aboutsummaryrefslogtreecommitdiff
path: root/vendor/github.com/llgcode/ps/samples/whitepaper.ps
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/llgcode/ps/samples/whitepaper.ps')
-rw-r--r--vendor/github.com/llgcode/ps/samples/whitepaper.ps5043
1 files changed, 5043 insertions, 0 deletions
diff --git a/vendor/github.com/llgcode/ps/samples/whitepaper.ps b/vendor/github.com/llgcode/ps/samples/whitepaper.ps
new file mode 100644
index 0000000..4222c4c
--- /dev/null
+++ b/vendor/github.com/llgcode/ps/samples/whitepaper.ps
@@ -0,0 +1,5043 @@
+%!PS-Adobe-3.0
+%%BoundingBox: (atend)
+%%Pages: (atend)
+%%PageOrder: (atend)
+%%DocumentFonts: (atend)
+%%Creator: Frame 5.0
+%%DocumentData: Clean7Bit
+%%EndComments
+%%BeginProlog
+%
+% Frame ps_prolog 5.0, for use with Frame 5.0 products
+% This ps_prolog file is Copyright (c) 1986-1995 Frame Technology
+% Corporation. All rights reserved. This ps_prolog file may be
+% freely copied and distributed in conjunction with documents created
+% using FrameMaker, FrameMaker/SGML and FrameViewer as long as this
+% copyright notice is preserved.
+%
+% FrameMaker users specify the proper paper size for each print job in the
+% "Print" dialog's "Printer Paper Size" "Width" and "Height~ fields. If the
+% printer that the PS file is sent to does not support the requested paper
+% size, or if there is no paper tray of the proper size currently installed,
+% then the job will not be printed. The following flag, if set to true, will
+% cause the job to print on the default paper in such cases.
+/FMAllowPaperSizeMismatch false def
+%
+% Frame products normally print colors as their true color on a color printer
+% or as shades of gray, based on luminance, on a black-and white printer. The
+% following flag, if set to true, forces all non-white colors to print as pure
+% black. This has no effect on bitmap images.
+/FMPrintAllColorsAsBlack false def
+%
+% Frame products can either set their own line screens or use a printer's
+% default settings. Three flags below control this separately for no
+% separations, spot separations and process separations. If a flag
+% is true, then the default printer settings will not be changed. If it is
+% false, Frame products will use their own settings from a table based on
+% the printer's resolution.
+/FMUseDefaultNoSeparationScreen true def
+/FMUseDefaultSpotSeparationScreen true def
+/FMUseDefaultProcessSeparationScreen false def
+%
+% For any given PostScript printer resolution, Frame products have two sets of
+% screen angles and frequencies for printing process separations, which are
+% recomended by Adobe. The following variable chooses the higher frequencies
+% when set to true or the lower frequencies when set to false. This is only
+% effective if the appropriate FMUseDefault...SeparationScreen flag is false.
+/FMUseHighFrequencyScreens true def
+%
+% The following is a set of predefined optimal frequencies and angles for various
+% common dpi settings. This is taken from "Advances in Color Separation Using
+% PostScript Software Technology," from Adobe Systems (3/13/89 P.N. LPS 0043)
+% and corrolated with information which is in various PPD (4.0) files.
+%
+% The "dpiranges" figure is the minimum dots per inch device resolution which
+% can support this setting. The "low" and "high" values are controlled by the
+% setting of the FMUseHighFrequencyScreens flag above. The "TDot" flags control
+% the use of the "Yellow Triple Dot" feature whereby the frequency id divided by
+% three, but the dot function is "trippled" giving a block of 3x3 dots per cell.
+%
+% PatFreq is a compromise pattern frequency for ps Level 2 printers which is close
+% to the ideal WYSIWYG pattern frequency of 9 repetitions/inch but does not beat
+% (too badly) against the screen frequencies of any separations for that DPI.
+/dpiranges [ 2540 2400 1693 1270 1200 635 600 0 ] def
+/CMLowFreqs [ 100.402 94.8683 89.2289 100.402 94.8683 66.9349 63.2456 47.4342 ] def
+/YLowFreqs [ 95.25 90.0 84.65 95.25 90.0 70.5556 66.6667 50.0 ] def
+/KLowFreqs [ 89.8026 84.8528 79.8088 89.8026 84.8528 74.8355 70.7107 53.033 ] def
+/CLowAngles [ 71.5651 71.5651 71.5651 71.5651 71.5651 71.5651 71.5651 71.5651 ] def
+/MLowAngles [ 18.4349 18.4349 18.4349 18.4349 18.4349 18.4349 18.4349 18.4349 ] def
+/YLowTDot [ true true false true true false false false ] def
+/CMHighFreqs [ 133.87 126.491 133.843 108.503 102.523 100.402 94.8683 63.2456 ] def
+/YHighFreqs [ 127.0 120.0 126.975 115.455 109.091 95.25 90.0 60.0 ] def
+/KHighFreqs [ 119.737 113.137 119.713 128.289 121.218 89.8026 84.8528 63.6395 ] def
+/CHighAngles [ 71.5651 71.5651 71.5651 70.0169 70.0169 71.5651 71.5651 71.5651 ] def
+/MHighAngles [ 18.4349 18.4349 18.4349 19.9831 19.9831 18.4349 18.4349 18.4349 ] def
+/YHighTDot [ false false true false false true true false ] def
+/PatFreq [ 10.5833 10.0 9.4055 10.5833 10.0 10.5833 10.0 9.375 ] def
+%
+% PostScript Level 2 printers contain an "Accurate Screens" feature which can
+% improve process separation rendering at the expense of compute time. This
+% flag is ignored by PostScript Level 1 printers.
+/FMUseAcccurateScreens true def
+%
+% The following PostScript procedure defines the spot function that Frame
+% products will use for process separations. You may un-comment-out one of
+% the alternative functions below, or use your own.
+%
+% Dot function
+/FMSpotFunction {abs exch abs 2 copy add 1 gt
+ {1 sub dup mul exch 1 sub dup mul add 1 sub }
+ {dup mul exch dup mul add 1 exch sub }ifelse } def
+%
+% Line function
+% /FMSpotFunction { pop } def
+%
+% Elipse function
+% /FMSpotFunction { dup 5 mul 8 div mul exch dup mul exch add
+% sqrt 1 exch sub } def
+%
+%
+/FMversion (5.0) def
+/fMLevel1 /languagelevel where {pop languagelevel} {1} ifelse 2 lt def
+/FMPColor
+ fMLevel1 {
+ false
+ /colorimage where {pop pop true} if
+ } {
+ true
+ } ifelse
+def
+/FrameDict 400 dict def
+systemdict /errordict known not {/errordict 10 dict def
+ errordict /rangecheck {stop} put} if
+% The readline in PS 23.0 doesn't recognize cr's as nl's on AppleTalk
+FrameDict /tmprangecheck errordict /rangecheck get put
+errordict /rangecheck {FrameDict /bug true put} put
+FrameDict /bug false put
+mark
+% Some PS machines read past the CR, so keep the following 3 lines together!
