th-&h|5 h?Th|jh+ UmHnHuh4#4 h?Th4#4'{|$|%||||||M}N}m}}}}}~9~]~u~~~~#Kgd gd gd gd ;Pgd4#4gdfC:}?}L}M}N}R}Z}^}`}d}k}m}n}}}}}}}~~>~B~]~^~m~n~t~u~~~~~KɼӮӡӡӡӗӗӉyunah hI0JDCJ8aJ8 h?Th h|h?Th NH h?Th jh-&UmHnHuh9&0JDCJ8aJ8hIhI0JDCJ,aJ,jh9&UmHnHuh h0JDCJ8aJ8h0JDCJ8aJ8h h 0JDCJ8aJ8hIh 0JDCJ,aJ,h h?T h?Th|h !KLM79qÁŁ́΁ׁ.02468@HJ`bv~侷ͲͥͲ侕ͲͥͲ hLi6hxh+:6h>OJQJhm3h>6B*ph hm36 hxh+:hseh+:ehrhxh>6h8 hxhh hxh> hEh8jh UmHnHu8KMju~V@Lb҃Jg ]gd*b gd+: ^  ]gd+:gdEʂ̂Ԃւ܂ނ&(*4>bd҃ԃ Jgoq{|DŽȄɄʄ؄kƅDž|~jhxhdTUhdT hxhdT h:sh(Wh(WhLihrch:sj hxh`SUh87 h*b6 h`S6h`Sh`S6 h`Sh>h*b hxh>hxh>6;Ȅʄ؄YkDž0~Ά,$If]gddT$If]gddT.gddTgddT & Fgd(Wgd(W & Fgdrc & Fgd:sgdLi`]`.gd87]ΆІԆֆ؆*.06:BDFHJLNRTVZ\`bjntvx~ɾɾ־־ɾ־־ɾhTPhdTCJ4OJQJaJ4hTPhdT0J9CJ4aJ4hTPhdTCJ,OJQJaJ,hTPhdT5CJ4aJ4hTPhdTCJ4aJ4hTPhdTCJ4EHaJ4hTPhdT6CJ4EHaJ4hTPhdT6CJ4aJ4 hdTh>hxhdTCJ5,.$If]gddT$If]gddT`kd$$IfP4F !+8\!x      4 Paf4ȇڇ܇$If]gddT$If]gddT`kdT$$IfP4F !+8\!x      4 Paf4‡ćƇև؇އ  !"%2368?LMNOVXYZoqȈ̿ h ehU= hhh ehxh>CJjhxhdTUhTPhdT0J9CJ4aJ4hTPhdT5CJ4aJ4hTPhdTCJ4EHaJ4hTPhdT6CJ4EHaJ4hTPhdT6CJ4aJ4hTPhdTCJ,OJQJaJ,hTPhdTCJ4aJ41܇އ'01$If]gddT$If]gddT`kd$$IfP4F !+8\!x      4 Paf412NOW$If]gddT$If]gddT`kd,$$IfP4F !+8\!x      4 Paf4WXZqɈ׈8nۉ6K~~vqgd-; & FgdU= & Fgda & Fgd egdU=gdU=.`kd$$IfP4F !+8\!x      4 Paf4 ȈɈ789?^m~Ήω؉ډۉ  56IKSrstwӊ $%ʱhxh>5hVh>6OJQJ hxh>hLi5\fHq #hxhLi5\fHq h-;h-; h-;hU= hh-;hh-;ha hahU= haha h ehU= h eh e2KtI Tfʌ،^ҍ4fgd| gd|`]` ^   < & FgdU=gdU=%*+56;FGTUabcd0DJR(\^zҍJdj"$&ɺɠ✘}uhRBh|6h|hxh|6h|OJQJ hxh|h>h-; hxh*b%h*bh*bOJQJehrhseh*behr hseh*b6ehrhxh>6 hxh>hVh>6OJQJhVh>OJQJ,&(*,.02<>J\^lnrtv~ďɸ{ncn\S\I\hvhh|6]hvhh|aJ@ hvhh|h(h|B*phh(h|6B*phh| h|5hRBh|56]hRBh|5B*aJ@phhRBh|5hxh|56hxh|5!hRBh|0J>ehr%hYh|OJQJehr hYh|5ehr#hYh|56ehrf̐ސX.qג<[fgdzWxgdzWgd)4Kgd,$a$gd|gd|  xgd|gd| gd|gd| -|]|gd|$&(*,.2468:<>RTV^`bfʐ̐ސ *,.0:<JLVXǸDZǸǪǙǙhy,h|6hx7h|6] hx7h|h|OJQJhx7h|0J9 h3hSh| jh|hEwNh|6 jh|h|h`h|5h`h|6 h`h| hxh|hRBh|6B*phhvhh|6]/XƑʑ./034567;<=>?DEFGHITUVWeghipqrڵ礗礗ڃzrrjh|Uhch|0J9 h|0J9 jh1fh|B*phhxh|6H*]aJ0hxh|6] h|6]h Xh|5B*phhuf h|0J9B*phhuf h|B*phh|hxh|0J9 hxh|h"~h|0J9aJ8 hAh|,֒ג#0;x{Гӓ2[fڔ׿xqx hzW6]hW9hzW6] hW9hzWhzWhW9hW95\ hN6]hNhW96hehW9hW96]hN hW9hN hW9hW9hW9hW90J9hW9hU=h)4K h$ih|jh|Ujr!h|Ujh|UmHnHu)ڔ۔ /?Nbcdefghjkmnpqsɕҹulh]hh fh9&B*phh9&hxh9&CJjhxh9&CJU h9&CJhxh9&CJhMjhMU hxh>jh.UmHnHu hxh, hW9h5hh56h5h56] h5h5h5hW9he hW9hehW9he6]hehe6]# @cdegijlmoprsǕɕʕ5$a$gd}5gd f1$ T)5Hdx1$]Hgd,gd5gd)4Kʕѕҕ֕ו)*89KMNUV5$a$gd]5gd]5gd}()*789MNUVZ[efopz{h$h9&B*CJ"ph=h$h9&B*CJ"phh$h9&B*CJ"phh$h9&CJ"h$h9&B*CJ"phh9&B*ph=h fh9&B*phh fh9&B*phh fh9&B*ph h}h9&h9& hVOh9&0VZ[efopz{–ÖĖŖʖ˖Жі5gd|c5gd]–ŖƖɖʖ˖ϖЖіՖ֖ז!"'()-.789BC揄r揄rgh|ch9&CJ)aJ0#h|ch9&CJ*OJQJX^JaJ0hch9&CJ$aJ h|ch9&CJ),h|ch9&B*CJ*OJQJX^JaJ0phh|ch9&56CJ*H*PJh|ch9&5CJ*h|ch9&CJ*OJQJX^Jh|ch9&5CJ*H*PJh9&h|ch9&CJ*h|ch9&5CJ*PJ(і֖ז()89CDJKRS6gd6|6]^gd6|6gd|c $xa$gd|c5gd|cCDIJKLQRSZ[^_aefghijmnostuyz{ƴvhXXNhch9&5CJhch9&CJOJQJX^Jhch9&5CJH*PJhch9&CJ.hch9&CJhch9&5CJPJ h|ch9&CJ*OJQJ^JaJ0h|ch9&CJ)OJQJ^J"h|ch9&5CJ*OJQJX^Jh|ch9&56CJ*H*PJh|ch9&5CJ*PJ#h|ch9&CJ*OJQJX^JaJ0h|ch9&CJ)h9&S_`afghinotuz{̗6gd$i $xa$gd$igd$i5gd$i6pp]p^pgd6|ŗƗ˗̗͗їҗۗܗݗm^hch9&CJOJQJ^J"hch9&5CJOJQJX^Jhch9&CJaJ0#hch9&CJOJQJX^JaJ0hch9&CJaJ hch9&CJ,hch9&B*CJOJQJX^JaJ0phhch9&CJOJQJX^Jhch9&56CJH*PJhch9&5CJhch9&5CJPJh9&#̗͗ܗݗ    23gd&5gd&gd$i6pp]p^pgd$i5gd$i6xgdc6gd$i     123GHIYZ[\`abcdiĻĭĝĻēēēĄmdhch9&CJ,hch9&B*CJOJQJX^JaJ0phhch9&56CJH*PJhch9&5CJhch9&CJOJQJX^Jhch9&5CJH*PJhch9&CJhch9&5CJPJh9&hch9&CJ.#hch9&CJOJQJX^JaJ0 hch9&CJOJQJ^JaJ0#3HIZ[abcdpq5gd%zgd&6pp]p^pgd&6xgd&6gd& $xa$gd&5gd&ijopquvֿ~ui`Wh%zh9&CJ2h%zh9&CJ!h%zh9&5CJ!PJhch9&CJ. hch9&CJOJQJ^JaJ0hch9&CJOJQJ^J"hch9&5CJOJQJX^Jhch9&56CJH*PJhch9&5CJPJhch9&CJaJ0h9&#hch9&CJOJQJX^JaJ0hch9&CJhch9&CJaJ ˜Ø֘ט$%/066xgd%z6gd%z $xa$gd%z5gd%zgd%z˜Ø՘֘ט¶¶Œ}Œ}¶s_H,h%zh9&B*CJ!OJQJX^JaJ0ph&h_5h9&56B*CJ!H*PJphh%zh9&5CJ!hh9&5B*CJ!ph hh9&5B*CJ!PJphh%zh9&CJ!h%zh9&CJ!OJQJX^Jh%zh9&5CJ!PJh9&(h_5h9&B*CJ!OJQJX^Jph&h&h9&56B*CJ!H*PJph h_5h9&5B*CJ!PJph #$%./05678=>?FGJKLMQRSֺpg[RhWh9&CJ#hWh9&5CJ#PJh%zh9&CJ2 h%zh9&CJ!OJQJ^JaJ0h%zh9&CJ OJQJ^J+h_5h9&5B*CJ!OJQJX^Jph&h_5h9&56B*CJ!H*PJph h_5h9&5B*CJ!PJphh%zh9&CJ aJ0h9&#h%zh9&CJ!OJQJX^JaJ0h%zh9&CJaJ h%zh9&CJ 67>?KLMRSTUZ[`afgz{gdW5gdWgd%z6pp]p^pgd%z5gd%zSTUVYZ[_`aefgyz{rcrh_5h9&B*CJaJ phh_5h9&B*CJ!ph,hWh9&B*CJ#OJQJX^JaJ0phhWh9&56CJ#H*PJhWh9&5CJ#hWh9&CJ# hWh9&5B*CJ#PJphhWh9&CJ#OJQJX^JhWh9&5CJ#H*PJhWh9&5CJ#PJh9&hWh9&CJ5șəәԙڙۙgdY@5gdY@gdW6pp]p^pgdW5gdW6xgdW6gdW $xa$gdWǙșəҙәԙٙڙۙܙܴܿ姿喂l]LChWh9&CJ5 hWh9&CJ#OJQJ^JaJ0hWh9&CJ!OJQJ^J+h_5h9&5B*CJ#OJQJX^Jph&h_5h9&56B*CJ#H*PJph h_5h9&5B*CJ#PJphhWh9&B*CJ!phhWh9&CJ!aJ0#hWh9&CJ#OJQJX^JaJ0hWh9&CJaJ hWh9&CJ!h9&,h_5h9&B*CJ#OJQJX^JaJ0ph   345EFGHLMNOPUV[Ͽ~qbqh_5h9&B*CJ aJ phh_5h9&B*CJ%ph,hY@h9&B*CJ'OJQJX^JaJ0phhY@h9&56CJ'H*PJhY@h9&5CJ' hh9&5B*CJ'PJphhY@h9&CJ'OJQJX^JhY@h9&5CJ'H*PJhY@h9&CJ;h9&hY@h9&CJ'hY@h9&5CJ'PJ!  45FGMNOP\]lmwx~6pp]p^pgdY@6xgdY@6gdY@ $xa$gdY@5gdY@[\]abklmvwx}~ܴܿ姿喂l]LChY@h9&CJ; hY@h9&CJ'OJQJ^JaJ0hY@h9&CJ%OJQJ^J+h_5h9&5B*CJ'OJQJX^Jph&h_5h9&56B*CJ'H*PJph h_5h9&5B*CJ'PJphhh9&B*CJ%phhY@h9&CJ%aJ0#hY@h9&CJ'OJQJX^JaJ0hY@h9&CJ aJ hY@h9&CJ%h9&,h_5h9&B*CJ'OJQJX^JaJ0phšÚؚٚ6gd=7D $xa$gd=7Dgd=7D5gd=7DgdY@šÚךؚٚͿ͖ͯͥͥͥrcrhxIh9&B*CJaJ phhxIh9&B*CJph,h=7Dh9&B*CJOJQJX^JaJ0phh=7Dh9&56CJH*PJh=7Dh9&5CJh=7Dh9&CJOJQJX^Jh=7Dh9&5CJH*PJh=7Dh9&5CJPJh=7Dh9&CJ"h9&h=7Dh9&CJ h=7Dh9&5B*CJPJph!!"#$)*+236789弱娖{iZI@h=7Dh9&CJ" h=7Dh9&CJOJQJ^JaJ0h=7Dh9&CJOJQJ^J"h=7Dh9&5CJOJQJX^Jh=7Dh9&56CJH*PJh=7Dh9&5CJPJ#h=7Dh9&CJOJQJX^JaJ0h=7Dh9&CJh=7Dh9&CJaJ0h=7Dh9&B*CJphhxIh9&B*CJaJ phhxIh9&B*CJphh9&,hxIh9&B*CJOJQJX^JaJ0ph"#*+789>?