+currentfile 5 string readline
+00
+0000000000
+cleartomark
+errordict /rangecheck FrameDict /tmprangecheck get put
+FrameDict /bug get {
+ /readline {
+ /gstring exch def
+ /gfile exch def
+ /gindex 0 def
+ {
+ gfile read pop
+ dup 10 eq {exit} if
+ dup 13 eq {exit} if
+ gstring exch gindex exch put
+ /gindex gindex 1 add def
+ } loop
+ pop
+ gstring 0 gindex getinterval true
+ } bind def
+ } if
+/FMshowpage /showpage load def
+/FMquit /quit load def
+/FMFAILURE {
+ dup = flush
+ FMshowpage
+ /Helvetica findfont 12 scalefont setfont
+ 72 200 moveto show
+ 72 220 moveto show
+ FMshowpage
+ FMquit
+ } def
+/FMVERSION {
+ FMversion ne {
+ (Frame product version does not match ps_prolog! Check installation;)
+ (also check ~/fminit and ./fminit for old versions) FMFAILURE
+ } if
+ } def
+/FMBADEPSF {
+ (Adobe's PostScript Language Reference Manual, 2nd Edition, section H.2.4)
+ (says your EPS file is not valid, as it calls X )
+ dup dup (X) search pop exch pop exch pop length
+ 5 -1 roll
+ putinterval
+ FMFAILURE
+ } def
+/fmConcatProcs
+ {
+ /proc2 exch cvlit def/proc1 exch cvlit def/newproc proc1 length proc2 length add array def
+ newproc 0 proc1 putinterval newproc proc1 length proc2 putinterval newproc cvx
+}def
+FrameDict begin [
+ /ALDsave
+ /FMdicttop
+ /FMoptop
+ /FMpointsize
+ /FMsaveobject
+ /b
+ /bitmapsave
+ /blut
+ /bpside
+ /bs
+ /bstring
+ /bwidth
+ /c
+ /cf
+ /cs
+ /cynu
+ /depth
+ /edown
+ /fh
+ /fillvals
+ /fw
+ /fx
+ /fy
+ /g
+ /gfile
+ /gindex
+ /grnt
+ /gryt
+ /gstring
+ /height
+ /hh
+ /i
+ /im
+ /indx
+ /is
+ /k
+ /kk
+ /landscape
+ /lb
+ /len
+ /llx
+ /lly
+ /m
+ /magu
+ /manualfeed
+ /n
+ /offbits
+ /onbits
+ /organgle
+ /orgbangle
+ /orgbfreq
+ /orgbproc
+ /orgbxfer
+ /orgfreq
+ /orggangle
+ /orggfreq
+ /orggproc
+ /orggxfer
+ /orgmatrix
+ /orgproc
+ /orgrangle
+ /orgrfreq
+ /orgrproc
+ /orgrxfer
+ /orgxfer
+ /pagesave
+ /paperheight
+ /papersizedict
+ /paperwidth
+ /pos
+ /pwid
+ /r
+ /rad
+ /redt
+ /sl
+ /str
+ /tran
+ /u
+ /urx
+ /ury
+ /val
+ /width
+ /width
+ /ws
+ /ww
+ /x
+ /x1
+ /x2
+ /xindex
+ /xpoint
+ /xscale
+ /xx
+ /y
+ /y1
+ /y2
+ /yelu
+ /yindex
+ /ypoint
+ /yscale
+ /yy
+] { 0 def } forall
+/FmBD {bind def} bind def
+systemdict /pdfmark known {
+ /fMAcrobat true def
+
+ /FmPD /pdfmark load def
+
+
+ /FmPT /show load def
+
+
+ currentdistillerparams /CoreDistVersion get 2000 ge {
+
+
+ /FmPD2 /pdfmark load def
+
+
+
+
+
+ /FmPA { mark exch /Dest exch 5 3 roll
+ /View [ /XYZ null 6 -2 roll FmDC exch pop null] /DEST FmPD
+ }FmBD
+ } {
+
+ /FmPD2 /cleartomark load def
+ /FmPA {pop pop pop}FmBD
+ } ifelse
+} {
+
+ /fMAcrobat false def
+ /FmPD /cleartomark load def
+ /FmPD2 /cleartomark load def
+ /FmPT /pop load def
+ /FmPA {pop pop pop}FmBD
+} ifelse
+/FmDC {
+ transform fMDefaultMatrix itransform cvi exch cvi exch
+}FmBD
+/FmBx {
+ dup 3 index lt {3 1 roll exch} if
+ 1 index 4 index lt {4 -1 roll 3 1 roll exch 4 1 roll} if
+}FmBD
+/FMnone 0 def
+/FMcyan 1 def
+/FMmagenta 2 def
+/FMyellow 3 def
+/FMblack 4 def
+/FMcustom 5 def
+/fMNegative false def
+/FrameSepIs FMnone def
+/FrameSepBlack 0 def
+/FrameSepYellow 0 def
+/FrameSepMagenta 0 def
+/FrameSepCyan 0 def
+/FrameSepRed 1 def
+/FrameSepGreen 1 def
+/FrameSepBlue 1 def
+/FrameCurGray 1 def
+/FrameCurPat null def
+/FrameCurColors [ 0 0 0 1 0 0 0 ] def
+/FrameColorEpsilon .001 def
+/eqepsilon {
+ sub dup 0 lt {neg} if
+ FrameColorEpsilon le
+} bind def
+/FrameCmpColorsCMYK {
+ 2 copy 0 get exch 0 get eqepsilon {
+ 2 copy 1 get exch 1 get eqepsilon {
+ 2 copy 2 get exch 2 get eqepsilon {
+ 3 get exch 3 get eqepsilon
+ } {pop pop false} ifelse
+ }{pop pop false} ifelse
+ } {pop pop false} ifelse
+} bind def
+/FrameCmpColorsRGB {
+ 2 copy 4 get exch 0 get eqepsilon {
+ 2 copy 5 get exch 1 get eqepsilon {
+ 6 get exch 2 get eqepsilon
+ }{pop pop false} ifelse
+ } {pop pop false} ifelse
+} bind def
+/RGBtoCMYK {
+ 1 exch sub
+ 3 1 roll
+ 1 exch sub
+ 3 1 roll
+ 1 exch sub
+ 3 1 roll
+ 3 copy
+ 2 copy
+ le { pop } { exch pop } ifelse
+ 2 copy
+ le { pop } { exch pop } ifelse
+ dup dup dup
+ 6 1 roll
+ 4 1 roll
+ 7 1 roll
+ sub
+ 6 1 roll
+ sub
+ 5 1 roll
+ sub
+ 4 1 roll
+} bind def
+/CMYKtoRGB {
+ dup dup 4 -1 roll add
+ 5 1 roll 3 -1 roll add
+ 4 1 roll add
+ 1 exch sub dup 0 lt {pop 0} if 3 1 roll
+ 1 exch sub dup 0 lt {pop 0} if exch
+ 1 exch sub dup 0 lt {pop 0} if exch
+} bind def
+/FrameSepInit {
+ 1.0 RealSetgray
+} bind def
+/FrameSetSepColor {
+ /FrameSepBlue exch def
+ /FrameSepGreen exch def
+ /FrameSepRed exch def
+ /FrameSepBlack exch def
+ /FrameSepYellow exch def
+ /FrameSepMagenta exch def
+ /FrameSepCyan exch def
+ /FrameSepIs FMcustom def
+ setCurrentScreen
+} bind def
+/FrameSetCyan {
+ /FrameSepBlue 1.0 def
+ /FrameSepGreen 1.0 def
+ /FrameSepRed 0.0 def
+ /FrameSepBlack 0.0 def
+ /FrameSepYellow 0.0 def
+ /FrameSepMagenta 0.0 def
+ /FrameSepCyan 1.0 def
+ /FrameSepIs FMcyan def
+ setCurrentScreen
+} bind def
+
+/FrameSetMagenta {
+ /FrameSepBlue 1.0 def
+ /FrameSepGreen 0.0 def
+ /FrameSepRed 1.0 def
+ /FrameSepBlack 0.0 def
+ /FrameSepYellow 0.0 def
+ /FrameSepMagenta 1.0 def
+ /FrameSepCyan 0.0 def
+ /FrameSepIs FMmagenta def
+ setCurrentScreen
+} bind def
+
+/FrameSetYellow {
+ /FrameSepBlue 0.0 def
+ /FrameSepGreen 1.0 def
+ /FrameSepRed 1.0 def
+ /FrameSepBlack 0.0 def
+ /FrameSepYellow 1.0 def
+ /FrameSepMagenta 0.0 def
+ /FrameSepCyan 0.0 def
+ /FrameSepIs FMyellow def
+ setCurrentScreen
+} bind def
+
+/FrameSetBlack {
+ /FrameSepBlue 0.0 def
+ /FrameSepGreen 0.0 def
+ /FrameSepRed 0.0 def
+ /FrameSepBlack 1.0 def
+ /FrameSepYellow 0.0 def
+ /FrameSepMagenta 0.0 def
+ /FrameSepCyan 0.0 def
+ /FrameSepIs FMblack def
+ setCurrentScreen
+} bind def
+
+/FrameNoSep {
+ /FrameSepIs FMnone def
+ setCurrentScreen
+} bind def
+/FrameSetSepColors {
+ FrameDict begin
+ [ exch 1 add 1 roll ]
+ /FrameSepColors
+ exch def end
+ } bind def
+/FrameColorInSepListCMYK {
+ FrameSepColors {
+ exch dup 3 -1 roll
+ FrameCmpColorsCMYK
+ { pop true exit } if
+ } forall
+ dup true ne {pop false} if
+ } bind def
+/FrameColorInSepListRGB {
+ FrameSepColors {
+ exch dup 3 -1 roll
+ FrameCmpColorsRGB
+ { pop true exit } if
+ } forall
+ dup true ne {pop false} if
+ } bind def
+/RealSetgray /setgray load def
+/RealSetrgbcolor /setrgbcolor load def
+/RealSethsbcolor /sethsbcolor load def
+end
+/setgray {
+ FrameDict begin
+ FrameSepIs FMnone eq
+ { RealSetgray }
+ {
+ FrameSepIs FMblack eq
+ { RealSetgray }
+ { FrameSepIs FMcustom eq
+ FrameSepRed 0 eq and
+ FrameSepGreen 0 eq and
+ FrameSepBlue 0 eq and {
+ RealSetgray
+ } {
+ 1 RealSetgray pop
+ } ifelse
+ } ifelse
+ } ifelse
+ end
+} bind def
+/setrgbcolor {
+ FrameDict begin
+ FrameSepIs FMnone eq
+ { RealSetrgbcolor }
+ {
+ 3 copy [ 4 1 roll ]
+ FrameColorInSepListRGB
+ {
+ FrameSepBlue eq exch