@AFGLMRSfg|}gdv5gdvgd=7D6pp]p^pgd=7D5gd=7D6xgd=7D9=>?@ABEFGKLMQRSefg{|}Ϳ͖ͯͥͥͥrcrhxIh9&B*CJaJ phhxIh9&B*CJ!ph,hvh9&B*CJ#OJQJX^JaJ0phhvh9&56CJ#H*PJhvh9&5CJ#hvh9&CJ#OJQJX^Jhvh9&5CJ#H*PJhvh9&5CJ#PJhvh9&CJ5h9&hvh9&CJ# h6h9&5B*CJ#PJph!ƛǛΛϛۛܛݛgdW5gdWgdv6pp]p^pgdv6xgdv6gdv $xa$gdv5gdvśƛǛț͛Λϛ֛כڛۛܛݛ弱娖{iZI@hvh9&CJ5 hvh9&CJ#OJQJ^JaJ0hvh9&CJ!OJQJ^J"hvh9&5CJ#OJQJX^Jhvh9&56CJ#H*PJhvh9&5CJ#PJ#hvh9&CJ#OJQJX^JaJ0hvh9&CJ!hvh9&CJ!aJ0h6h9&B*CJ!phhxIh9&B*CJaJ phhxIh9&B*CJ!phh9&,hxIh9&B*CJ#OJQJX^JaJ0phݛ()*1:;<=ABCDEJKϿ殿kbWhWh9&CJaJ hWh9&CJ,hWh9&B*CJOJQJX^JaJ0phhWh9&56CJH*PJ hxIh9&5B*CJPJphhWh9&5CJU hWh9&5B*CJPJphhWh9&CJOJQJX^JhWh9&5CJH*PJhWh9&CJ)h9&hWh9&CJhWh9&5CJPJ")*;<BCDEQRablmst{|6xgdW6gdW $xa$gdW5gdWAlices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL s Sign(K-1, s) } K says s K says s { Verify(K, s) s OK? says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL Reference monitor Object Do operation Resource Principal Guard Request Source Audit log Authentication Authorization says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL Offer says KSSL says says Alices smart card Alices login system Spectra web page Ktemp Alice@Intel Atom@Microsoft Microsoft Intel KAlice Spectra ACL KAlice KPQRVW`abklmrstuz{|ԮᗈviVA)hWh9&B*CJOJQJ^JaJ0ph%hWh9&B*CJOJQJ^JphhWh9&B*CJph"hWh9&5CJOJQJX^JhWh9&56CJH*PJhWh9&5CJPJhWh9&CJaJ0,hxIh9&B*CJOJQJX^JaJ0phhxIh9&B*CJaJ phhxIh9&B*CJphh9&#hWh9&CJOJQJX^JaJ0hWh9&CJ|6gd& $xa$gd&gd&5gd&gdW6pp]p^pgdWܾа܏ЅЅtЅehvh9&56CJ#H*PJ hsh9&5B*CJ#PJphhvh9&5CJ# h6h9&5B*CJ#PJphhvh9&CJ#OJQJX^Jhvh9&5CJ#H*PJhvh9&CJ5hvh9&CJ#hvh9&5CJ#PJh9&hWh9&CJ),hWh9&B*CJOJQJX^JaJ0ph  'ܿ岣܁ܿufTGh6h9&B*CJ!ph"hvh9&5CJ#OJQJX^Jhvh9&56CJ#H*PJhvh9&5CJ#PJhvh9&CJ!aJ0,hsh9&B*CJ#OJQJX^JaJ0phhsh9&B*CJaJ phhsh9&B*CJ!ph#hvh9&CJ#OJQJX^JaJ0hvh9&CJaJ hvh9&CJ!h9&,hvh9&B*CJ#OJQJX^JaJ0ph ,-.3456;<ABGH[\gduf 5gduf gd&6pp]p^pgd&5gd&6xgd&6gd&'(+,-.234567:;<@ABFGHZ[\pqrwwmmm^whch9&56CJH*PJhch9&5CJhch9&CJOJQJX^Jhch9&5CJH*PJhch9&CJ.hch9&CJhch9&5CJPJh9&hvh9&CJ5,h6h9&B*CJ#OJQJX^JaJ0ph)h6h9&B*CJ#OJQJ^JaJ0ph%h6h9&B*CJ!OJQJ^Jph!\qr $a$gd2Nrgduf 6pp]p^pgduf 6xgduf 6gduf $xa$gduf 5gduf ܴܿܿܿ娙xg^Th.h9&6aJ@hch9&CJ. hch9&CJOJQJ^JaJ0hch9&CJOJQJ^J"hch9&5CJOJQJX^Jhch9&56CJH*PJhch9&5CJPJhch9&CJaJ0#hch9&CJOJQJX^JaJ0hch9&CJaJ hch9&CJh9&,hch9&B*CJOJQJX^JaJ0ph 5gd {q $a$gd2Nrgd2Nr     !"#ԽԶԤԶԤԜԤԕԉwԉhY@h9&CJ;hY@h9&CJ'hY@h9&5CJ'PJ htmh9&h9&CJaJh.h9&6aJ@hpOh9&5 h9&6aJ@hpOh9&CJaJ h0qh9& h9&6h9& h9&H*aJ@hKh9&6aJ@ h9&aJ@ hbh9&CJ8OJQJ^JaJ8* !"'(-.34GH]^opvwxy6xgd {q6gd {q $xa$gd {q5gd {qgd {q#&'(,-.234FGH\]^nopquvwxy~ҮҮҮҟވ{l{U,h_5h9&B*CJ'OJQJX^JaJ0phh_5h9&B*CJ aJ phh_5h9&B*CJ%ph,hY@h9&B*CJ'OJQJX^JaJ0phhY@h9&56CJ'H*PJhY@h9&5CJ'hY@h9&CJ' hh9&5B*CJ'PJphhY@h9&5CJ'PJh9&hY@h9&CJ'OJQJX^JhY@h9&5CJ'H*PJ־֭tcZNEh%zh9&CJ!h%zh9&5CJ!PJhY@h9&CJ; hY@h9&CJ'OJQJ^JaJ0hY@h9&CJ%OJQJ^J+h_5h9&5B*CJ'OJQJX^Jph&h_5h9&56B*CJ'H*PJph h_5h9&5B*CJ'PJphhh9&B*CJ%phhY@h9&CJ%aJ0h9&#hY@h9&CJ'OJQJX^JaJ0hY@h9&CJ aJ hY@h9&CJ%gdxT75gdxT7gd {q6pp]p^pgd {q5gd {qιttjYE&h_5h9&56B*CJ!H*PJph h_5h9&5B*CJ!PJphh%zh9&5CJ!hh9&5B*CJ!ph hh9&5B*CJ!PJphh%zh9&CJ!h%zh9&CJ!OJQJX^Jh%zh9&5CJ!PJ(hxT7h9&B*CJ!OJQJX^Jph&hxT7h9&56B*CJ!H*PJph hxT7h9&5B*CJ!PJphh9&h%zh9&CJ2"#()*./89:CDEJKLMRST[\ǼǪǼǪǟǪzdUh%zh9&CJ OJQJ^J+h_5h9&5B*CJ!OJQJX^Jph&h_5h9&56B*CJ!H*PJph h_5h9&5B*CJ!PJphh%zh9&CJ aJ0#h%zh9&CJ!OJQJX^JaJ0h%zh9&CJaJ h%zh9&CJ ,h%zh9&B*CJ!OJQJX^JaJ0phh9&(h_5h9&B*CJ!OJQJX^Jph)*9:DEKLST`abghijopugdo5gdogdxT76pp]p^pgdxT75gdxT76xgdxT76gdxT7 $xa$gdxT7\_`abfghijknoptuvz{|пЭССССyСyСyСjhvh9&56CJ#H*PJhvh9&5CJ#hvh9&CJ#OJQJX^Jhvh9&5CJ#H*PJhvh9&5CJ#PJhvh9&CJ5hvh9&CJ# h6h9&5B*CJ#PJphh9&h%zh9&CJ2#h%zh9&CJ!OJQJX^JaJ0 h%zh9&CJ!OJQJ^JaJ0 uv{| 6pp]p^pgdo6xgdo6gdo $xa$gdo5gdo زز奚sdRChvh9&CJ!OJQJ^J"hvh9&5CJ#OJQJX^Jhvh9&56CJ#H*PJhvh9&5CJ#PJ#hvh9&CJ#OJQJX^JaJ0hvh9&CJ!hvh9&CJ!aJ0h6h9&B*CJ!ph,hxIh9&B*CJ#OJQJX^JaJ0phhxIh9&B*CJaJ phhxIh9&B*CJ!phh9&,hvh9&B*CJ#OJQJX^JaJ0ph       " # ' ( 2 3 < = G H M N O W X _ ` e f i j k y z {          кккккúккЭРРЇ~uЇhWh9&CJ)hWh9&CJhWh9&5CJPJh$h9&B*CJ"ph=h$h9&B*CJ"phh$h9&B*CJ"phh$h9&CJ"h$h9&B*CJ"phh9&hvh9&CJ5#hvh9&CJ#OJQJX^JaJ0 hvh9&CJ#OJQJ^JaJ0(      " # ' ( 2 3 < = G H N O W X _ ` j k z {   5$a$gduj)5gduj)gdo                       !!!6xgdQ6gdQ $xa$gdQgdQ5gdQ                               ޝwncnQ#hWh9&CJOJQJX^JaJ0hWh9&CJaJ hWh9&CJ,hWh9&B*CJOJQJX^JaJ0phhWh9&56CJH*PJ hxIh9&5B*CJPJphhWh9&5CJhWh9&CJhWh9&5CJPJ hWh9&5B*CJPJphh9&hWh9&CJOJQJX^JhWh9&5CJH*PJ   !!!!!!!!!!!! !'!(!+!ȿȿȖuhU@)hWh9&B*CJOJQJ^JaJ0ph%hWh9&B*CJOJQJ^JphhWh9&B*CJph"hWh9&5CJOJQJX^JhWh9&56CJH*PJhWh9&5CJPJ#hWh9&CJOJQJX^JaJ0hWh9&CJaJ0hWh9&CJh9&,hxIh9&B*CJOJQJX^JaJ0phhxIh9&B*CJaJ phhxIh9&B*CJph!!!!! !,!-!.!8!9!>!?!@!A!F!G!L!M!R!S!f!g!|!gd|5gd|gd.gdQ6pp]p^pgdQ5gdQ6xgdQ+!,!-!.!7!8!9!=!>!?!@!A!B!E!F!G!K!L!M!Q!R!S!e!f!g!{!|!}!!!!!!!!νܱܟܱܱܱܱwܱwܱwܱhhch9&56CJH*PJhch9&5CJhch9&CJOJQJX^Jhch9&5CJH*PJhch9&CJ.hch9&CJhch9&5CJPJ h.h9&CJ(OJQJ^JaJ(h9&CJ(OJQJ^JaJ(h9&hWh9&CJ),hWh9&B*CJOJQJX^JaJ0ph"|!}!!!!!!!!!!!!!!!!!!!!!! $xa$gdxgd|6pp]p^pgd|6xgd|6gd| $xa$gd|5gd|!!!!!!!!!!!!!!!!!!!!!!!!!!!!!ܴܿܿܿ娙xg^hch9&CJ. hch9&CJOJQJ^JaJ0hch9&CJOJQJ^J"hch9&5CJOJQJX^Jhch9&56CJH*PJhch9&5CJPJhch9&CJaJ0#hch9&CJOJQJX^JaJ0hch9&CJaJ hch9&CJh9&,hch9&B*CJOJQJX^JaJ0ph!!!!!!!ɲ hxh>hMh9&,hxh9&B*CJOJQJX^JaJ0ph6hxh9&6B*CJH*OJPJQJ]^JaJ ph3hxh9&6B*CJOJPJQJ]^JaJ ph!!!I 00hP&P0:pL;= /!"