+ FrameSepGreen eq and exch
+ FrameSepRed eq and
+ { 0 } { 1 } ifelse
+ }
+ {
+ FMPColor {
+ RealSetrgbcolor
+ currentcmykcolor
+ } {
+ RGBtoCMYK
+ } ifelse
+ FrameSepIs FMblack eq
+ {1.0 exch sub 4 1 roll pop pop pop} {
+ FrameSepIs FMyellow eq
+ {pop 1.0 exch sub 3 1 roll pop pop} {
+ FrameSepIs FMmagenta eq
+ {pop pop 1.0 exch sub exch pop } {
+ FrameSepIs FMcyan eq
+ {pop pop pop 1.0 exch sub }
+ {pop pop pop pop 1} ifelse } ifelse } ifelse } ifelse
+ } ifelse
+ RealSetgray
+ }
+ ifelse
+ end
+} bind def
+/sethsbcolor {
+ FrameDict begin
+ FrameSepIs FMnone eq
+ { RealSethsbcolor }
+ {
+ RealSethsbcolor
+ currentrgbcolor
+ setrgbcolor
+ }
+ ifelse
+ end
+} bind def
+FrameDict begin
+/setcmykcolor where {
+ pop /RealSetcmykcolor /setcmykcolor load def
+} {
+ /RealSetcmykcolor {
+ 4 1 roll
+ 3 { 3 index add 0 max 1 min 1 exch sub 3 1 roll} repeat
+ RealSetrgbcolor pop
+ } bind def
+} ifelse
+userdict /setcmykcolor {
+ FrameDict begin
+ FrameSepIs FMnone eq
+ { RealSetcmykcolor }
+ {
+ 4 copy [ 5 1 roll ]
+ FrameColorInSepListCMYK
+ {
+ FrameSepBlack eq exch
+ FrameSepYellow eq and exch
+ FrameSepMagenta eq and exch
+ FrameSepCyan eq and
+ { 0 } { 1 } ifelse
+ }
+ {
+ FrameSepIs FMblack eq
+ {1.0 exch sub 4 1 roll pop pop pop} {
+ FrameSepIs FMyellow eq
+ {pop 1.0 exch sub 3 1 roll pop pop} {
+ FrameSepIs FMmagenta eq
+ {pop pop 1.0 exch sub exch pop } {
+ FrameSepIs FMcyan eq
+ {pop pop pop 1.0 exch sub }
+ {pop pop pop pop 1} ifelse } ifelse } ifelse } ifelse
+ } ifelse
+ RealSetgray
+ }
+ ifelse
+ end
+ } bind put
+fMLevel1 {
+
+
+
+ /patScreenDict 7 dict dup begin
+ <0f1e3c78f0e1c387> [ 45 { pop } {exch pop} .5 2 sqrt] FmBD
+ <0f87c3e1f0783c1e> [ 135 { pop } {exch pop} .5 2 sqrt] FmBD
+ <cccccccccccccccc> [ 0 { pop } dup .5 2 ] FmBD
+ <ffff0000ffff0000> [ 90 { pop } dup .5 2 ] FmBD
+ <8142241818244281> [ 45 { 2 copy lt {exch} if pop} dup .75 2 sqrt] FmBD
+ <03060c183060c081> [ 45 { pop } {exch pop} .875 2 sqrt] FmBD
+ <8040201008040201> [ 135 { pop } {exch pop} .875 2 sqrt] FmBD
+ end def
+} {
+
+ /patProcDict 5 dict dup begin
+ <0f1e3c78f0e1c387> { 3 setlinewidth -1 -1 moveto 9 9 lineto stroke
+ 4 -4 moveto 12 4 lineto stroke
+ -4 4 moveto 4 12 lineto stroke} bind def
+ <0f87c3e1f0783c1e> { 3 setlinewidth -1 9 moveto 9 -1 lineto stroke
+ -4 4 moveto 4 -4 lineto stroke
+ 4 12 moveto 12 4 lineto stroke} bind def
+ <8142241818244281> { 1 setlinewidth -1 9 moveto 9 -1 lineto stroke
+ -1 -1 moveto 9 9 lineto stroke } bind def
+ <03060c183060c081> { 1 setlinewidth -1 -1 moveto 9 9 lineto stroke
+ 4 -4 moveto 12 4 lineto stroke
+ -4 4 moveto 4 12 lineto stroke} bind def
+ <8040201008040201> { 1 setlinewidth -1 9 moveto 9 -1 lineto stroke
+ -4 4 moveto 4 -4 lineto stroke
+ 4 12 moveto 12 4 lineto stroke} bind def
+ end def
+ /patDict 15 dict dup begin
+ /PatternType 1 def
+ /PaintType 2 def
+ /TilingType 3 def
+ /BBox [ 0 0 8 8 ] def
+ /XStep 8 def
+ /YStep 8 def
+ /PaintProc {
+ begin
+ patProcDict bstring known {
+ patProcDict bstring get exec
+ } {
+ 8 8 true [1 0 0 -1 0 8] bstring imagemask
+ } ifelse
+ end
+ } bind def
+ end def
+} ifelse
+/combineColor {
+ FrameSepIs FMnone eq
+ {
+ graymode fMLevel1 or not {
+
+ [/Pattern [/DeviceCMYK]] setcolorspace
+ FrameCurColors 0 4 getinterval aload pop FrameCurPat setcolor
+ } {
+ FrameCurColors 3 get 1.0 ge {
+ FrameCurGray RealSetgray
+ } {
+ fMAcrobat not FMPColor graymode and and {
+ 0 1 3 {
+ FrameCurColors exch get
+ 1 FrameCurGray sub mul
+ } for
+ RealSetcmykcolor
+ } {
+ 4 1 6 {
+ FrameCurColors exch get
+ graymode {
+ 1 exch sub 1 FrameCurGray sub mul 1 exch sub
+ } {
+ 1.0 lt {FrameCurGray} {1} ifelse
+ } ifelse
+ } for
+ RealSetrgbcolor
+ } ifelse
+ } ifelse
+ } ifelse
+ } {
+ FrameCurColors 0 4 getinterval aload
+ FrameColorInSepListCMYK {
+ FrameSepBlack eq exch
+ FrameSepYellow eq and exch
+ FrameSepMagenta eq and exch
+ FrameSepCyan eq and
+ FrameSepIs FMcustom eq and
+ { FrameCurGray } { 1 } ifelse
+ } {
+ FrameSepIs FMblack eq
+ {FrameCurGray 1.0 exch sub mul 1.0 exch sub 4 1 roll pop pop pop} {
+ FrameSepIs FMyellow eq
+ {pop FrameCurGray 1.0 exch sub mul 1.0 exch sub 3 1 roll pop pop} {
+ FrameSepIs FMmagenta eq
+ {pop pop FrameCurGray 1.0 exch sub mul 1.0 exch sub exch pop } {
+ FrameSepIs FMcyan eq
+ {pop pop pop FrameCurGray 1.0 exch sub mul 1.0 exch sub }
+ {pop pop pop pop 1} ifelse } ifelse } ifelse } ifelse
+ } ifelse
+ graymode fMLevel1 or not {
+
+ [/Pattern [/DeviceGray]] setcolorspace
+ FrameCurPat setcolor
+ } {
+ graymode not fMLevel1 and {
+
+ dup 1 lt {pop FrameCurGray} if
+ } if
+ RealSetgray
+ } ifelse
+ } ifelse
+} bind def
+/savematrix {
+ orgmatrix currentmatrix pop
+ } bind def
+/restorematrix {
+ orgmatrix setmatrix
+ } bind def
+/fMDefaultMatrix matrix defaultmatrix def
+/fMatrix2 matrix def
+/dpi 72 0 fMDefaultMatrix dtransform
+ dup mul exch dup mul add sqrt def
+
+/freq dpi dup 72 div round dup 0 eq {pop 1} if 8 mul div def
+/sangle 1 0 fMDefaultMatrix dtransform exch atan def
+ sangle fMatrix2 rotate
+ fMDefaultMatrix fMatrix2 concatmatrix
+ dup 0 get /sflipx exch def
+ 3 get /sflipy exch def
+/screenIndex {
+ 0 1 dpiranges length 1 sub { dup dpiranges exch get 1 sub dpi le {exit} {pop} ifelse } for
+} bind def
+/getCyanScreen {
+ FMUseHighFrequencyScreens { CHighAngles CMHighFreqs} {CLowAngles CMLowFreqs} ifelse
+ screenIndex dup 3 1 roll get 3 1 roll get /FMSpotFunction load
+} bind def
+/getMagentaScreen {
+ FMUseHighFrequencyScreens { MHighAngles CMHighFreqs } {MLowAngles CMLowFreqs} ifelse
+ screenIndex dup 3 1 roll get 3 1 roll get /FMSpotFunction load
+} bind def
+/getYellowScreen {
+ FMUseHighFrequencyScreens { YHighTDot YHighFreqs} { YLowTDot YLowFreqs } ifelse
+ screenIndex dup 3 1 roll get 3 1 roll get { 3 div
+ {2 { 1 add 2 div 3 mul dup floor sub 2 mul 1 sub exch} repeat
+ FMSpotFunction } } {/FMSpotFunction load } ifelse
+ 0.0 exch
+} bind def
+/getBlackScreen {
+ FMUseHighFrequencyScreens { KHighFreqs } { KLowFreqs } ifelse
+ screenIndex get 45.0 /FMSpotFunction load
+} bind def
+/getSpotScreen {
+ getBlackScreen
+} bind def
+/getCompositeScreen {
+ getBlackScreen
+} bind def
+/FMSetScreen
+ fMLevel1 { /setscreen load
+ }{ {
+ 8 dict begin
+ /HalftoneType 1 def
+ /SpotFunction exch def
+ /Angle exch def
+ /Frequency exch def
+ /AccurateScreens FMUseAcccurateScreens def
+ currentdict end sethalftone
+ } bind } ifelse
+def
+/setDefaultScreen {
+ FMPColor {
+ orgrxfer cvx orggxfer cvx orgbxfer cvx orgxfer cvx setcolortransfer
+ }
+ {
+ orgxfer cvx settransfer
+ } ifelse
+ orgfreq organgle orgproc cvx setscreen
+} bind def
+/setCurrentScreen {
+ FrameSepIs FMnone eq {
+ FMUseDefaultNoSeparationScreen {
+ setDefaultScreen
+ } {
+ getCompositeScreen FMSetScreen
+ } ifelse
+ } {
+ FrameSepIs FMcustom eq {
+ FMUseDefaultSpotSeparationScreen {
+ setDefaultScreen
+ } {
+ getSpotScreen FMSetScreen
+ } ifelse
+ } {
+ FMUseDefaultProcessSeparationScreen {
+ setDefaultScreen
+ } {
+ FrameSepIs FMcyan eq {
+ getCyanScreen FMSetScreen
+ } {
+ FrameSepIs FMmagenta eq {
+ getMagentaScreen FMSetScreen
+ } {
+ FrameSepIs FMyellow eq {
+ getYellowScreen FMSetScreen
+ } {
+ getBlackScreen FMSetScreen
+ } ifelse
+ } ifelse
+ } ifelse
+ } ifelse
+ } ifelse
+ } ifelse
+} bind def
+end
+
+/FMDOCUMENT {
+ array /FMfonts exch def
+ /#copies exch def
+ FrameDict begin
+ 0 ne /manualfeed exch def
+ /paperheight exch def
+ /paperwidth exch def
+ 0 ne /fMNegative exch def
+ 0 ne /edown exch def
+ /yscale exch def
+ /xscale exch def
+ fMLevel1 {
+ manualfeed {setmanualfeed} if
+ /FMdicttop countdictstack 1 add def
+ /FMoptop count def
+ setpapername
+ manualfeed {true} {papersize} ifelse
+ {manualpapersize} {false} ifelse
+ {desperatepapersize} {false} ifelse
+ {papersizefailure} if
+ count -1 FMoptop {pop pop} for
+ countdictstack -1 FMdicttop {pop end} for
+ }
+ {2 dict
+ dup /PageSize [paperwidth paperheight] put
+ manualfeed {dup /ManualFeed manualfeed put} if
+ {setpagedevice} stopped {papersizefailure} if
+ }
+ ifelse
+
+ FMPColor {
+ currentcolorscreen
+ cvlit /orgproc exch def
+ /organgle exch def
+ /orgfreq exch def
+ cvlit /orgbproc exch def
+ /orgbangle exch def
+ /orgbfreq exch def
+ cvlit /orggproc exch def
+ /orggangle exch def
+ /orggfreq exch def
+ cvlit /orgrproc exch def
+ /orgrangle exch def
+ /orgrfreq exch def
+ currentcolortransfer
+ fMNegative {
+ 1 1 4 {
+ pop { 1 exch sub } fmConcatProcs 4 1 roll
+ } for
+ 4 copy
+ setcolortransfer
+ } if
+ cvlit /orgxfer exch def
+ cvlit /orgbxfer exch def
+ cvlit /orggxfer exch def
+ cvlit /orgrxfer exch def
+ } {
+ currentscreen
+ cvlit /orgproc exch def
+ /organgle exch def
+ /orgfreq exch def
+
+ currenttransfer
+ fMNegative {
+ { 1 exch sub } fmConcatProcs
+ dup settransfer
+ } if
+ cvlit /orgxfer exch def
+ } ifelse
+ end
+} def
+/FMBEGINPAGE {
+ FrameDict begin
+ /pagesave save def
+ 3.86 setmiterlimit
+ /landscape exch 0 ne def
+ landscape {
+ 90 rotate 0 exch dup /pwid exch def neg translate pop
+ }{
+ pop /pwid exch def
+ } ifelse
+ edown { [-1 0 0 1 pwid 0] concat } if
+ 0 0 moveto paperwidth 0 lineto paperwidth paperheight lineto
+ 0 paperheight lineto 0 0 lineto 1 setgray fill
+ xscale yscale scale
+ /orgmatrix matrix def
+ gsave
+} def
+/FMENDPAGE {
+ grestore
+ pagesave restore
+ end
+ showpage
+ } def
+/FMFONTDEFINE {
+ FrameDict begin
+ findfont
+ ReEncode
+ 1 index exch
+ definefont
+ FMfonts 3 1 roll
+ put
+ end
+ } def
+/FMFILLS {
+ FrameDict begin dup
+ array /fillvals exch def
+ dict /patCache exch def
+ end
+ } def
+/FMFILL {
+ FrameDict begin
+ fillvals 3 1 roll put
+ end
+ } def
+/FMNORMALIZEGRAPHICS {
+ newpath
+ 1 setlinewidth
+ 0 setlinecap
+ 0 0 0 sethsbcolor
+ 0 setgray
+ } bind def
+/FMBEGINEPSF {
+ end
+ /FMEPSF save def
+ /showpage {} def
+% See Adobe's "PostScript Language Reference Manual, 2nd Edition", page 714.
+% "...the following operators MUST NOT be used in an EPS file:" (emphasis ours)
+ /banddevice {(banddevice) FMBADEPSF} def
+ /clear {(clear) FMBADEPSF} def
+ /cleardictstack {(cleardictstack) FMBADEPSF} def
+ /copypage {(copypage) FMBADEPSF} def
+ /erasepage {(erasepage) FMBADEPSF} def
+ /exitserver {(exitserver) FMBADEPSF} def
+ /framedevice {(framedevice) FMBADEPSF} def
+ /grestoreall {(grestoreall) FMBADEPSF} def
+ /initclip {(initclip) FMBADEPSF} def
+ /initgraphics {(initgraphics) FMBADEPSF} def
+ /quit {(quit) FMBADEPSF} def
+ /renderbands {(renderbands) FMBADEPSF} def
+ /setglobal {(setglobal) FMBADEPSF} def
+ /setpagedevice {(setpagedevice) FMBADEPSF} def
+ /setshared {(setshared) FMBADEPSF} def
+ /startjob {(startjob) FMBADEPSF} def
+ /lettertray {(lettertray) FMBADEPSF} def
+ /letter {(letter) FMBADEPSF} def
+ /lettersmall {(lettersmall) FMBADEPSF} def
+ /11x17tray {(11x17tray) FMBADEPSF} def
+ /11x17 {(11x17) FMBADEPSF} def
+ /ledgertray {(ledgertray) FMBADEPSF} def
+ /ledger {(ledger) FMBADEPSF} def
+ /legaltray {(legaltray) FMBADEPSF} def
+ /legal {(legal) FMBADEPSF} def
+ /statementtray {(statementtray) FMBADEPSF} def
+ /statement {(statement) FMBADEPSF} def
+ /executivetray {(executivetray) FMBADEPSF} def
+ /executive {(executive) FMBADEPSF} def
+ /a3tray {(a3tray) FMBADEPSF} def
+ /a3 {(a3) FMBADEPSF} def
+ /a4tray {(a4tray) FMBADEPSF} def
+ /a4 {(a4) FMBADEPSF} def
+ /a4small {(a4small) FMBADEPSF} def
+ /b4tray {(b4tray) FMBADEPSF} def
+ /b4 {(b4) FMBADEPSF} def
+ /b5tray {(b5tray) FMBADEPSF} def
+ /b5 {(b5) FMBADEPSF} def
+ FMNORMALIZEGRAPHICS
+ [/fy /fx /fh /fw /ury /urx /lly /llx] {exch def} forall
+ fx fw 2 div add fy fh 2 div add translate
+ rotate
+ fw 2 div neg fh 2 div neg translate
+ fw urx llx sub div fh ury lly sub div scale
+ llx neg lly neg translate
+ /FMdicttop countdictstack 1 add def
+ /FMoptop count def
+ } bind def
+/FMENDEPSF {
+ count -1 FMoptop {pop pop} for
+ countdictstack -1 FMdicttop {pop end} for
+ FMEPSF restore
+ FrameDict begin
+ } bind def
+FrameDict begin
+/setmanualfeed {
+%%BeginFeature *ManualFeed True
+ statusdict /manualfeed true put
+%%EndFeature
+ } bind def
+/max {2 copy lt {exch} if pop} bind def
+/min {2 copy gt {exch} if pop} bind def
+/inch {72 mul} def
+/pagedimen {
+ paperheight sub abs 16 lt exch
+ paperwidth sub abs 16 lt and
+ {/papername exch def} {pop} ifelse
+ } bind def
+/setpapername {
+ /papersizedict 14 dict def
+ papersizedict begin
+ /papername /unknown def
+ /Letter 8.5 inch 11.0 inch pagedimen
+ /LetterSmall 7.68 inch 10.16 inch pagedimen
+ /Tabloid 11.0 inch 17.0 inch pagedimen
+ /Ledger 17.0 inch 11.0 inch pagedimen
+ /Legal 8.5 inch 14.0 inch pagedimen
+ /Statement 5.5 inch 8.5 inch pagedimen
+ /Executive 7.5 inch 10.0 inch pagedimen
+ /A3 11.69 inch 16.5 inch pagedimen
+ /A4 8.26 inch 11.69 inch pagedimen
+ /A4Small 7.47 inch 10.85 inch pagedimen
+ /B4 10.125 inch 14.33 inch pagedimen
+ /B5 7.16 inch 10.125 inch pagedimen
+ end
+ } bind def
+/papersize {
+ papersizedict begin
+ /Letter {lettertray letter} def
+ /LetterSmall {lettertray lettersmall} def
+ /Tabloid {11x17tray 11x17} def
+ /Ledger {ledgertray ledger} def
+ /Legal {legaltray legal} def
+ /Statement {statementtray statement} def
+ /Executive {executivetray executive} def
+ /A3 {a3tray a3} def
+ /A4 {a4tray a4} def
+ /A4Small {a4tray a4small} def
+ /B4 {b4tray b4} def
+ /B5 {b5tray b5} def
+ /unknown {unknown} def
+ papersizedict dup papername known {papername} {/unknown} ifelse get
+ end
+ statusdict begin stopped end
+ } bind def
+/manualpapersize {
+ papersizedict begin
+ /Letter {letter} def
+ /LetterSmall {lettersmall} def
+ /Tabloid {11x17} def
+ /Ledger {ledger} def
+ /Legal {legal} def
+ /Statement {statement} def
+ /Executive {executive} def