#$0%8 hDpn^~sk`4_<(@}HʛW=xC:V| z A nY3Fǟbٳg>x7w#ҽ~ Kޞ#88AIȑ#55^S U])d-Pd}[##ѯL`|,XT` _ߺB߹] fiiRf-)t^6uppM^|f{'ԿlY)+Rm AuY Y:SH{zI3纥nz0jr=)"BFwLWb<\t[D ԕ7da`L _Z!isޟD^^7npn?`v1$Al< J?/-*pwITrBCwjȡ/i"R)"B9"DWPN<ϸY\[[[:1Pzn~H|ZG' #vIRy 4]H_+dY+w 4;!h9OX$WcnEJai8'iK\پ{.%Q0BYĕ^`dҀO' VM=Tt"&\/ƃ=>g&[[>__Ouv+W,o- T|>U?C j0T`bi+5djw k@7Qč{+w`QRQ>On,Tq/됅peGL%۠e-S黟7N_C-n l>yV7tϿѧbt{?^gΜaRɑ!2Mb>zXl\(:,Z'Z_X0_^ s[7vQ̺hbC)CkBh6>x4ED=$Bu bl> @DY>.,ae%;k=Ν;juҁdr6Ǟ>ΝչaيέVwW[OfL=W!!K(h\Fɰ2 5BRhD\,ŠcUOz:H%+5uܛz)83_Bri&)d=ҿ¢fҡ9C>qmbt;lO=2$ẙat2JN_"%X=&NQe$>W.7 : )Q]fJn (5z 9ʐ2YQp EFHwg hv/oүYeq3w\4tIXAUHSR`ҌJ̠h@E J%gt#jek@xd {7b"\ zػ|-I7fqWE2@e3_2ܕOD3sn&^G@PobBS6(5LP z^QfLl[tzg3'iA/4pޟfxdlHI8f֢`Xb@ 5&@]81{~pWO;julj)9k4t%FyG`SpԖݜz津d8O$n#~ J!}ब& ޖt%z)'{!2vR!YYL ΡAy6H&d=ˉ2Gm^F` B?ok_7%n:k'Fi/K䉓m#i(Wed qyFLk#pɊ8ϝ|v+smuw5W VW/#/y[n1Ї{=),&qY0(}*ZJY"k`_VZר#P?~3gOšpdw*}0g7FIY 6N# eB}x.Ur:C"Pw)nn _? 8SU=fV=͢{CLw%5x\j>:RAOL@G)K"Lsov;D\XOaV})= 7Z |IqGQ9Oa1Ț* Q%ƃM<OA ˣoz&/6/b2-RNmt;W#>v7$9wJWUo@~ m1CWリG7kix؇)5ܦ30 rE`2IF<c kԱ306 @#PG]Z*6&C5`ypkk[zc|WlLzED__8n6tOP}V߰XcG 0I\>$~"P _ .+އa|>ynZoQgAyL]yV;ׂyLhy(*"QBZ__,Px k``a +8W#Ȱ/ ǔĉs> }J$k;WpAh a"Ikv *CC&4(Zݼ~y>Rc;H'>S8<|P9AÉt/vnG%V>cǎ0SYT1ilQ_qylo.}ע~)E/dO5..bgPJ)wZOGH7bXOK#g*"x ]<ޙc!kF"/﫠lx6^WIO32G>52Zѭk`<|[jvOu: H:ޙi(rU0md-K HI8c`#=r}Wz1̊lE"΅Z*E@ q~K #))B|1c-Ee0f'n󐒤+y,/Ӂ= 7[!IղnRnk"vcC{n?qB*)LYg Zjuݚ"}Ѭn^,߯զӵ߯U8pF $k ?cZgmH&PȢ瓍IMQLϣMg4@`|=Ou^JzG䯍Of4LO{/uA@m nhDh̷9z@'Lc?nx%| =i+CĔLϏLD G 8 bmL#?o{!A2dNjpɓ'NݽL ZM .]46H(ll ^"0 X⓶p[m,%Ǔwb):Ej;d71y`Y>St2O"pg+eCNeo٪@> SURtDŽLHabu<#0.#~Xm3dNڒ_6 heAVr+vf,JoU|)_}~~Dp:t?0cN{l>_2@xBqߡ{wo?iIXՓǙʵֶ |0s{aP5l]Y ~y+} 0~YZsp-G-uɶ^C"\ew)VRA"5Xކ5)Nh] NY*,|㈓bBˣty[e1Z`EO3Uk^x630xC_#@LM%9h:Ko>Bw2X47 ~y-`tWl1l _DYp%㱎"Lh~!߼~kr˄}i}3=#a sæN%~?s=ok5 dүE9G•rt"g8V Ku_|||rT2&a+Gy[D>a1.82 X=0.mŽ`Ŏ4Geal٩l>u{csJ[l ~sV{DIi$)sVJF,ysLaZrؖ۽}v\9pzlY,}C8e!jn |VOH_{8K/-pcZ QZW?̦#jKнirRH?z.mj-yB.+0iF 73Nen#}-rՀDq HS~F x۸WEe{e>.ۯ?u"Z|(s^ShXI`xnvM3"U2!IΜ؉JQ?c 9sPkSOb#\ lm<پt*x$5EOW${;|ZVZ)BKR49nc5<YA\)prhxkP_rC.ĉQ2jyR1QޏkGnuu|DP!Z{`B ącT$Xk7P,'_߉p x"Hy1@@T>l{IyMf;]J,z;uD)>1X]t#ӎsRvh[i05Dy\mf*^VBy}nxho=WH67vѬ{)^ cNulVY[nv.מm;)[ե/@Y8#aY䃆1q}\5QS/dl60ӉŗݿWQ܊QyNQItNI>e/OHo9E' ?`bG4D KUGLݢQZ?@Q+xю]>Tïm;-BYpc+\JDϳZ{G״עkVu氺&|QX'[YNKF;dq' &LeV3ߜkq4tmP=JQ2^5޷r3zFe@+?M\kW kjԼ65QYqy{=OM* %r˜Ll4BDh3Z\;$V!<` PU~YSI_Ȭ'ѕ}c8/Di t3Ռ9e/[Scs2Qd>|Ⴧa'bZr7mm F屎]ͶaM ڲ埔!i*y1܎n?jV* 7baٺ?}u=ׇOv.G% ny?,;MRnGn*؁O/i@mӠ$Dq`8ѿ_:eA=}(U fpb?(g (2ҟRΩ{>,vL'+hATLVݡ,ymzOѫifƬҍx_0O6 .aCt^N]:j|Ir@ &ݽ-̟'pBea;Po+BD̍<웲>$ b9§Pw ۙ0!V01R2F`H8;.٘~ eC{Y-(ooW㳹"? ,X!0! {m9ywqHIY\.p)T;^htT(֩ H{.G(JUD !_W)|R匍I R6a 9[Z)"&77,ѓʔ.M "H꟭xЅraf.y9A83/=L`H*>vàS&: ac5CZ/34eWctƕ<1 &Kg u "FyR@ibRQ tzwNF)0Q `P]ؑ eTedޕ<ʼS{a5Fg2$5t/Їh9񮀌O c͉eޕ<B R+||$*+Ff_MY$楋/Ս.mc{G\%2@'h;lNL1D~i}v{0;GH8p09$ ]([q=ɸPfv/&2m8ƝBjUV.!JIo&fJ! ZCy/3g ާɑ(#Y,v 80ו ev$`r|r8qW{@j咅^p{4tq2pWѹud-uun[oơ]8[<ئa1."Ɉ? һìN,V'yWɼ!_S,I@`jh Eϫ)LD^-sl^}m b=$rDTrad1)⦕gNb"?r)zQDr[sm[1WvLVKI/jjx\?ڦ7FE9J瓱!/N|,pU6d! c+,x,tG&bCm%ޜpB"^`Ax,IzZVq Æ{1-1TyƏGav6&>xs>?HMdެ4ku Pߙq9U[ @rheOhV柇Aw&8E6nW3"j9-f<_kX3Xæ55 o}G3.at3!'rEY~khb?-d)$ڽ{fí6jQ1 ycgr6Fi)p\мTt)Au+ƆǛ/UsJvn10%E%盎AD.]Nj1,7ET/>㋰^>Ze^cާiogH2G)-FuCx\YRd,T%EN }5u2o-T!AB$qtHc`sB@Z\*%F|r$WB*LnX 7ky&@7<4=>8K"=:3o _l_ճQIHy`b+mvab\r:mXU*0!/N]苐拐 ˍ>v墼,}R9\~nՕ-nL#fOdg,:}ޖxB{-ފVRy_yEL'@&fURW`VLk6"^YtHg&.wya[>5[ վ9NNG\bei6+b))hƾeS;2NU~d3%\󕣇 y%g2Ph_E٨$6i&{TDac"G(UO>AC}y_ͱ_h;E47ػ~^HI}!Y`im[ ^ {$ktraثÌ|/D2exu\1^\gHH`~ y^T(X*k Zf/ GVX.I@FS~ږZU2cDXEH'=lGIDGޗx-S2E}zWOiOZAbs&dXZbKE2WN OGa< 2PRKJCbg<9 (TXw2m ';!;{%M ȝtyiC.2֌ j7h͎#>mh'b3DTcc'/Nq)B?<}dWГ:>AAC/'Y$Q4.r .E_iaU2@Xs6=/3\ arD5N{R6f]/!3mƊ#S%n!j] jU<76AȆ%tB\g.(LدaqV{ IEK|&lfd2t,@_,2i<6oObIQdm}`UBc<7>b - ryn IbAv}ۛ^{MAH,)n" _ |Z VF1gX).N`6qPRU=cb.`NI!ƻFhi \[zHoBƁ{W  PxRݾ{}[{ X"jFp2 ]18 RQmGef_Bt wI_()Yļ'%u[PA M2՗ r&ݎy4ۘA=J^j@aф61(l_˕+3mVPnRvc9vK^jOcP<3~jy*֫=¹+1˯/ eo 8GN]iX\/䲴v]>ږ=HܘHe5[og>04u(&,H_oٲ&?d F9eڐ c6(X%h><}uoEϧ.yR0(^SaY4d49.O6j|%D+U_ %N4~_-; P-KSh0g9 HVұw04upwi{y ,3v!#/>Pzu[hϮ4+%E@U1յ_5>[*H+"FAֳy4GqRKnPyI |R0iLtHs׾k\{.궯00%!%{2|-*Pu4Eh>ǀGo.q̚6n&XKŧ6 G)Cyths&jqH mvŦv/g>|aD%`W*;,?}.Ѿ[6xIy" I.3;I.sX:T̓(K]Z?8:N80tkrV SCe&X-n:up. Ncż#p}=$ٲF?^bOՇE8D很~%g _cUkRE˦hr^=ʖ+X{+U%i%H޵=DP$Y ?2qГs;tA?Ӽ`YcGTOO>EUûut ٦'8AXWS+3Hމ#:'ɖh:h}&# R>&XG֤Oh_<&X6ԗpu:o奉\" sBſNbSNt|5:7˃?c5oWŒO`'X+,mY'yZ"gQO-?`q- #-<sxgґ?i\+CCEf^Wfшrh)W,YOBM*.cQ|v:+_$We4%uˎyV!␩/ -v9V#<2!Hs\\Q^2:q2MM> kK@@&0Z7_4]TJ pxzZ1 l` L`"b xD&ʣԔ{/=#sњ+~ݷ.R?b5p6UEO5ty ֩StLn0~SG=8}e5؄4iz]X.ﻼ߰ &|m b ܆5Lqqa!ak͌DD9ĉKK_wDO@ Nl|mqU]o G02qkS^PȥM{jOF\>]3omPvP ?3D;ǖEc8QN(CM:Tf.kEYV,VHfU55哺$~'0z"C rw}a(EkdG#F5H"|XpYCy`-myf>LP?~btb_`5p@ǐuu/Dlso\YNbp׳`_5uś$_5~\}YI T/7eUj}4z4B_xxC`\w{# yp}# yp}# yp}# yp}@s6D㌟xLGS;{}pM'~r՝:So!/XyJɓ''^/pޟ[{};F^Nqq<9G`UpUYV;}!|]؟O7X:QcyQ'@hUbm4ݼ^A(]3ImkC<`uו*d}T>P4GGuMPWσn&E~[7du{-?ۚN36o8F}`ւڏ_'UӖ{EI#J߼~<:Mn"ݽN^AX?%n }R)u* `X]S sΙ<NJ5@XLVRo@q˗^ÏuΕ>>$ΧD֛oɨ_|/Ј^pޯ emIEؽ izľw66:pj.فb~_fyv"_OR +X~Wu o/^H\xqm?^GǤҿEN\~=|E5 E~t;=&5mfWt©yFJ7lȏ:o=7=;~ (`k;%ἉQe JbuaOB׷;/~ HEZ>=yF-2a0+˦4mQ#ܲwyŽf (b&AKC䳨=V=AuzDy?YMɓCON,pD,xT=/]|zAse3/\V`J=.TEE/sgѠ2C@͋_M<$2PNw4GȒiVmPW64_4J[wjqn2C|_GMUg2F=E7Kcm4b=Jm yaIвCI<ı3R~'>zXnN޽@em_2xذ5Zi43vE Ud^LH[q1y^S&NYJMelXY mS ˋ{.@:$Hc(La++f;W\f4 `$ p*Lբ0遧Rt :YOɤ[…_|Z¥S%_<VhcOؐ]SCz1QoZYhTP"tK,HG=¨yc-e-U_sFyU|v.qL+e-38`ͰK`k C_q`]J^%7A+Ij*XX &^,JOxwTymz}'=gyS2YL汞ʁY*Vg_=$nI(qE PtK'ÿl58v*:9rޟB+,_ L;+ZΚp)$؅pBShnx_j>෯!)׮NHA 6^E ^vrS'༟T}_qp}/qokgH;keO<0#-])I\~+ٜչwwX|{Dc<,]h:NX}/we_L䉓M$XLZH'g}ʓYJ_$=IrZqz ;(Yh]Fe{s7`DG?rY%`ߦ2]K f3PYJ'r}2lἍI$յou+w NC?C\6 q.ɘaÇVV]D-?