+ /A3 {a3} def
+ /A4 {a4} def
+ /A4Small {a4small} def
+ /B4 {b4} def
+ /B5 {b5} def
+ /unknown {unknown} def
+ papersizedict dup papername known {papername} {/unknown} ifelse get
+ end
+ stopped
+ } bind def
+/desperatepapersize {
+ statusdict /setpageparams known
+ {
+ paperwidth paperheight 0 1
+ statusdict begin
+ {setpageparams} stopped
+ end
+ } {true} ifelse
+ } bind def
+/papersizefailure {
+ FMAllowPaperSizeMismatch not
+ {
+(The requested paper size is not available in any currently-installed tray)
+(Edit the PS file to "FMAllowPaperSizeMismatch true" to use default tray)
+ FMFAILURE } if
+ } def
+/DiacriticEncoding [
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/.notdef /.notdef /.notdef /.notdef /space /exclam /quotedbl
+/numbersign /dollar /percent /ampersand /quotesingle /parenleft
+/parenright /asterisk /plus /comma /hyphen /period /slash /zero /one
+/two /three /four /five /six /seven /eight /nine /colon /semicolon
+/less /equal /greater /question /at /A /B /C /D /E /F /G /H /I /J /K
+/L /M /N /O /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash
+/bracketright /asciicircum /underscore /grave /a /b /c /d /e /f /g /h
+/i /j /k /l /m /n /o /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar
+/braceright /asciitilde /.notdef /Adieresis /Aring /Ccedilla /Eacute
+/Ntilde /Odieresis /Udieresis /aacute /agrave /acircumflex /adieresis
+/atilde /aring /ccedilla /eacute /egrave /ecircumflex /edieresis
+/iacute /igrave /icircumflex /idieresis /ntilde /oacute /ograve
+/ocircumflex /odieresis /otilde /uacute /ugrave /ucircumflex
+/udieresis /dagger /.notdef /cent /sterling /section /bullet
+/paragraph /germandbls /registered /copyright /trademark /acute
+/dieresis /.notdef /AE /Oslash /.notdef /.notdef /.notdef /.notdef
+/yen /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef
+/ordfeminine /ordmasculine /.notdef /ae /oslash /questiondown
+/exclamdown /logicalnot /.notdef /florin /.notdef /.notdef
+/guillemotleft /guillemotright /ellipsis /.notdef /Agrave /Atilde
+/Otilde /OE /oe /endash /emdash /quotedblleft /quotedblright
+/quoteleft /quoteright /.notdef /.notdef /ydieresis /Ydieresis
+/fraction /currency /guilsinglleft /guilsinglright /fi /fl /daggerdbl
+/periodcentered /quotesinglbase /quotedblbase /perthousand
+/Acircumflex /Ecircumflex /Aacute /Edieresis /Egrave /Iacute
+/Icircumflex /Idieresis /Igrave /Oacute /Ocircumflex /.notdef /Ograve
+/Uacute /Ucircumflex /Ugrave /dotlessi /circumflex /tilde /macron
+/breve /dotaccent /ring /cedilla /hungarumlaut /ogonek /caron
+] def
+/ReEncode {
+ dup
+ length
+ dict begin
+ {
+ 1 index /FID ne
+ {def}
+ {pop pop} ifelse
+ } forall
+ 0 eq {/Encoding DiacriticEncoding def} if
+ currentdict
+ end
+ } bind def
+FMPColor
+
+ {
+ /BEGINBITMAPCOLOR {
+ BITMAPCOLOR} def
+ /BEGINBITMAPCOLORc {
+ BITMAPCOLORc} def
+ /BEGINBITMAPTRUECOLOR {
+ BITMAPTRUECOLOR } def
+ /BEGINBITMAPTRUECOLORc {
+ BITMAPTRUECOLORc } def
+ /BEGINBITMAPCMYK {
+ BITMAPCMYK } def
+ /BEGINBITMAPCMYKc {
+ BITMAPCMYKc } def
+ }
+
+ {
+ /BEGINBITMAPCOLOR {
+ BITMAPGRAY} def
+ /BEGINBITMAPCOLORc {
+ BITMAPGRAYc} def
+ /BEGINBITMAPTRUECOLOR {
+ BITMAPTRUEGRAY } def
+ /BEGINBITMAPTRUECOLORc {
+ BITMAPTRUEGRAYc } def
+ /BEGINBITMAPCMYK {
+ BITMAPCMYKGRAY } def
+ /BEGINBITMAPCMYKc {
+ BITMAPCMYKGRAYc } def
+ }
+ifelse
+/K {
+ FMPrintAllColorsAsBlack {
+ dup 1 eq 2 index 1 eq and 3 index 1 eq and not
+ {7 {pop} repeat 0 0 0 1 0 0 0} if
+ } if
+ FrameCurColors astore
+ pop combineColor
+} bind def
+/graymode true def
+fMLevel1 {
+ /fmGetFlip {
+ fMatrix2 exch get mul 0 lt { -1 } { 1 } ifelse
+ } FmBD
+} if
+/setPatternMode {
+ fMLevel1 {
+ 2 index patScreenDict exch known {
+ pop pop
+ patScreenDict exch get aload pop
+ freq
+ mul
+ 5 2 roll
+ fMatrix2 currentmatrix 1 get 0 ne {
+ 3 -1 roll 90 add 3 1 roll
+ sflipx 1 fmGetFlip sflipy 2 fmGetFlip neg mul
+ } {
+ sflipx 0 fmGetFlip sflipy 3 fmGetFlip mul
+ } ifelse
+ 0 lt {exch pop} {pop} ifelse
+ fMNegative {
+ {neg} fmConcatProcs
+ } if
+ bind
+
+
+
+ systemdict /setscreen get exec
+ /FrameCurGray exch def
+ } {
+ /bwidth exch def
+ /bpside exch def
+ /bstring exch def
+ /onbits 0 def /offbits 0 def
+ freq sangle landscape {90 add} if
+ {/ypoint exch def
+ /xpoint exch def
+ /xindex xpoint 1 add 2 div bpside mul cvi def
+ /yindex ypoint 1 add 2 div bpside mul cvi def
+ bstring yindex bwidth mul xindex 8 idiv add get
+ 1 7 xindex 8 mod sub bitshift and 0 ne fMNegative {not} if
+ {/onbits onbits 1 add def 1}
+ {/offbits offbits 1 add def 0}
+ ifelse
+ }
+ setscreen
+ offbits offbits onbits add div fMNegative {1.0 exch sub} if
+ /FrameCurGray exch def
+ } ifelse
+ } {
+ pop pop
+ dup patCache exch known {
+ patCache exch get
+ } {
+ dup
+ patDict /bstring 3 -1 roll put
+ patDict
+ 9 PatFreq screenIndex get div dup matrix scale
+ makepattern
+ dup
+ patCache 4 -1 roll 3 -1 roll put
+ } ifelse
+ /FrameCurGray 0 def
+ /FrameCurPat exch def
+ } ifelse
+ /graymode false def
+ combineColor
+} bind def
+/setGrayScaleMode {
+ graymode not {
+ /graymode true def
+ fMLevel1 {
+ setCurrentScreen
+ } if
+ } if
+ /FrameCurGray exch def
+ combineColor
+} bind def
+/normalize {
+ transform round exch round exch itransform
+ } bind def
+/dnormalize {
+ dtransform round exch round exch idtransform
+ } bind def
+/lnormalize {
+ 0 dtransform exch cvi 2 idiv 2 mul 1 add exch idtransform pop
+ } bind def
+/H {
+ lnormalize setlinewidth
+ } bind def
+/Z {
+ setlinecap
+ } bind def
+
+/PFill {
+ graymode fMLevel1 or not {
+ gsave 1 setgray eofill grestore
+ } if
+} bind def
+/PStroke {
+ graymode fMLevel1 or not {
+ gsave 1 setgray stroke grestore
+ } if
+ stroke
+} bind def
+/X {
+ fillvals exch get
+ dup type /stringtype eq
+ {8 1 setPatternMode}
+ {setGrayScaleMode}
+ ifelse
+ } bind def
+/V {
+ PFill gsave eofill grestore
+ } bind def
+/Vclip {
+ clip
+ } bind def
+/Vstrk {
+ currentlinewidth exch setlinewidth PStroke setlinewidth
+ } bind def
+/N {
+ PStroke
+ } bind def
+/Nclip {
+ strokepath clip newpath
+ } bind def
+/Nstrk {
+ currentlinewidth exch setlinewidth PStroke setlinewidth
+ } bind def
+/M {newpath moveto} bind def
+/E {lineto} bind def
+/D {curveto} bind def
+/O {closepath} bind def
+/L {
+ /n exch def
+ newpath
+ normalize
+ moveto
+ 2 1 n {pop normalize lineto} for
+ } bind def
+/Y {
+ L
+ closepath
+ } bind def
+/R {
+ /y2 exch def
+ /x2 exch def
+ /y1 exch def
+ /x1 exch def
+ x1 y1
+ x2 y1
+ x2 y2
+ x1 y2
+ 4 Y
+ } bind def
+/rarc
+ {rad
+ arcto
+ } bind def
+/RR {
+ /rad exch def
+ normalize
+ /y2 exch def
+ /x2 exch def
+ normalize
+ /y1 exch def
+ /x1 exch def
+ mark
+ newpath
+ {
+ x1 y1 rad add moveto
+ x1 y2 x2 y2 rarc
+ x2 y2 x2 y1 rarc
+ x2 y1 x1 y1 rarc
+ x1 y1 x1 y2 rarc
+ closepath
+ } stopped {x1 y1 x2 y2 R} if
+ cleartomark
+ } bind def