韹֮Q(o f/k-WcmvkÏ6g؍rdȭoܸ@X BS;v}ۦ_5coۤώ85æӃ}_;6` 9QmfS8fݔFqsLd8o2I} 9h+xmR{$ɓo_&^o4l8/cu^Hr" J'e;IT2Yg 똗e hJwr~0^4"~Z\qqe{ ' R' mUlJHrNX 6 Sj*slN[2aHUA u`@-˲mx{\VbpBSX2; Vl$HdVēν:Pti’+yzk~jc=\F0FQ5w8KV?^lߩ3Zy(Z[ɂXr,Br%+YIG"pw '>rLt#'p5Vord-,aMQ+_8j_rL¯߼enx=S ϵ8vѬD|?sEݺ]bAMH`UT]'fZ8W%MS6N6ǹlܕ~%Eʽ9]Ӟ!¯^YQAчt%jLfӴhn,R2{dH̍s2 c!`b=jS;OP <}M{|d> WK/s_yb)n-+[YӢqa:/츼zz=ayVnhS mSuT*mvL@祼#&ōS<(+_%4R-` N :Gqޯ׸ZaPP+JfW45寮޽{W~/Q(Uv<>iA1d7,m瑹 _quB:o:R4<  }Y3;a-.VZeK]ү|;n`u00.ܼ5tm%onHڦ } ӛ)Wwo^HSS-Ї>Լ/G Fժ&AbΝ;GOy]7n |94ɶԉ\x3M7kS 6_}[Z`YqQ[Zׅ\o>B=eZ-w uI5}Q?R޾xLKŮ1|>|aoWO3<^=a ~~3yuv(ItfjÎװ*lv@>+{Lu/ٳg}ۚ$zb8O 4}nb5<+ Ǣ{M8Oz!I[c޷3GRV[vZӟy 8O󾪑ѥH2d ux*;٬׆!?'QA ?̞f"0.U^+Gpp8pޟW{{mGp>8pޟW{{mGp>8pޟW{{mGp>8p?}[u;۪=zr׬+p??}gsZR8;7̀???,)ۿo#yֱxGh~s<#9:&}J UQ-,Lz} {@*sKsXur/j\NnY蔹,z-';w't6i!GIj#/ od+弟tzG@ G'2>&"}O|3oe3g{,uV]&hg%,Z"o"s4R4E(虈 fY"2qVLE-^9^|% V &}8:P@z8hEڒqK2/y);{De&.ϟOg-$Ast(!-nuQ+P')8moxɑUմR7-Az##++bfuWlK8e OΎB_!s0,; Fh H.f!ʕ7\ȝy,MasΑ%0?U PøF*g(ۭ} XbAE$dHn9/UA᷶:WUE r`I.# nWwdYڅ4R"bVz/ʬg``" d'hEoY]'M;/#kN0@Yv슎;c+"[PZH 3?\!s:5]76rra³b@'#D{J$/K{GDS^FnSO>hV,@fR7 0Ͻ0,nڈYm0dIoo\nuA 6JQSI n 3{6"(R'r:A: LB:2l^Z.3l&煰fx0,\DaX~{G73e kb [bKbazZ"01 ]J5}S@8hU*K ̟deE Zl0:mgm Ѯ$t\{\SdslYR~!O[#%{ ґ!j;gϮ _X qLK8t_T+)36NЮ}6uZfBSzG驯W/RoW_}ԣUK[ \ϝ|Y{v'"Rɣoj>3pZ /?ŀ[o;vΝ;u|_~%5u!?I{ϟ'G])-R[2`g>_=X` B?{??2~q\0U8M,QWVHA?5%$=bאJKy뷶@PO}zx} LT7z1;m1{EsV|H}l$w-(X)ohXt>Y LeJ/jf!mnq`x\W/N#)TXxuw=@+|9ssY'Z-fOS!~ qҋڬE0:ʯs*2YWDiļX[~hw6uշvءKjA!SFW4@S]6 ax9X{ =s!Bf-k \Gp2@W߻/IVeAœMHy5cGU3%ph#'f8XLGLD\_j~>;vynNnG 3mkz9xl5'&Dì"ʖq,[.5}d޼MłmvncZߙiEkQimieѺĨ 6G3KLw(".MnP6E|3,jKv7&jxB _&GjH94&qSʎ` BߚlqP,tr]U}Ko)' $$$If!vh#v #vX #v#vx:V P45 5X 55x/ / / / /  / / 44 Paf4$$If!vh#v #vX #v#vx:V P45 5X 55x/ /  / / / / 44 Paf4$$If!vh#v #vX #v#vx:V P45 5X 55x/ /  / / /  / 44 Paf4DdD%D  3 @@"? DdQG# T.>;0  # A2E B ɺ4Yx/j`!bE B ɺ4Yx/$ Q/V5%0xڭVKTQ;~(ZI 6+A4e6L)Ic$H (h_P.Dl.g`D)sSt}of|}؃ùͻwι{C(|@ՐWD tBȕJ_SD֪H jU?[J%Fs•XwG+0tq`0.]Cb;84o^*R2¨\3 AV2"3QQͬdP0 ^x!H(.jaV;X^ e~hE/̠$_NoȺ/L |#zRʮl뵙Ӑs>98FLX)VՈwS!~A滱=˙(RS8So!4 .ZkD@$dOB(cdz*S [U1O[D*j;XfW~7ЁSlҷyb7(]IV;~~? *vǟ@—;tsUMh9BŚ$G6?}ILYt8o, lT;~=[:_=Kw!ICO%|2$$If!vh#v, #v#v #vE#v:V P45, 55 5E5/ /  / 44 Pf4$$If!vh#v, #v#v #vE#v:V P45, 55 5E5/ / 44 Pf4$$If!vh#v, #v#v #vE#v:V P45, 55 5E5/ / 44 Pf4$$If!vh#v, #v#v #vE#v:V P45, 55 5E5/ / 44 Pf4$$If!vh#v, #v#v #vE#v:V P45, 55 5E5/ /  / 44 Pf4Dd[% 4U!"0  # A2>GCK";1 `!GCK";La'xڥ_h\Ef7V[M h >PXH}jҐƸjH"JZJ+*<1&i(Bb0%{ä9+(4?TM s,WRRJeG}K [j.z}(M>ymPh?jyzyZ=C"$W)"Q^?A$s 'DћSIӟ,v/pŖ"GxTp9M-N¡^jRNmN*QJߧ"W.ֱjڷr͉Tgfe*O) r>`6Nj'v%UyJq}(kajԔ7?Z溪m5(_¨. Z'-rɝWialJpRk"o\FNCqwGq"yZښ',V >U3|zu>D8tE+F9rS&FՌx +U1?GTJ~YAAZՌ*exIFYHߢ.#iGͩĪtgSs9xIB*j jmO:MRZlkzoq_ȳJO}c#ǹrF߱ɍ_8ڵx8:kc,ڐ8}lsDk4=e$D#Y >1E?I=.@7|)Uu>M ͭ,R].\4I~A X,vmpnrR{aB"G@-zR?U>yߞXIqzs*/bJJ uj<~/|MԧmUe_MyjBGɟ"x93i^GoxmMKSuտKgbu {eZYwjCġΫ֪LƵbp2 zckիo-N2΂A$50̷BW̢{f"֢`DA, ,za HYG8jص#bX.Wn#Mrg6%9aʞæ3ܦsVTK`G2M79_)|p2Fջj?WeR^[§U"E!Dzd#J/9TV1eqQB bU˩nezrgZ k\^klu'b Mw89^ڮULauWpK=U tG8$t_%@JkWq7JDg-l3@X RN?{ \cγle{8+JRCb/7r$Vwv~un^k,3;VYfvaYs2ֹR/omef8r8 VYnhfZ,74`"6HrrK[-ƽĪWK*t\Da*%TbYG .y|w˜r5n5*$.;Fh;Ŋ3<Jf>@/ǣG5UsjTd8xڥ_L[u cJ沍`:?+g)N7Ŗ1E`\xpExtOԉ[Qc"CVޖ{I齴s9 \eDUw뗵U𘲶ܼ$m [9UDzu,grw)П3 ]˕|65SͻI#涎:Chm)o)ǚUz5=(פnUΙXL5eO3V]4i-5r]m뚣mQk5au|!ڤՐ94 h!ڣ|KX/hj%m5ƀt !uZ_#Q6~_ݾV_&mG_wK/'28WVQ{3hpIjjo M(0{uֽ]O&jFMkJ~:ȮC2M>N">jpߞA?Eo)L ̰a>X諒^VGVu  k ꑲ^w2*JhiruͲ067Z0 Ij*d />IFa) d=`^Gl&w e}U>*cꓲDME4Z$eZs dyb,7Tъ,94y\U-UlkRX I@%;*-07@T)h]]7EJW1K)g2[Fy(}U=WJjGק:ZP S͓Q߬[T7uL PS'~#49|JD$g&F''ǽgp#OJ7x?Qglޠ\oһ!knXߐ)];7O>npZChS[Z՚*_:sRWoUKtU"iOM.CTlr93kzL\m\UnKImΤE-nm7;In$(V( GշvY:>/Q]-nesT(W# ]QGb`,a-eݩV_TݎFoN-$-ECsrmT/g128}%¯ySsG@w4Ewr:EuWWcCnfͥo/ޱlSG21yvlYx050:9O<)!I~lKXcĽxLsIQG'f,mƎ#qA}on97,D 78MOƊ˾x.HNƞ~mc4ޛdg= —͟,&(d-TOyӰEX"+KzMb;HaQ ~*1K\U/ 7[繪^t`v)S7*̺Y%φ_ߢJP?2Dd9$ 0  # A2a6}ӳfQ!P=U6`!56}ӳfQ!P <|&xڥRMHTQ}99j!lUl% m(|bj':'p" Eq[%c`W){20sKh,tA.wVh5I-:z:%(Z0غO_&\hO*>:EuWWcCnfͥo/ޱlSG21yvlYx050:9O<)!I~lKXcĽxLsIQG'f,mƎ#qA}on97,D 78MOƊ˾x.HNƞ~mc4ޛdg= —͟,&(d-TOyӰEX"+KzMb;HaQ ~*1K\U/ 7[繪^t`v)S7*̺Y%φ_ߢJP?2$$If!vh#v#v#vV#v2 #v:V t\:555V52 54 p2yt5L$$If!vh#v#v#vV#v2 #v:V t\:555V52 54 p2yt5L$$If!vh#v#v#vV#v2 #v:V t\:555V52 54 p2yt5LDd9$ 0  # A22-e /WA;`!-e /W <|&xڥ[HTasvW7PRtBJPFeF뺕nlFJ>tQCL ‡{!($#;EQ9{vcQ39of3! "(\.F.s7#9em'1wQF0VXD!Se*ӈ;;ƹ74~o>b{ǭxD? _ _}/l#*fXY]N>_ c ^x!\^OLdJ $Ҳ,ZRGl7)Vn7%.@Z'/@qb%#u˗vmhYM_G7\9'HȻI8K7CU.L+A$OۿN_$cV6+bͩ,a4κNRfJ8lCM9SSeܳvb (m*ʟ;yr:XKKwkd;4j娞2ߚ>{%5NA'`^8]+'U~AƏ wr颎NjyJ mT:ܥfNIn\.44YkTտB8K)tϳKN"Yfyw`!iTtſ2Ng@ <|&7xڥUmhMq~~޻ O 7E/_tv,d\6m36a%KKj 9{el{9;GXj, [_6b楯kNUtm4c{E :8y "FW-ZG[)dߴpĦH e]nDC#c+"5S-i'MSQlVz}he`凨_ 6]>7Y7`!]JՐ>hM؋XS=ЩTmj5R]}3D/ˁ;Ѓ"/{XkrWH> ufrWykS. bt)WY+arh1TbT$Z.N q%<%E|S|KqйU$.q M*w7pM6=>$gLqSd :77K3g!TsS.eƚ_禖 c뼿^mVd%՜Yf]Ǭ(;X}vYe!n;r fh$\@zG:Z:Vx>kQC~h&Z6m~lҀ$Q҈ҌrV̑6̗X"X.X)O_ɵҍw:\;֩[T?ΧN$$If!vh#v #v#v #v#vF#vv#vx#vF:V t\:5 55 55F5v5x5F4 pPyt5L$$If!vh#v #v#v #v#vF#vv#vx#vF:V t\:5 55 55F5v5x5F4 pPyt5L$$If!vh#v\ #v#vF#vv#vx#vF:V t\:5\ 55F5v5x5F4 p<yt5LDd#;D  3 @@"?$$If!vh#v#v#vv#v#v*#v#v:V t8555v55*554 pFyt5L$$If!vh#v#v#vv#v#v*#v#v:V t8555v55*554 pFyt5LDd#;6D  3 @@"?8DdJ# l*P0  # A 2/7>5XETH`!/7>5XET\kN%VxuAkA3Ih"^l $J+X 6jLIw7AA4XPxr҃ ^I/_̾ `LsiaxTd\*fHq"5LAjaMb<Ù3?(D.ֱ'xxWg(NԁlDʢTuL*NWWMZ(r\WT3+&5gXى~1a,03Aq ͢Ny\W0׬UwOqX ?a5.I `DdFF+ '010  # A 2CUQdTTP'cK`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFd`DdFF+ '010  # A 2CUQdTTP'c1S`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFdj$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4x$$If!vh#v\!