+/RRR {
+ /rad exch def
+ normalize /y4 exch def /x4 exch def
+ normalize /y3 exch def /x3 exch def
+ normalize /y2 exch def /x2 exch def
+ normalize /y1 exch def /x1 exch def
+ newpath
+ normalize moveto
+ mark
+ {
+ x2 y2 x3 y3 rarc
+ x3 y3 x4 y4 rarc
+ x4 y4 x1 y1 rarc
+ x1 y1 x2 y2 rarc
+ closepath
+ } stopped
+ {x1 y1 x2 y2 x3 y3 x4 y4 newpath moveto lineto lineto lineto closepath} if
+ cleartomark
+ } bind def
+/C {
+ grestore
+ gsave
+ R
+ clip
+ setCurrentScreen
+} bind def
+/CP {
+ grestore
+ gsave
+ Y
+ clip
+ setCurrentScreen
+} bind def
+/F {
+ FMfonts exch get
+ FMpointsize scalefont
+ setfont
+ } bind def
+/Q {
+ /FMpointsize exch def
+ F
+ } bind def
+/T {
+ moveto show
+ } bind def
+/RF {
+ rotate
+ 0 ne {-1 1 scale} if
+ } bind def
+/TF {
+ gsave
+ moveto
+ RF
+ show
+ grestore
+ } bind def
+/P {
+ moveto
+ 0 32 3 2 roll widthshow
+ } bind def
+/PF {
+ gsave
+ moveto
+ RF
+ 0 32 3 2 roll widthshow
+ grestore
+ } bind def
+/S {
+ moveto
+ 0 exch ashow
+ } bind def
+/SF {
+ gsave
+ moveto
+ RF
+ 0 exch ashow
+ grestore
+ } bind def
+/B {
+ moveto
+ 0 32 4 2 roll 0 exch awidthshow
+ } bind def
+/BF {
+ gsave
+ moveto
+ RF
+ 0 32 4 2 roll 0 exch awidthshow
+ grestore
+ } bind def
+/G {
+ gsave
+ newpath
+ normalize translate 0.0 0.0 moveto
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ PFill fill
+ grestore
+ } bind def
+/Gstrk {
+ savematrix
+ newpath
+ 2 index 2 div add exch 3 index 2 div sub exch
+ normalize 2 index 2 div sub exch 3 index 2 div add exch
+ translate
+ scale
+ 0.0 0.0 1.0 5 3 roll arc
+ restorematrix
+ currentlinewidth exch setlinewidth PStroke setlinewidth
+ } bind def
+/Gclip {
+ newpath
+ savematrix
+ normalize translate 0.0 0.0 moveto
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ clip newpath
+ restorematrix
+ } bind def
+/GG {
+ gsave
+ newpath
+ normalize translate 0.0 0.0 moveto
+ rotate
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ PFill
+ fill
+ grestore
+ } bind def
+/GGclip {
+ savematrix
+ newpath
+ normalize translate 0.0 0.0 moveto
+ rotate
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ clip newpath
+ restorematrix
+ } bind def
+/GGstrk {
+ savematrix
+ newpath
+ normalize translate 0.0 0.0 moveto
+ rotate
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ restorematrix
+ currentlinewidth exch setlinewidth PStroke setlinewidth
+ } bind def
+/A {
+ gsave
+ savematrix
+ newpath
+ 2 index 2 div add exch 3 index 2 div sub exch
+ normalize 2 index 2 div sub exch 3 index 2 div add exch
+ translate
+ scale
+ 0.0 0.0 1.0 5 3 roll arc
+ restorematrix
+ PStroke
+ grestore
+ } bind def
+/Aclip {
+ newpath
+ savematrix
+ normalize translate 0.0 0.0 moveto
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ strokepath clip newpath
+ restorematrix
+} bind def
+/Astrk {
+ Gstrk
+} bind def
+/AA {
+ gsave
+ savematrix
+ newpath
+
+ 3 index 2 div add exch 4 index 2 div sub exch
+
+ normalize 3 index 2 div sub exch 4 index 2 div add exch
+ translate
+ rotate
+ scale
+ 0.0 0.0 1.0 5 3 roll arc
+ restorematrix
+ PStroke
+ grestore
+ } bind def
+/AAclip {
+ savematrix
+ newpath
+ normalize translate 0.0 0.0 moveto
+ rotate
+ dnormalize scale
+ 0.0 0.0 1.0 5 3 roll arc
+ closepath
+ strokepath clip newpath
+ restorematrix
+} bind def
+/AAstrk {
+ GGstrk
+} bind def
+/BEGINPRINTCODE {
+ /FMdicttop countdictstack 1 add def
+ /FMoptop count 7 sub def
+ /FMsaveobject save def
+ userdict begin
+ /showpage {} def
+ FMNORMALIZEGRAPHICS
+ 3 index neg 3 index neg translate
+ } bind def
+/ENDPRINTCODE {
+ count -1 FMoptop {pop pop} for
+ countdictstack -1 FMdicttop {pop end} for
+ FMsaveobject restore
+ } bind def
+/gn {
+ 0
+ { 46 mul
+ cf read pop
+ 32 sub
+ dup 46 lt {exit} if
+ 46 sub add
+ } loop
+ add
+ } bind def
+/cfs {
+ /str sl string def
+ 0 1 sl 1 sub {str exch val put} for
+ str def
+ } bind def
+/ic [
+ 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223
+ 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223
+ 0
+ {0 hx} {1 hx} {2 hx} {3 hx} {4 hx} {5 hx} {6 hx} {7 hx} {8 hx} {9 hx}
+ {10 hx} {11 hx} {12 hx} {13 hx} {14 hx} {15 hx} {16 hx} {17 hx} {18 hx}
+ {19 hx} {gn hx} {0} {1} {2} {3} {4} {5} {6} {7} {8} {9} {10} {11} {12}
+ {13} {14} {15} {16} {17} {18} {19} {gn} {0 wh} {1 wh} {2 wh} {3 wh}
+ {4 wh} {5 wh} {6 wh} {7 wh} {8 wh} {9 wh} {10 wh} {11 wh} {12 wh}
+ {13 wh} {14 wh} {gn wh} {0 bl} {1 bl} {2 bl} {3 bl} {4 bl} {5 bl} {6 bl}
+ {7 bl} {8 bl} {9 bl} {10 bl} {11 bl} {12 bl} {13 bl} {14 bl} {gn bl}
+ {0 fl} {1 fl} {2 fl} {3 fl} {4 fl} {5 fl} {6 fl} {7 fl} {8 fl} {9 fl}
+ {10 fl} {11 fl} {12 fl} {13 fl} {14 fl} {gn fl}
+ ] def
+/ms {
+ /sl exch def
+ /val 255 def
+ /ws cfs
+ /im cfs
+ /val 0 def
+ /bs cfs
+ /cs cfs
+ } bind def
+400 ms
+/ip {
+ is
+ 0
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop
+
+ } bind def
+/rip {
+
+
+ bis ris copy pop
+ is
+ 0
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop pop
+ ris gis copy pop
+ dup is exch
+
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop pop
+ gis bis copy pop
+ dup add is exch
+
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop
+
+ } bind def
+/rip4 {
+
+
+ kis cis copy pop
+ is
+ 0
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop pop
+ cis mis copy pop
+ dup is exch
+
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop pop
+ mis yis copy pop
+ dup dup add is exch
+
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop pop
+ yis kis copy pop
+ 3 mul is exch
+
+ cf cs readline pop
+ { ic exch get exec
+ add
+ } forall
+ pop
+
+ } bind def
+/wh {
+ /len exch def
+ /pos exch def
+ ws 0 len getinterval im pos len getinterval copy pop
+ pos len
+ } bind def
+/bl {
+ /len exch def
+ /pos exch def
+ bs 0 len getinterval im pos len getinterval copy pop
+ pos len
+ } bind def
+/s1 1 string def
+/fl {
+ /len exch def
+ /pos exch def
+ /val cf s1 readhexstring pop 0 get def
+ pos 1 pos len add 1 sub {im exch val put} for
+ pos len
+ } bind def
+/hx {
+ 3 copy getinterval
+ cf exch readhexstring pop pop
+ } bind def
+/wbytes {
+ dup dup
+ 8 gt { pop 8 idiv mul }
+ { 8 eq {pop} {1 eq {7 add 8 idiv} {3 add 4 idiv} ifelse} ifelse } ifelse
+ } bind def
+/BEGINBITMAPBWc {
+ 1 {} COMMONBITMAPc
+ } bind def
+/BEGINBITMAPGRAYc {
+ 8 {} COMMONBITMAPc
+ } bind def
+/BEGINBITMAP2BITc {
+ 2 {} COMMONBITMAPc
+ } bind def
+/COMMONBITMAPc {
+
+ /cvtProc exch def
+ /depth exch def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+ cvtProc
+ /is im 0 lb getinterval def
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height depth [width 0 0 height neg 0 height]
+ {ip} image
+ bitmapsave restore
+ grestore
+ } bind def
+/BEGINBITMAPBW {
+ 1 {} COMMONBITMAP
+ } bind def
+/BEGINBITMAPGRAY {
+ 8 {} COMMONBITMAP
+ } bind def
+/BEGINBITMAP2BIT {
+ 2 {} COMMONBITMAP
+ } bind def
+/COMMONBITMAP {