#vx #v :V P45\!5x 5 / 44 Pf4`DdFF+ ' 0  # A 2CUQdTTP'c\`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFdDd D  3 @@"?}$$Ifh!vh#v#vH#v:V P455H5/ 44 Pahf4}$$Ifh!vh#v#vH#v:V P455H5/ 44 Pahf4o$$Ifh!vh#v#vH#v:V P455H544 Pahf4o$$Ifh!vh#v#vH#v:V P455H544 Pahf4o$$Ifh!vh#v#vH#v:V P455H544 Pahf4o$$Ifh!vh#v#vH#v:V P455H544 Pahf4$$If!vh#v#v #v :V l t0655 p(yt5L$$If!vh#v#v #v :V l t0655 p(yt5L$$If!vh#v#v #v :V l t0655 p(yt5L$$If!vh#v#v #v :V l t0655 p(yt5L$IfK$L$q!vh#v@#vG#v#v:V l t0555F5J/  0/ 0/ 0p(yt5L$IfK$L$q!vh#v@#vG#v#v:V l t0555F5J/  0/ 0/ 0/ 0p(yt5LF$IfK$L$q!vh#v@#vG#v#v:V l t0555F5J/ 0/  0/ 0/ 0/ /  0/ 0/ 0/ p(yt5L$IfK$L$q!vh#v@#vG#v#v:V l t0555F5J/ 0/ 0/ 0/ 0p(yt5Lb$$If!vh#v #v:V l t5 5pyt5Lb$$If!vh#v #v:V l t5 5pyt5LDd#;I2D  3 @@"?`DdFF+ '010   # A 2CUQdTTP'co`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFd`DdFF+ '0 ! # A  2CUQdTTP'c5w`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFdT,Dd : + Z " 66 : A W?!b+z#t`+~nz+z#t`PNG  IHDRݞsRGB pHYs7RC+IDATx^]n7M3?#[egi'mIُX`+^+ʞG0d7f_b◿! i%S*!  R! @@j#,%B@ ɀB@d  ! Ԇd@! 2KIB@jC2 HmdB@! !B@ 62RR! ڐ []Y"Q |U6-B_{߸_|GGp}})Vm1vt v&p"i_|W/?\~0O|oQ$g/޽}ѣ}a$nWSNL>6Ө'_y@A{&^!"Yzawৰ_S!L&6%]łHg,SJDHNOO_xITSs5*ɭ #u/aţ_MǤJK@lnWajK:!zj1)~51KߨϤ7Rp$t:GOONooԩ]yKB<^c^TE`pݕ Fcg|IM,kpoC)ˤǨLܝvxͧpW&n (rѨ~# o Z XE{ĉ+Fn KۿOcêgdv|eoLvU5rqWmk)Hy\vhaon5 ;?7RUL6Fz}}wm6 oon/K?&^qifRRLm=EW sU ۨ5 AOX|C,RFnHlcjpmBo)k39Z鞢ު4[UTaÜWx㰫֚471[¼{"v]kR+v`2ߐf9UXc՜WysF+r?>c"gL\Im̅척ie]pwfT! :syD 'j c*`:dB`Hm%qxsv@u%gD<BlGm͸+~7%`^ܻwO^Bbe0:taeܺlGm<~ ㄵ#H*Y!]'$HE/̈MtNcyM)6--i\ؔ؊?؎>iWg`tB7p`qlѓG2;6Цea;joIsHg,,0n[nev,6Cզf4tf:XeF?iN˲q u%Rk#lIePrǠ>\++E⑄?PE#[+G q~qۜF,Z5܋n T1G̋@jS+p\vƜ7 &y{/j[DhQN yv@hv\F5[|9 iZAAݘQeV؅ڈ ”{v n^SC#Rgv_Aa 1˄f/|^7&`oBk kj#[z'nLܫ"("[Նrw2vny2=NLZY@YWGپ@bF=TxMgp BRǸJ J io(QhIA=02~/"5hg  (,5%5l_m 9> W_~y{s;`N4/ cPKƏ~' NAP_>sУѯc :ɲnhjMT_j bgDHz! *\M8{txE&yBm2mEw- * i\TR {Hބ8 gWYȎFCu K}KG@0j jEV8(H%W#*d%%ȕm잜D(B8\;[\3MԆ<1vc*1SXe,[ `^th8|Mzkf=kk}oe;#!L;z~_FT,6* =y@a]T!@M=20m 4j=ԕÑ€qgoHLeFua a8+WT0#OiKS35[}Hʔ(mx3eMSegQȎ E.䷡]1b`b4Uǁ .ŝK@|OytWw~i%rKbVzB05^Qg޾CiW*Eȕv I5R-aj#8 )% q֙F-xhv"x!󫍐&4?ϝCAɲCPbRȄ;s+yGމH./~4"@\+À6/;MGHYp4 (g:뤂#w~BE?\M>dU^^ONa6FN^ mpE'NWSw O7ؑ>jn{nrgv?!On <7eo.^[iWcEyd5NpdKW`_̩HV#Jm~/_dٳTo1z9khTTIejQl=E5{>om.L?̡~M߮LV0=$[ Flmv=c$'J='Uhԛ'R!$6O]+w9<\ifQUV,2ҝTa.V;DRts^zGkٔWGf(Mhɫ+Ł\շhN,/V +؊M (2W콕bΈśw NJN"ֺ[%5nG8=t 4{BK&T\\kxDn(b=$s^⹻W=?2bY xP8ٻ;ܒ!M${0~堺b-[ukS_F*`ѦqOx4N_ϵ1wvvŤm@zFXج`a׵v@OMP0MCXTx{1eL+d+dؓgQ\ 8ɜ4$Rj!nd!7)3MS;B2k}Io?ke{lنq2zlhV ሸyZUUrO%Imk9^Et-|4UA!pwEڍC#o \pKsT%NNtzn#6&Os0$(Bn䕭%B`oZ7 !2Vup*Un hOK%`NRS^ e[Xø4R4J26mK_>Oa &*IK0`nUcrU 3PTOz%Ag tIjFT-:xFK f aIC:C"" QI*zQyn߫;&42-/c.) -iXLbKmTa@DŲ9HQJj w8RvE1Fm!)P:[^IQ_p1qɁ}`e6Rِ`Wΰ||*A)F K%B]Hm#8a!4FkM726 *FyLKep$bdr )Hp2,` DnW28 ýddq,Qk)3L *edl̈́ 31C{lJj"Qmq{+ 22$ ڨ]EĕV8_צO/{{ " Qm1ѱwrtW_զOz>-N]Al턎@@/s1[ bx0+#c=bJ6fn^C-i║Z=RKiˆ!c)@^dHm,Zj(5xOy*HmcU5k|g9lUj mOPuAHm,1BR[tM=?<{rt|aͅ\ȫ!FwG-;Z9v$CKbUjcIL7 ?r?Q #pBc6nR:}hQD@jc)'^|mj O%N]]_qQ 폹`,r&xlfcKO:UAYXT˦(O>qWnjRUHǯLtap$p*'[) Y)VxCz6&#j!7ҏDB}Ab˞KfeeةIy(5)of@XئHRWY6S(؛`br*'"pad ,ۂ"A(e,oS 62ZHR^'wONq.RtC~*]akZX؀k37FNB El ]qy=y}L^䟵:\T~A.^^B 6TUE;{~mI:YEMc*7~L1y6q{s- )[71sʅ^DThE@N 38@.f}|nbsF.x pPt0u KERXJKdQ8ȪW!еtT\!kX:_l a-\)Hm4B` tFB7mtmZ{xio֑)ێqt1"*᱔rʕ@y!8j&VA;.P%eUH 僋*+a0I2l&ί})mb"u,4YyH"8aHDOe~ա j&PÈ4U4,{VN)B@ B@u PUmdm'J<lŃT|h`ZpvYLH 2YȲd$^i0Ua9n1i0#1\xzjǑ?{c=+xq7-NNNRKZp)Gp CxUBMP$]N]oBv-7^L24GU< M9LW@glfvaOtB8ހf=d߿ 0o|XRA"h *ˆC4Rn̵WpP8TI\QVSj$]S^(Rt9;1k]7(?#JBg`k+|qa%L0j0xbAWM0:N$f*^cob$`Vq,svciX%2wըmR fE2Ágn8nN|mĖR_CA1t&Nr GQ=!di^obFaWyJUooBeFFoo"]6i&e36ШoDҕّUC,R=9@Q&5ogFWmtQe8N1\"]#j#/YB%?_!є岃fdF=dD\ 7W ]gPȋ[#UXsrNO i9{ ,c nC$N)FWW".n2dA0z h,IECϘ2{ܮn0PM*|Q2:GvX,*o $Rnq[`@(IUW@C$ _Ms˔%Biԕ6WQ_c:u͵~=ظs^z 0d0#ngZB]rњ~I;0 71,{V  ܽPJmb $ T9B`vhݚ͕.]\g޽{, -ļBB2le[VYQ7—K=%avQanJ<ryG"@3}z$ʾQ^W餵p!rp{s;o`'0naMI\("X6x0T,1Xf-7d_U]4.;\׼ݯYIAI] @@:cʹF)om,EҤT}OKJn"_iE`inkCB&@A3 Y=Ky'UQQB@!46"G!h6<"N!46"G!h6<"N!4FmmƉ7S.mS\)᪉~RF"0lBpldQ5s'WA`'!%U2:`H"'*%CD ! B` /1ŪwcJ>Q!jCm#E@N6B@ A@jcj#-Rmz1.ԔG![6vb\!0!)B`HmŸB`RCPS! nmӋq! 64_<(@}HʛW=xC:V| z A nY3Fǟbٳg>x7w#ҽ~ Kޞ#88AIȑ#55^S U])d-Pd}[##ѯL`|,XT` _ߺB߹] fiiRf-)t^6uppM^|f{'ԿlY)+Rm AuY Y:SH{zI3纥nz0jr=)"BFwLWb<\t[D ԕ7da`L _Z!isޟD^^7npn?`v1$Al< J?/-*pwITrBCwjȡ/i"R)"B9"DWPN<ϸY\[[[:1Pzn~H|ZG' #vIRy 4]H_+dY+w 4;!h9OX$WcnEJai8'iK\پ{.%Q0BYĕ^`dҀO' VM=Tt"&\/ƃ=>g&[[>__Ouv+W,o- T|>U?C j0T`bi+5djw k@7Qč{+w`QRQ>On,Tq/됅peGL%۠e-S黟7N_C-n l>yV7tϿѧbt{?^gΜaRɑ!2Mb>zXl\(:,Z'Z_X0_^ s[7vQ̺hbC)CkBh6>x4ED=$Bu bl> @DY>.,ae%;k=Ν;juҁdr6Ǟ>ΝչaيέVwW[OfL=W!!K(h\Fɰ2 5BRhD\,ŠcUOz:H%+5uܛz)83_Bri&)d=ҿ¢fҡ9C>qmbt;lO=2$ẙat2JN_"%X=&NQe$>W.7 : )Q]fJn (5z 9ʐ2YQp EFHwg hv/oүYeq3w\4tIXAUHSR`ҌJ̠h@E J%gt#jek@xd {7b"\ zػ|-I7fqWE2@e3_2ܕOD3sn&^G@PobBS6(5LP z^QfLl[tzg3'iA/4pޟfxdlHI8f֢`Xb@ 5&@]81{~pWO;julj)9k4t%FyG`SpԖݜz津d8O$n#~ J!}ब& ޖt%z)'{!2vR!YYL ΡAy6H&d=ˉ2Gm^F` B?ok_7%n:k'Fi/K䉓m#i(Wed qyFLk#pɊ8ϝ|v+smuw5W VW/#/y[n1Ї{=),&qY0(}*ZJY"k`_VZר#P?~3gOšpdw*}0g7FIY 6N# eB}x.Ur:C"Pw)nn _? 8SU=fV=͢{CLw%5x\j>:RAOL@G)K"Lsov;D\XOaV})= 7Z |IqGQ9Oa1Ț* Q%ƃM<OA ˣoz&/6/b2-RNmt;W#>v7$9wJWUo@~ m1CWリG7kix؇)5ܦ30 rE`2IF<c kԱ306 @#PG]Z*6&C5`ypkk[zc|WlLzED__8n6tOP}V߰XcG 0I\>$~"P _ .+އa|>ynZoQgAyL]yV;ׂyLhy(*"QBZ__,Px k``a +8W#Ȱ/ ǔĉs> }J$k;WpAh a"Ikv *CC&4(Zݼ~y>Rc;H'>S8<|P9AÉt/vnG%V>cǎ0SYT1ilQ_qylo.}ע~)E/dO5..bgPJ)wZOGH7bXOK#g*"x ]<ޙc!kF"/﫠lx6^WIO32G>52Zѭk`<|[jvOu: H:ޙi(rU0md-K HI8c`#=r}Wz1̊lE"΅Z*E@ q~K #))B|1c-Ee0f'n󐒤+y,/Ӂ= 7[!IղnRnk"vcC{n?qB*)LYg Zjuݚ"}Ѭn^,߯զӵ߯U8pF $k ?cZgmH&PȢ瓍IMQLϣMg4@`|=Ou^JzG䯍Of4LO{/uA@m nhDh̷9z@'Lc?nx%| =i+CĔLϏLD G 8 bmL#?o{!A2dNjpɓ'NݽL ZM .]46H(ll ^"0 X⓶p[m,%Ǔwb):Ej;d71y`Y>St2O"pg+eCNeo٪@> SURtDŽLHabu<#0.