+ /cvtProc exch def
+ /depth exch def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ cvtProc
+ /is width depth wbytes string def
+ /cf currentfile def
+ width height depth [width 0 0 height neg 0 height]
+ {cf is readhexstring pop} image
+ bitmapsave restore
+ grestore
+ } bind def
+/ngrayt 256 array def
+/nredt 256 array def
+/nbluet 256 array def
+/ngreent 256 array def
+fMLevel1 {
+/colorsetup {
+ currentcolortransfer
+ /gryt exch def
+ /blut exch def
+ /grnt exch def
+ /redt exch def
+ 0 1 255 {
+ /indx exch def
+ /cynu 1 red indx get 255 div sub def
+ /magu 1 green indx get 255 div sub def
+ /yelu 1 blue indx get 255 div sub def
+ /kk cynu magu min yelu min def
+ /u kk currentundercolorremoval exec def
+% /u 0 def
+ nredt indx 1 0 cynu u sub max sub redt exec put
+ ngreent indx 1 0 magu u sub max sub grnt exec put
+ nbluet indx 1 0 yelu u sub max sub blut exec put
+ ngrayt indx 1 kk currentblackgeneration exec sub gryt exec put
+ } for
+ {255 mul cvi nredt exch get}
+ {255 mul cvi ngreent exch get}
+ {255 mul cvi nbluet exch get}
+ {255 mul cvi ngrayt exch get}
+ setcolortransfer
+ {pop 0} setundercolorremoval
+ {} setblackgeneration
+ } bind def
+}
+{
+/colorSetup2 {
+ [ /Indexed /DeviceRGB 255
+ {dup red exch get 255 div
+ exch dup green exch get 255 div
+ exch blue exch get 255 div}
+ ] setcolorspace
+} bind def
+} ifelse
+/fakecolorsetup {
+ /tran 256 string def
+ 0 1 255 {/indx exch def
+ tran indx
+ red indx get 77 mul
+ green indx get 151 mul
+ blue indx get 28 mul
+ add add 256 idiv put} for
+ currenttransfer
+ {255 mul cvi tran exch get 255.0 div}
+ exch fmConcatProcs settransfer
+} bind def
+/BITMAPCOLOR {
+ /depth 8 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ fMLevel1 {
+ colorsetup
+ /is width depth wbytes string def
+ /cf currentfile def
+ width height depth [width 0 0 height neg 0 height]
+ {cf is readhexstring pop} {is} {is} true 3 colorimage
+ } {
+ colorSetup2
+ /is width depth wbytes string def
+ /cf currentfile def
+ 7 dict dup begin
+ /ImageType 1 def
+ /Width width def
+ /Height height def
+ /ImageMatrix [width 0 0 height neg 0 height] def
+ /DataSource {cf is readhexstring pop} bind def
+ /BitsPerComponent depth def
+ /Decode [0 255] def
+ end image
+ } ifelse
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPCOLORc {
+ /depth 8 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+ fMLevel1 {
+ colorsetup
+ /is im 0 lb getinterval def
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height depth [width 0 0 height neg 0 height]
+ {ip} {is} {is} true 3 colorimage
+ } {
+ colorSetup2
+ /is im 0 lb getinterval def
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ 7 dict dup begin
+ /ImageType 1 def
+ /Width width def
+ /Height height def
+ /ImageMatrix [width 0 0 height neg 0 height] def
+ /DataSource {ip} bind def
+ /BitsPerComponent depth def
+ /Decode [0 255] def
+ end image
+ } ifelse
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPTRUECOLORc {
+ /depth 24 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+
+ /is im 0 lb getinterval def
+ /ris im 0 width getinterval def
+ /gis im width width getinterval def
+ /bis im width 2 mul width getinterval def
+
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ {width rip pop ris} {gis} {bis} true 3 colorimage
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPCMYKc {
+ /depth 32 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+
+ /is im 0 lb getinterval def
+ /cis im 0 width getinterval def
+ /mis im width width getinterval def
+ /yis im width 2 mul width getinterval def
+ /kis im width 3 mul width getinterval def
+
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ {width rip4 pop cis} {mis} {yis} {kis} true 4 colorimage
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPTRUECOLOR {
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ /is width string def
+ /gis width string def
+ /bis width string def
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ { cf is readhexstring pop }
+ { cf gis readhexstring pop }
+ { cf bis readhexstring pop }
+ true 3 colorimage
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPCMYK {
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ /is width string def
+ /mis width string def
+ /yis width string def
+ /kis width string def
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ { cf is readhexstring pop }
+ { cf mis readhexstring pop }
+ { cf yis readhexstring pop }
+ { cf kis readhexstring pop }
+ true 4 colorimage
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPTRUEGRAYc {
+ /depth 24 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+
+ /is im 0 lb getinterval def
+ /ris im 0 width getinterval def
+ /gis im width width getinterval def
+ /bis im width 2 mul width getinterval def
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ {width rip pop ris gis bis width gray} image
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPCMYKGRAYc {
+ /depth 32 def
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /lb width depth wbytes def
+ sl lb lt {lb ms} if
+ /bitmapsave save def
+
+ /is im 0 lb getinterval def
+ /cis im 0 width getinterval def
+ /mis im width width getinterval def
+ /yis im width 2 mul width getinterval def
+ /kis im width 3 mul width getinterval def
+ ws 0 lb getinterval is copy pop
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ {width rip pop cis mis yis kis width cgray} image
+ bitmapsave restore
+ grestore
+ } bind def
+/cgray {
+ /ww exch def
+ /k exch def
+ /y exch def
+ /m exch def
+ /c exch def
+ 0 1 ww 1 sub { /i exch def c i get m i get y i get k i get CMYKtoRGB
+ .144 mul 3 1 roll .587 mul 3 1 roll .299 mul add add
+ c i 3 -1 roll floor cvi put } for
+ c
+ } bind def
+/gray {
+ /ww exch def
+ /b exch def
+ /g exch def
+ /r exch def
+ 0 1 ww 1 sub { /i exch def r i get .299 mul g i get .587 mul
+ b i get .114 mul add add r i 3 -1 roll floor cvi put } for
+ r
+ } bind def
+/BITMAPTRUEGRAY {
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ /is width string def
+ /gis width string def
+ /bis width string def
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ { cf is readhexstring pop
+ cf gis readhexstring pop
+ cf bis readhexstring pop width gray} image
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPCMYKGRAY {
+ gsave
+
+ 3 index 2 div add exch
+ 4 index 2 div add exch
+ translate
+ rotate
+ 1 index 2 div neg
+ 1 index 2 div neg
+ translate
+ scale
+ /height exch def /width exch def
+ /bitmapsave save def
+ /is width string def
+ /yis width string def
+ /mis width string def
+ /kis width string def
+ /cf currentfile def
+ width height 8 [width 0 0 height neg 0 height]
+ { cf is readhexstring pop
+ cf mis readhexstring pop
+ cf yis readhexstring pop
+ cf kis readhexstring pop width cgray} image