#~Xm3dNڒ_6 heAVr+vf,JoU|)_}~~Dp:t?0cN{l>_2@xBqߡ{wo?iIXՓǙʵֶ |0s{aP5l]Y ~y+} 0~YZsp-G-uɶ^C"\ew)VRA"5Xކ5)Nh] NY*,|㈓bBˣty[e1Z`EO3Uk^x630xC_#@LM%9h:Ko>Bw2X47 ~y-`tWl1l _DYp%㱎"Lh~!߼~kr˄}i}3=#a sæN%~?s=ok5 dүE9G•rt"g8V Ku_|||rT2&a+Gy[D>a1.82 X=0.mŽ`Ŏ4Geal٩l>u{csJ[l ~sV{DIi$)sVJF,ysLaZrؖ۽}v\9pzlY,}C8e!jn |VOH_{8K/-pcZ QZW?̦#jKнirRH?z.mj-yB.+0iF 73Nen#}-rՀDq HS~F x۸WEe{e>.ۯ?u"Z|(s^ShXI`xnvM3"U2!IΜ؉JQ?c 9sPkSOb#\ lm<پt*x$5EOW${;|ZVZ)BKR49nc5<YA\)prhxkP_rC.ĉQ2jyR1QޏkGnuu|DP!Z{`B ącT$Xk7P,'_߉p x"Hy1@@T>l{IyMf;]J,z;uD)>1X]t#ӎsRvh[i05Dy\mf*^VBy}nxho=WH67vѬ{)^ cNulVY[nv.מm;)[ե/@Y8#aY䃆1q}\5QS/dl60ӉŗݿWQ܊QyNQItNI>e/OHo9E' ?`bG4D KUGLݢQZ?@Q+xю]>Tïm;-BYpc+\JDϳZ{G״עkVu氺&|QX'[YNKF;dq' &LeV3ߜkq4tmP=JQ2^5޷r3zFe@+?M\kW kjԼ65QYqy{=OM* %r˜Ll4BDh3Z\;$V!<` PU~YSI_Ȭ'ѕ}c8/Di t3Ռ9e/[Scs2Qd>|Ⴧa'bZr7mm F屎]ͶaM ڲ埔!i*y1܎n?jV* 7baٺ?}u=ׇOv.G% ny?,;MRnGn*؁O/i@mӠ$Dq`8ѿ_:eA=}(U fpb?(g (2ҟRΩ{>,vL'+hATLVݡ,ymzOѫifƬҍx_0O6 .aCt^N]:j|Ir@ &ݽ-̟'pBea;Po+BD̍<웲>$ b9§Pw ۙ0!V01R2F`H8;.٘~ eC{Y-(ooW㳹"? ,X!0! {m9ywqHIY\.p)T;^htT(֩ H{.G(JUD !_W)|R匍I R6a 9[Z)"&77,ѓʔ.M "H꟭xЅraf.y9A83/=L`H*>vàS&: ac5CZ/34eWctƕ<1 &Kg u "FyR@ibRQ tzwNF)0Q `P]ؑ eTedޕ<ʼS{a5Fg2$5t/Їh9񮀌O c͉eޕ<B R+||$*+Ff_MY$楋/Ս.mc{G\%2@'h;lNL1D~i}v{0;GH8p09$ ]([q=ɸPfv/&2m8ƝBjUV.!JIo&fJ! ZCy/3g ާɑ(#Y,v 80ו ev$`r|r8qW{@j咅^p{4tq2pWѹud-uun[oơ]8[<ئa1."Ɉ? һìN,V'yWɼ!_S,I@`jh Eϫ)LD^-sl^}m b=$rDTrad1)⦕gNb"?r)zQDr[sm[1WvLVKI/jjx\?ڦ7FE9J瓱!/N|,pU6d! c+,x,tG&bCm%ޜpB"^`Ax,IzZVq Æ{1-1TyƏGav6&>xs>?HMdެ4ku Pߙq9U[ @rheOhV柇Aw&8E6nW3"j9-f<_kX3Xæ55 o}G3.at3!'rEY~khb?-d)$ڽ{fí6jQ1 ycgr6Fi)p\мTt)Au+ƆǛ/UsJvn10%E%盎AD.]Nj1,7ET/>㋰^>Ze^cާiogH2G)-FuCx\YRd,T%EN }5u2o-T!AB$qtHc`sB@Z\*%F|r$WB*LnX 7ky&@7<4=>8K"=:3o _l_ճQIHy`b+mvab\r:mXU*0!/N]苐拐 ˍ>v墼,}R9\~nՕ-nL#fOdg,:}ޖxB{-ފVRy_yEL'@&fURW`VLk6"^YtHg&.wya[>5[ վ9NNG\bei6+b))hƾeS;2NU~d3%\󕣇 y%g2Ph_E٨$6i&{TDac"G(UO>AC}y_ͱ_h;E47ػ~^HI}!Y`im[ ^ {$ktraثÌ|/D2exu\1^\gHH`~ y^T(X*k Zf/ GVX.I@FS~ږZU2cDXEH'=lGIDGޗx-S2E}zWOiOZAbs&dXZbKE2WN OGa< 2PRKJCbg<9 (TXw2m ';!;{%M ȝtyiC.2֌ j7h͎#>mh'b3DTcc'/Nq)B?<}dWГ:>AAC/'Y$Q4.r .E_iaU2@Xs6=/3\ arD5N{R6f]/!3mƊ#S%n!j] jU<76AȆ%tB\g.(LدaqV{ IEK|&lfd2t,@_,2i<6oObIQdm}`UBc<7>b - ryn IbAv}ۛ^{MAH,)n" _ |Z VF1gX).N`6qPRU=cb.`NI!ƻFhi \[zHoBƁ{W  PxRݾ{}[{ X"jFp2 ]18 RQmGef_Bt wI_()Yļ'%u[PA M2՗ r&ݎy4ۘA=J^j@aф61(l_˕+3mVPnRvc9vK^jOcP<3~jy*֫=¹+1˯/ eo 8GN]iX\/䲴v]>ږ=HܘHe5[og>04u(&,H_oٲ&?d F9eڐ c6(X%h><}uoEϧ.yR0(^SaY4d49.O6j|%D+U_ %N4~_-; P-KSh0g9 HVұw04upwi{y ,3v!#/>Pzu[hϮ4+%E@U1յ_5>[*H+"FAֳy4GqRKnPyI |R0iLtHs׾k\{.궯00%!%{2|-*Pu4Eh>ǀGo.q̚6n&XKŧ6 G)Cyths&jqH mvŦv/g>|aD%`W*;,?}.Ѿ[6xIy" I.3;I.sX:T̓(K]Z?8:N80tkrV SCe&X-n:up. Ncż#p}=$ٲF?^bOՇE8D很~%g _cUkRE˦hr^=ʖ+X{+U%i%H޵=DP$Y ?2qГs;tA?Ӽ`YcGTOO>EUûut ٦'8AXWS+3Hމ#:'ɖh:h}&# R>&XG֤Oh_<&X6ԗpu:o奉\" sBſNbSNt|5:7˃?c5oWŒO`'X+,mY'yZ"gQO-?`q- #-<sxgґ?i\+CCEf^Wfшrh)W,YOBM*.cQ|v:+_$We4%uˎyV!␩/ -v9V#<2!Hs\\Q^2:q2MM> kK@@&0Z7_4]TJ pxzZ1 l` L`"b xD&ʣԔ{/=#sњ+~ݷ.R?b5p6UEO5ty ֩StLn0~SG=8}e5؄4iz]X.ﻼ߰ &|m b ܆5Lqqa!ak͌DD9ĉKK_wDO@ Nl|mqU]o G02qkS^PȥM{jOF\>]3omPvP ?3D;ǖEc8QN(CM:Tf.kEYV,VHfU55哺$~'0z"C rw}a(EkdG#F5H"|XpYCy`-myf>LP?~btb_`5p@ǐuu/Dlso\YNbp׳`_5uś$_5~\}YI T/7eUj}4z4B_xxC`\w{# yp}# yp}# yp}# yp}@s6D㌟xLGS;{}pM'~r՝:So!/XyJɓ''^/pޟ[{};F^Nqq<9G`UpUYV;}!|]؟O7X:QcyQ'@hUbm4ݼ^A(]3ImkC<`uו*d}T>P4GGuMPWσn&E~[7du{-?ۚN36o8F}`ւڏ_'UӖ{EI#J߼~<:Mn"ݽN^AX?%n }R)u* `X]S sΙ<NJ5@XLVRo@q˗^ÏuΕ>>$ΧD֛oɨ_|/Ј^pޯ emIEؽ izľw66:pj.فb~_fyv"_OR +X~Wu o/^H\xqm?^GǤҿEN\~=|E5 E~t;=&5mfWt©yFJ7lȏ:o=7=;~ (`k;%ἉQe JbuaOB׷;/~ HEZ>=yF-2a0+˦4mQ#ܲwyŽf (b&AKC䳨=V=AuzDy?YMɓCON,pD,xT=/]|zAse3/\V`J=.TEE/sgѠ2C@͋_M<$2PNw4GȒiVmPW64_4J[wjqn2C|_GMUg2F=E7Kcm4b=Jm yaIвCI<ı3R~'>zXnN޽@em_2xذ5Zi43vE Ud^LH[q1y^S&NYJMelXY mS ˋ{.@:$Hc(La++f;W\f4 `$ p*Lբ0遧Rt :YOɤ[…_|Z¥S%_<VhcOؐ]SCz1QoZYhTP"tK,HG=¨yc-e-U_sFyU|v.qL+e-38`ͰK`k C_q`]J^%7A+Ij*XX &^,JOxwTymz}'=gyS2YL汞ʁY*Vg_=$nI(qE PtK'ÿl58v*:9rޟB+,_ L;+ZΚp)$؅pBShnx_j>෯!)׮NHA 6^E ^vrS'༟T}_qp}/qokgH;keO<0#-])I\~+ٜչwwX|{Dc<,]h:NX}/we_L䉓M$XLZH'g}ʓYJ_$=IrZqz ;(Yh]Fe{s7`DG?rY%`ߦ2]K f3PYJ'r}2lἍI$յou+w NC?C\6 q.ɘaÇVV]D-?韹֮Q(o f/k-WcmvkÏ6g؍rdȭoܸ@X BS;v}ۦ_5coۤώ85æӃ}_;6` 9QmfS8fݔFqsLd8o2I} 9h+xmR{$ɓo_&^o4l8/cu^Hr" J'e;IT2Yg 똗e hJwr~0^4"~Z\qqe{ ' R' mUlJHrNX 6 Sj*slN[2aHUA u`@-˲mx{\VbpBSX2; Vl$HdVēν:Pti’+yzk~jc=\F0FQ5w8KV?^lߩ3Zy(Z[ɂXr,Br%+YIG"pw '>rLt#'p5Vord-,aMQ+_8j_rL¯߼enx=S ϵ8vѬD|?sEݺ]bAMH`UT]'fZ8W%MS6N6ǹlܕ~%Eʽ9]Ӟ!¯^YQAчt%jLfӴhn,R2{dH̍s2 c!`b=jS;OP <}M{|d> WK/s_yb)n-+[YӢqa:/츼zz=ayVnhS mSuT*mvL@祼#&ōS<(+_%4R-` N :Gqޯ׸ZaPP+JfW45寮޽{W~/Q(Uv<>iA1d7,m瑹 _quB:o:R4<  }Y3;a-.VZeK]ү|;n`u00.ܼ5tm%onHڦ } ӛ)Wwo^HSS-Ї>Լ/G Fժ&AbΝ;GOy]7n |94ɶԉ\x3M7kS 6_}[Z`YqQ[Zׅ\o>B=eZ-w uI5}Q?R޾xLKŮ1|>|aoWO3<^=a ~~3yuv(ItfjÎװ*lv@>+{Lu/ٳg}ۚ$zb8O 4}nb5<+ Ǣ{M8Oz!I[c޷3GRV[vZӟy 8O󾪑ѥH2d ux*;٬׆!?'QA ?̞f"0.U^+Gpp8pޟW{{mGp>8pޟW{{mGp>8pޟW{{mGp>8p?}[u;۪=zr׬+p??}gsZR8;7̀???,)ۿo#yֱxGh~s<#9:&}J UQ-,Lz} {@*sKsXur/j\NnY蔹,z-';w't6i!GIj#/ od+弟tzG@ G'2>&"}O|3oe3g{,uV]&hg%,Z"o"s4R4E(虈 fY"2qVLE-^9^|% V &}8:P@z8hEڒqK2/y);{De&.ϟOg-$Ast(!-nuQ+P')8moxɑUմR7-Az##++bfuWlK8e OΎB_!s0,; Fh H.f!ʕ7\ȝy,MasΑ%0?U PøF*g(ۭ} XbAE$dHn9/UA᷶:WUE r`I.# nWwdYڅ4R"bVz/ʬg``" d'hEoY]'M;/#kN0@Yv슎;c+"[PZH 3?\!s:5]76rra³b@'#D{J$/K{GDS^FnSO>hV,@fR7 0Ͻ0,nڈYm0dIoo\nuA 6JQSI n 3{6"(R'r:A: LB:2l^Z.3l&煰fx0,\DaX~{G73e kb [bKbazZ"01 ]J5}S@8hU*K ̟deE Zl0:mgm Ѯ$t\{\SdslYR~!O[#%{ ґ!j;gϮ _X qLK8t_T+)36NЮ}6uZfBSzG驯W/RoW_}ԣUK[ \ϝ|Y{v'"Rɣoj>3pZ /?ŀ[o;vΝ;u|_~%5u!?I{ϟ'G])-R[2`g>_=X` B?{??2~q\0U8M,QWVHA?5%$=bאJKy뷶@PO}zx} LT7z1;m1{EsV|H}l$w-(X)ohXt>Y LeJ/jf!mnq`x\W/N#)TXxuw=@+|9ssY'Z-fOS!~ qҋڬE0:ʯs*2YWDiļX[~hw6uշvءKjA!SFW4@S]6 ax9X{ =s!Bf-k \Gp2@W߻/IVeAœMHy5cGU3%ph#'f8XLGLD\_j~>;vynNnG 3jMy 8¡SJy^6w^Q,4Rb Z"4GͱtҀ LW+;ҲSmлro\k^nV]6bWGN8\kUs4f;d-jvöNa(uJ!i)336FrR- W*kЁ:ęUڬ BZԓŮin|5|:C]q ZQȤ3CȤp%< e/ ;(eyuB <ϙ7*4R_p}]i9l}FL#g"9g8So^pY2*\%r=nSE(-iU'8zmRځRpAjk%:K]8p3]jsI§"$ kLlGs7<OŵRᚳx [(8'ΨDP3&rr ٭j9xi3ğT,˕Q+-*'J-Saiw"X:Sn׮ګUj5LX+auC^K&lX+G^amMa9²=B aav?a^ yg3i3J4l kUIM0,;5)vszhZp`o])P:*^H-NT]X,тs6%ZpõM-Koj`AX0v,т"%QZj8;wHq\!5CQ!V~~Fš k%.zKXa vaÄvkQZ%.|LVE&b%L'Lv_4as!4;Z0R0waFO@;nۿ )_9=q֨ S&O#Nkw̫Ubma]BgChŲ2ciel@ip&?:h|Wg]{x6 W\5Ge^E(5±Ur^kJF86r t`DdFF+ '010 % # A $2CUQdTTP'c`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFdj$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4j$$If!vh#v\!#vx #v :V P45\!5x 5 44 Pf4x$$If!vh#v\!#vx #v :V P45\!5x 5 / 44 Pf4`DdFF+ ' 0 & # A %2CUQdTTP'cV`!CUQdTTP'c?DJ ].~xڝXklTEnЖq !rbHЈD!EAJ4!v ݺ[T-1A#Q`0ãU*Y}-m٥gdvf{o9wRgk? \\Q>g(Jz+ҭQ4j9V~w%;H'43k S%&²!pFM]ҪMU*^|}8i. v:Ї>( +`@ki<󼡒7З>ѹ!/Sw&io݁‚pWfz{8kjךY޲^@ćxZU*&*ׇr#wqF?IauI1IYZ{0*9.Igg&8t%Tmd" |I6Gb;v.^/i4U/Vo,>#}!C13FăEH7VH6b}_5/BQy*T[!/h3%^!x-B9DO3q*nQ:hnSKKK"ܠS-h)rE+Yj\58GpԀz oK!˽Z-8SBx͓Y,.c7hs/rѷژk4Wy~HS4( Z1An w?l7||Z2FI2UnW/xre*,+;6YO(?`+[*{>?%}sٰIwdyAp,Xu^̼)Nj֝1@`݇;(@R[]q~AuyQ :?|KYkVb}RbGԙ}ZjU;HbGUF؏jg:&9UɡSzI܃I|\v6/zL oxL*/$[fl`=u 9LFdDd#;D ' 3 @@"?&Is2&6FVfv2(&6FVfv&6FVfv&6FVfv&6FVfv&6FVfv&6FVfv8XV~ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@ 0@OJQJ_HmH nH sH tH X`X J~7Normal5$7$8$9DH$CJ@OJQJ_HmH sH tH N@N  Heading 1,1$$h@&a$5CJHB@B  Heading 2,2  @&5>@>  Heading 3,3 h@&6FF  Heading 4,4 h@&^h>*CJ^^  Heading 5,5)$hd@&]^`ha$CJ^^  Heading 6,6)$hd@&]^`ha$CJJJ  Heading 7 @&^6CJOJQJZZ  Heading 8)$@ hd@&]^@ `ha$CJJ J  Heading 9 @&^6CJOJQJDA D Default Paragraph FontVi@V  Table Normal :V 44 la (k (No List :: TOC 3 X !^:: TOC 2 X !^22 Index 6 ^22 Index 5 ^2 2 Index 4 8^82 2 Index 3 ^2 2 Index 2 h^h* * Index 1.(q. Line Number4 4 Footer  !44 Header  !D& D Footnote ReferenceCJEH::  Footnote TextCJ.). Page Number00 points ^(O( ex ^2O2 ex1  H]H(O( in ^*O* in1 ! 8"8 in2" LP]P626 in3# 8 lx,B, in4 $ LRL ie)%$  0hd]0`ha$CJ@O@ cont&$dP]a$CJ\r\ Glossary entry"'$hd<]`ha$CJRR Reference"($hdx]`ha$CJVV pub2)$ dx]^`a$CJRR type,*$ X|hd]|`ha$CJLL ax*+$ !dP]^CJNN ref*,$hd$]^h`a$CJ@@ gr- $ ]^CJ8O8 pic.$$]a$CJBB lin/$dPP]a$CJ** cap0$CJ&& lax1PBB fnormal2$d]a$CJ$2$ tcap3>OB> tab4$$d]CJ`OR` 7"~figtext5$]a$#5B*CJ0OJQJ\^JaJ0phLOQbL :4INfigctext65CJ8OJPJQJ^JaJ,d/qd 5Yx figtext Char35B*CJ0OJQJ\^J_HaJ0mH phsH tH B' B ZNComment ReferenceCJaJ8o8 "~typewrCJ8OJQJ^JaJ,joj 64IN figctext Char75B*CJ8OJPJQJ\^J_HaJ,mH phsH tH \\ nbullet2;$ & F ]5$7$8$9DH$^]a$CJVYV J~7 Document Map<-D M CJOJQJ^J~~ 3n Table Grid7:V=0=5$7$8$9DH$.o. vsub 6H*]aJ@TT 4:indent*?$hd5$7$8$9DH$^ha$CJhCh JBody Text Indent*@$d5$7$8$9DH$`a$CJ4U 4 m Hyperlink >*phT"T Ve0stars(B$hxx5$7$8$9DH$`ha$CJaJ2/12 pZdfn5>*B*PJphHoAHjhcode,c$B*CJOJQJaJmHnHphu^OR^jhprogEh5$7$8$9DH$`hCJOJQJ\^JmHnHuF/aFjhkeywd$B*CJOJQJaJmHnHphu.X q. W9Emphasis6]HH 9& Balloon TextHCJOJQJ^JaJPK![Content_Types].xmlN0EH-J@%ǎǢ|ș$زULTB l,3;rØJB+$G]7O٭Vc:E3v@P~Ds |w<v "-7BIRZeu"6L^egt  (3:BPVX^dj~"8JQS`p{&.<BDJPVj$6=?L\gnv (.06<BVl~")+8HSZbpvx~&*5@DRV\bdjpv      . D V ] _ l |    + 2 : H ] e j u   " ) + 8 H S Z b p {    '   "#  -./0123456789:CE(*0123456789:;<=FH(*fghijklmnopqrs|~ RTWXYZ]_`ijklmnopqrstuv             C D E F G H I J K L M N O P Y [ ` "-7BIRZeu"6L^egt  (3:BPVX^dj~"8JQS`p{&.<BDJPVj$6=?L\gnv (.06<BVl~")+8HSZbpvx~&*5@DRV\bdjpv      . D V ] _ l |    + 2 : H ] e j u   " ) + 8 H S Z b p {    ' *   !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-.` MMMP GT!&'()*+>-T.j/t0112K334556637'8889S::;;:>>?@A|CEH(JKLDOGPPvQ"RR@SSTUUWYUZV\v]_`Raceh4k`lZmoqrVtwnz|~T Ȏ`̛НvNe2|q0rruZwVyF{:}KȈ%&XڔCiS[9ݛK'#\   +!!!!X[]`begiorsuvwxz{~    %/12456OPQRTVWYZ\^aeghjklmprtvxz|}J 6 D\ Dn ( K !P%(+.//25?5@5_5`555777}78889_:a:s:;;[>BF'KbMM:NPNS:UmUUU VW0[`CaEaVaJbghllFm.pqq(r*rlrr!xz2H0ڜR\֡Uѧ"Hkۨ'4AKZlYqu6y{K,܇1WKʕVіS̗36|\ u  !|!!!YZ\^_acdfhjklmnpqty|}  !"#$&'()*+,-.03NSUX[]_`bcdfinoqsuwy{~***+++,,,-1-4-'.?.B....///t000;1S1V1m===MNNqWWW_0_3_vvvjzzz7:___________________|(a ?a,b$~sk`` cP(   6^, A 3  "0?*` B  c $X99?6^,r C  s *C $ r D  s * D /6l"  r E  s *!E !'Z%|* !r F  s *"F *- D." "r G  s *#G  M! #z H  c $$H "`k ([%, $l I  c $%I 4( ^, %l J  c $&J %4(e.Y, &r K  s *'K 9$X' 'r L  s *(L P#W& (r M  s *)M ( )r N  s **N r!(. *l2 O  c $+O o /&V +l2 P  c $,P 6n , Q Z?)?"0?@NNN?N F*%I* R Z?)?"0?@NNN?N%#' S B Z?)?"0?@NNN?N%0% T Z?)?"0?@NNN?NR# U  Z?)?"0?@NNN?Nr! V  Z?)?"0?@NNN?N5(*4(~ W  B8c? l! ~B  `?8c?"0?@NNN?NVr  s *#W&    `?8c?"0?@NNN?N)*!T-$r"  s *ddG:T-"L55'  0*+ P3  "0?` Q c $X99?0*+ R s *"` B S T?D8c?"0?@NNN?Nz" T c $Gw%"` 4  U 3 0e0e     ?BCLDEF 8c 8c8c     ?1 d0u0@Ty2 NP'p<'pA)BCD|E||oLL@  " ?@     @ABC DEFGHIJK5%LMNOPQRSTUWYZ[ \]^_ `abN 5%  N 5%  N    5%    !"?N@ABC DEFGHIJK5%LMNOPQRSTUWYZ[ \]^_ `ab  B V T?D8c?"0?@NNN?N4 W s *"`<!q  X s *"`X 90*  Y s *"`,&)  Z s *"` $,d* B [ T?D8c?"0?@NNN?N,x%(#y%B \ T?D8c?"0?@NNN?N,))z" ] c $Gw%"`'X + B ^ T?D8c?"0?@NNN?NX )(#) _ s *"`(#$D%&  ` s *"`(#H((+  6^, +3  "0?` , c $X99?6^,r - s *9-$ 9r . s *:./6l" :r / s *;/!'Z%|* ;r 0 s *<0*- D." <r 1 s *=1 M! =z 2 c $>2"`k ([%, >l 3 c $?34( ^, ?l 4 c $@4%4(e.Y, @r 5 s *A59$X' Ar 6 s *B6P#W& Br 7 s *C7( Cr 8 s *D8r!(. Dl2 9 c $E9o /&V El2 : c $F:6n F ; Z?)?"0?@NNN?N F*%I* < Z?)?"0?@NNN?N%#' =B Z?)?"0?@NNN?N%0% > Z?)?"0?@NNN?NR# ? Z?)?"0?@NNN?Nr! @ Z?)?"0?@NNN?N5(*4(~ A B8c? l Z?)?"0?@NNN?N G*%I* ? T?)?"0?@NNN?N%#' @B T?)?"0?@NNN?N%0% A Z?)?"0?@NNN?NR# B T?)?"0?@NNN?Nr! C T?)?"0?@NNN?N5(*4( D H8c? l@! EB  `?8c?"0?@NNN?NVr F s *wF#W& w G  `?8c?"0?@NNN?N)*!T-$r" H s *xCءCءHG:T-"L55' x 6^, 3  "0?`  c $X99?6^,r  s *I$ Ir  s *J/6l" Jr  s *K!'Z%|* Kr  s *L*- D." Lr  s *M M! M  0N"`k ([%, Nx  0O4( ^, Ol  c $P%4(e.Y, Pr  s *Q9$X' Qr  s *RP#W& Rr  s *S( Sr  s *Tr!(. Tl2  c $Uo /&V Ul2  c $V6n V   Z?)?"0?@NNN?N G*%I* ! Z?)?"0?@NNN?N%#' "B Z?)?"0?@NNN?N%0% # T?)?"0?@NNN?NR# $ T?)?"0?@NNN?Nr! % T?)?"0?@NNN?N5(*4(~ & B8c? l>! 'B  `?8c?"0?@NNN?NVr ( s *W(#W& W )  `?8c?"0?@NNN?N)*!T-$r" * s *Xdd*G:T-"L55' X 6^, 3  "0?`  c $X99?6^,r  s *)$ )r  s **/6l" *r  s *+!'Z%|* +r  s *,*- D." ,r  s *- M! -z  c $."`k ([%, .l  c $/4( ^, /l  c $0%4(e.Y, 0r  s *19$X' 1r  s *2P#W& 2r  s *3( 3r  s *4r!(. 4l2  c $5o /&V 5l2  c $66n 6  Z?)?"0?@NNN?N F*%I*  Z?)?"0?@NNN?N%#' B Z?)?"0?@NNN?N%0%  Z?)?"0?@NNN?NR#  Z?)?"0?@NNN?Nr!  Z?)?"0?@NNN?N5(*4(~   B8c? lDHDEFW 8 e 2  E3 f!E8G?IŢ?( 5[9 C H¢*jg,1 \  -Ahh  C #" `?" n  s *AW? #" `?%n  s *AW? #" `?'n ! s *AW? #" `?)hB " s *D)"?#hB # s *D)"?$hB $ s *D)"?&hB % s *D)"?(\2 \ C Ԕ#" `?!\2 ] C Ԕ#" `?\2 ^ C Ԕ#" `? \2 _ C Ԕ#" `?P `  /"?+ /B S  ?           !"#$%&'*)67>?@A B!C"=D#<E$HG%lmt&u'v(w)x*y+sz,r{-~}./0123456789:;<=>?@ABCDEFGHIJKLM N O P QR S!T"U#V$W%X&Y'Z*)[34;\<]=^>_?`@a:Ab9BcEDdopwexfygzh{i|jv}ku~lmnopqrstuvwxyz{|}~I J Q R S T U V P W O X [ Z ,*K+Y++,-2-@.../p00T1=MN:WHWWE]_1_nvzBklqnˇ(8$Es1t$t .t8"t+8"tAAMtMt%lt&st-^^Mt.+ tP t^E^tdp&2ttXXbtp&2t8"tPD%t^^Mt+ tAAMtMtg%ltt^E^tp&2t{ +!t$t t] x+( t_ *M1t^ #t\ m ~M"^ t -  t" U2jt# -$5+ t 5:t@$ ,t T%;+t@% %,X$t! }9]t@A 8"t` 0Kt !Y'\'y(|(--k7r77777==b>l>>>?@@&@+@5@t@~@@@CCCC6C9CHCJCuC{CCCCCCCNKTKKKiMmMmOoOOOSSSSSSSSSSSSSSSSSSxUUUUUUUUUUUUUUUUUUVV VV"V%V,V1V5V8V9V>VVVVVVVVVVVVVVV\\^^NbVbXbabcbobqbbbbbbhhhhi!iDiFiii m mBmDmmmmmmmmm+n-nMnOnnnnnnn8o:o@oBotovoooppssttKxOxxxw{z{|~ȎʎÐCEKMɑ̑}Ԛܚ !bc)_Jd}MNNc)DsFWiv\ i _ | "D[!nf!vziy@S !####$$$$%%**+++"+$+++-+;+>+?+@+K+M+Y+[+k+l+|+++,,,,,---6-K-}--D.Z............//0003050A0C0W0^0_0c0t000001,2I222254K44455666*7k7|77777`;;;;;<M?p?@@AAdBBBBBBBC)DEDHHL'LL MMMMMMMN.NOOOOOP PPPPSTWTTW W WWWWWqWXXXXYY8ZNZPZ[Z~ZZZZP[o[[[[[*\C\]]]^^^^^^_W_t_``0aLaaaabMbbPcmccceewffffiiiiiik.kllfnnnnnno-oeopooo p"pppzrr"sTsDtVtWtetttuuwwwxxxx7xAxCxvxxxxxxxxxxxxyyyzz{{v}}~~BLd@]1?o_}!)!̐ 8p{ <W9ȕ <G1~ R[Κ !bcvx~ƛț֛؛ ').079?AJLZ\ikoswy}Ɯʜ՜ל !#');=QScejny{ŝǝ˝͝ߝ -/8:?AGIUW[_ceikoqÞўӞܞޞ ')=?OQVZeguw˟͟ $&+-35ACGKOQUW[]oqȠʠϠѠנ٠)+;=BFQSaclnsu{}͡ϡߡ!-/37;=ACGI[]qsâŢѢӢעۢߢ').2=?MOXZ_agiuwy{ãǣˣͣѣӣף٣)+9;DFKMSUacgkoquw{}¤ͤϤݤߤ !35IK[]bfqsƥȥ˥֥ͥإ -/37;=ACGI[]qsæŦѦӦܦަ "249=HJXZcejlrtM}N}|BCWWkn^cFFcgɑ +-IPǒȒȒ!!#)25::FMUhin~~;;0bgz(1t,&ȨDPNGYZ~T$L|J2 `hO R^:CfP;nDĻ^^qP0ezk %0 (*LKc+ڨ +}li,P^rP2/:/> 4k=7|b:Z8$d;<:(d=A%Fh"$B|iQ@vCGN.fEԏHaODFsOH \P$f1XKc+.rnDYC~&=Ah"$Be #WQxvhO [ZR^1X%`MN^K(.>        |ƦOz(*fnؒ.j$kfB8(d Tg.&?*Gݪ^lLz㶨0~6x>0 dj 4|zv?6fdZtC؞F5r9|%Fx_Z:[zv,.ʏx|,PLft"`* 6.Ewv!n2~ |s`bpviJi[Ll|"Tk?Lv%." 1FŜ `hoNe"PҚ6"$DGBznl*xPox46yp 9mj 8>b'ΪB<ډ(~wLf &gP V \AZIt|W *2mX&xyR-@@6rD?M{)O#('y;HOERi{i:;:K`:;QxKO9_QGXZ6S0jEnQU|~,roK/87[D'*-w/*vnH0iXuim^6fYE|e< k_b#: X&R?\ i]K Ow/*2*~aI.z*-5vl6+l!Vny+c'p-z+tIj#, OB2@ L,;HO$w,~,S-Q ^-i]wJ-Cc~aI.`Q.#/^6.0ch*e0uim>13"! OB26z"%B53#ybh3KO9_ 4;HOc 4QU| 4)'h4En4ch*x%5#35oK[45En 65"G&XB5 OB2*h5#y^5.o]?u5Lm'k5S-53"!-5-w^6[?8tIRK8i] 8M{).,8En%9J`9_:#yyu:KO9_|O;R ;Bc;<#yz<#1QU|{?ov"Y?R Z@)'WA{iDgnA)' 'AQU|ROB.o]Pe^BkiB2CM{)jpC==PD$EEuimLwGE#ykEm9x'E<gCEYE .Fuim !8FBs{tC7Gch*I=Gi- KHVO*K2HQC9UOOi];HO|NPi- !=P==xP.o]%`Q9U'*q qEn~r[D'*-r#*@s#ydt#yoattI3|rtch*Bs{t_9Eui- wru#yg*2voKvKO9_DvM{)0vM IyBwtI-w-"w[D'*m9x0 yl!cych*Dny.o]^oy{yKO9_|Z{X |Enm |QU|opk|M{)0!|#y~c.-5c;HOnKO9_? O(`S64[$i{G_q:D:+ ( v A wl r  8 m !gUiI0?xwUOCu-3}W#b3eEJhQ.5W<=PuqH8W99&),ZK.O(WNh/8uf m!#LG#Q#R#*$y%&-&>&^&7'(I(/(uj)+u+F,,V-.Ve0e0my172t2b303m3}34#484_5}687xT7&^7x7J~7[g8Cy8-;L;q<T<t`<*=<=x=D>y> ?R?z?@Y@QAA$BDB4CfC62D=7DEEzGdHqH uHIZ;IxIEJ;KJzJ)4KL5LM;MNg Nd;N4INZNEwN~O ;PTPS7QBQIQsQXR3hShSlS`TdT_mUWJdWzW X@XXTX Yc#Y[$YpZ5ZeZZ&[l?[O[( \=^|G_O_U_abVb c|ccc.dGedese ff)f1fFfg g)ghQ!hqhvhi?iQi(jzk_>l\vlm'Fmrmvnnn8nGnUn&.oOGo Qo|oq:q\Tq {qk@r2Nrt*s:s:esnxs3t'uluou KvBw3wx:xYxi yWyvy%z{k{|X_|}!>}*O}"~,/5Nay,nQ5R03XYLi4: f:U$N]8 e*Xv'.\hOzx?NpeeasC*Y*_X"7 l)p9# 2qlN9Hc(IE^Yprc {$vj 1*`Vf<XkQu7'J>&yay!}&swuw("jhpxqjF/w" Cg()aE88&. XAVOixII&ztGVY*9+:U)| ?FCEAw7 !+<ghumw(I v8.}3L?T[7\:n3x6|A68 dJ~Ia{ Bgv |z*U=RBGz|L #KV,QY &O^qI\hqO}v@ *@  "#$12|4|5|6|789;<=KL\N\O\P:R:S:T:U:V:W:X:Y:Z:\:]:^:_:`:a:b:d:e:f:g:h:i:j:kglgmgngogpgqg{g|g}IIIIIIII@*,\@<|@@BD@H@LN@^@bd@hjlnprtv@z|~ @,@D@@r@v@@@$@8@Unknown G.Cx Times New Roman5Symbol3. .Cx Arial?= .Cx Courier NewU  MS MinchoYu Gothic UIABook Antiqua;. .Cx Helvetica9New York5. .[`)Tahoma;WingdingsA$BCambria Math"p=Ag*@%O%O1+xx4ƚƚ 3Q+Z?;M2! xx Security in Distributed SystemsLampsonButler Lampson0                           ! " # $ % & ' ( ) * + , - . / Oh+'0   @ L X dpx Security in Distributed SystemsLampson Normal.dotmButler Lampson5Microsoft Office Word@ա@DD@,w,@@ʉ?Y% ՜.+,0 px   Oƚ  Security in Distributed Systems Title  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~Root Entry FӒ?YData "1TablerWordDocumentSummaryInformation(DocumentSummaryInformation8CompObjr  F Microsoft Word 97-2003 Document MSWordDocWord.Document.89q