+ bitmapsave restore
+ grestore
+ } bind def
+/BITMAPGRAY {
+ 8 {fakecolorsetup} COMMONBITMAP
+ } bind def
+/BITMAPGRAYc {
+ 8 {fakecolorsetup} COMMONBITMAPc
+ } bind def
+/ENDBITMAP {
+ } bind def
+end
+ /ALDmatrix matrix def ALDmatrix currentmatrix pop
+/StartALD {
+ /ALDsave save def
+ savematrix
+ ALDmatrix setmatrix
+ } bind def
+/InALD {
+ restorematrix
+ } bind def
+/DoneALD {
+ ALDsave restore
+ } bind def
+/I { setdash } bind def
+/J { [] 0 setdash } bind def
+%%EndProlog
+%%BeginSetup
+(5.0) FMVERSION
+1 1 0 0 612 792 0 1 12 FMDOCUMENT
+0 0 /Times-Roman FMFONTDEFINE
+1 0 /Helvetica-Bold FMFONTDEFINE
+2 0 /Times-Italic FMFONTDEFINE
+3 0 /Helvetica-BoldOblique FMFONTDEFINE
+4 0 /Courier FMFONTDEFINE
+32 FMFILLS
+0 0 FMFILL
+1 0.1 FMFILL
+2 0.3 FMFILL
+3 0.5 FMFILL
+4 0.7 FMFILL
+5 0.9 FMFILL
+6 0.97 FMFILL
+7 1 FMFILL
+8 <0f1e3c78f0e1c387> FMFILL
+9 <0f87c3e1f0783c1e> FMFILL
+10 <cccccccccccccccc> FMFILL
+11 <ffff0000ffff0000> FMFILL
+12 <8142241818244281> FMFILL
+13 <03060c183060c081> FMFILL
+14 <8040201008040201> FMFILL
+16 1 FMFILL
+17 0.9 FMFILL
+18 0.7 FMFILL
+19 0.5 FMFILL
+20 0.3 FMFILL
+21 0.1 FMFILL
+22 0.03 FMFILL
+23 0 FMFILL
+24 <f0e1c3870f1e3c78> FMFILL
+25 <f0783c1e0f87c3e1> FMFILL
+26 <3333333333333333> FMFILL
+27 <0000ffff0000ffff> FMFILL
+28 <7ebddbe7e7dbbd7e> FMFILL
+29 <fcf9f3e7cf9f3f7e> FMFILL
+30 <7fbfdfeff7fbfdfe> FMFILL
+%%EndSetup
+%%Page: "1" 1
+%%BeginPaperSize: Letter
+%%EndPaperSize
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+J
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 9 558 36 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 30.67 T
+(1) 306 30.67 T
+54 54 297 621 R
+7 X
+V
+1 10 Q
+0 X
+(INTR) 54 614.33 T
+(ODUCTION) 77.13 614.33 T
+0 F
+0.25 0.09 (Since its release in May of 1995, Ja) 54 598.33 B
+0.25 0.09 (v) 200.97 598.33 B
+0.25 0.09 (a has swept across the) 205.81 598.33 B
+0.25 0.71 (Internet. W) 54 587.33 B
+0.25 0.71 (ith its promise of truly netw) 107.2 587.33 B
+0.25 0.71 (ork oriented) 240.34 587.33 B
+0.25 0.28 (computing and a nearly uni) 54 576.33 B
+0.25 0.28 (v) 171.5 576.33 B
+0.25 0.28 (ersal system for distrib) 176.63 576.33 B
+0.25 0.28 (uting) 275.31 576.33 B
+0.25 0.08 (applications, Ja) 54 565.33 B
+0.25 0.08 (v) 116.99 565.33 B
+0.25 0.08 (a is widely seen as the solution to man) 121.82 565.33 B
+0.25 0.08 (y of) 280.68 565.33 B
+0.25 0.04 (the most persistent problems in client/serv) 54 554.33 B
+0.25 0.04 (er computing and) 225.93 554.33 B
+0.25 0.46 (on the W) 54 543.33 B
+0.25 0.46 (orld W) 94.03 543.33 B
+0.25 0.46 (ide W) 124.68 543.33 B
+0.25 0.46 (eb) 150.59 543.33 B
+0.25 0.46 (. Ho) 160.54 543.33 B
+0.25 0.46 (we) 179.6 543.33 B
+0.25 0.46 (v) 191.93 543.33 B
+0.25 0.46 (er) 197.24 543.33 B
+0.25 0.46 (, this same ability to) 205.52 543.33 B
+0.25 0.05 (distrib) 54 532.33 B
+0.25 0.05 (ute e) 79.72 532.33 B
+0.25 0.05 (x) 99.23 532.33 B
+0.25 0.05 (ecutables automatically o) 104.13 532.33 B
+0.25 0.05 (v) 207.4 532.33 B
+0.25 0.05 (er the netw) 212.3 532.33 B
+0.25 0.05 (ork raises) 257.69 532.33 B
+0.25 0.36 (concerns about Ja) 54 521.33 B
+0.25 0.36 (v) 131.51 521.33 B
+0.25 0.36 (a\325) 136.62 521.33 B
+0.25 0.36 (s ef) 144.56 521.33 B
+0.25 0.36 (fect on netw) 160.15 521.33 B
+0.25 0.36 (ork security) 214.3 521.33 B
+0.25 0.36 (. These) 265.71 521.33 B
+0.25 0.13 (concerns ha) 54 510.33 B
+0.25 0.13 (v) 102.93 510.33 B
+0.25 0.13 (e been heightened by the disco) 107.91 510.33 B
+0.25 0.13 (v) 235.85 510.33 B
+0.25 0.13 (ery of se) 240.83 510.33 B
+0.25 0.13 (v) 276.65 510.33 B
+0.25 0.13 (eral) 281.63 510.33 B
+(security related b) 54 499.33 T
+(ugs in e) 122.67 499.33 T
+(xisting Ja) 153.63 499.33 T
+(v) 191.49 499.33 T
+(a implementations.) 196.24 499.33 T
+0.25 0.01 (This paper discusses these concerns and ho) 54 480.33 B
+0.25 0.01 (w Ja) 228.47 480.33 B
+0.25 0.01 (v) 246.61 480.33 B
+0.25 0.01 (a addresses) 251.38 480.33 B
+0.25 0.09 (them. It also describes se) 54 469.33 B
+0.25 0.09 (v) 157.44 469.33 B
+0.25 0.09 (eral ef) 162.39 469.33 B
+0.25 0.09 (forts underw) 188.3 469.33 B
+0.25 0.09 (ay to enhance) 240.4 469.33 B
+0.25 0.13 (and e) 54 458.33 B
+0.25 0.13 (xtend the Ja) 76.14 458.33 B
+0.25 0.13 (v) 125.79 458.33 B
+0.25 0.13 (a security model. It is di) 130.67 458.33 B
+0.25 0.13 (vided into three) 231.75 458.33 B
+0.25 0.37 (sections. The f) 54 447.33 B
+0.25 0.37 (irst section describes Ja) 118.08 447.33 B
+0.25 0.37 (v) 222.01 447.33 B
+0.25 0.37 (a in general and) 227.13 447.33 B
+0.25 0.01 (discusses the security implications of Ja) 54 436.33 B
+0.25 0.01 (v) 215.22 436.33 B
+0.25 0.01 (a. Readers who are) 219.98 436.33 B
+-0.14 (already f) 54 425.33 P
+-0.14 (amiliar with Ja) 89.02 425.33 P
+-0.14 (v) 147.98 425.33 P
+-0.14 (a may wish to proceed to the second) 152.73 425.33 P
+0.25 0.14 (section which discusses computer security in general, ho) 54 414.33 B
+0.25 0.14 (w) 289.78 414.33 B
+2.14 1.25 (security af) 54 403.33 B
+2.14 1.25 (fects netw) 111.57 403.33 B
+2.14 1.25 (ork) 166.93 403.33 B
+2.14 1.25 (ed systems and some) 183.91 403.33 B
+1.86 1.25 (misconceptions about security) 54 392.33 B
+1.86 1.25 (. Because these) 214.41 392.33 B
+0.25 0.32 (misconceptions are v) 54 381.33 B
+0.25 0.32 (ery common and af) 145.1 381.33 B
+0.25 0.32 (fect ho) 228.46 381.33 B
+0.25 0.32 (w people) 258.16 381.33 B
+0.25 0.12 (approach ne) 54 370.33 B
+0.25 0.12 (w technology) 103.94 370.33 B
+0.25 0.12 (, readers who are unf) 159.18 370.33 B
+0.25 0.12 (amiliar with) 246.79 370.33 B
+0.25 0.17 (general security issues are encouraged to read this section) 54 359.33 B
+0.25 0.55 (carefully) 54 348.33 B
+0.25 0.55 (. The third section discusses Ja) 93.82 348.33 B
+0.25 0.55 (v) 235.74 348.33 B
+0.25 0.55 (a security in) 241.04 348.33 B
+0.25 0.08 (particular) 54 337.33 B
+0.25 0.08 (, looks at ho) 92.69 337.33 B
+0.25 0.08 (w the security model is implemented,) 143.07 337.33 B
+(and describes upcoming e) 54 326.33 T
+(xtensions to the security model.) 157.44 326.33 T
+1 F
+(J) 54 303.33 T
+(A) 59.36 303.33 T
+(V) 65.78 303.33 T
+(A) 71.65 303.33 T
+(The Ja) 54 280.33 T
+(v) 85.53 280.33 T
+(a Platf) 90.89 280.33 T
+(orm) 120.7 280.33 T
+0 F
+0.25 0.16 (Ja) 54 264.33 B
+0.25 0.16 (v) 62.45 264.33 B
+0.25 0.16 (a is a re) 67.35 264.33 B
+0.25 0.16 (v) 100.1 264.33 B
+0.25 0.16 (olutionary ne) 105.05 264.33 B
+0.25 0.16 (w application platform from Sun) 160.16 264.33 B
+0.25 0.54 (Microsystems. Lik) 54 253.33 B
+0.25 0.54 (e other operating systems, the Ja) 138.36 253.33 B
+0.25 0.54 (v) 287.27 253.33 B
+0.25 0.54 (a) 292.56 253.33 B
+-0.18 (platform pro) 54 242.33 P
+-0.18 (vides de) 103.94 242.33 P
+-0.18 (v) 136.56 242.33 P
+-0.18 (elopers with I/O, netw) 141.41 242.33 P
+-0.18 (orking, windo) 230.21 242.33 P
+-0.18 (ws) 285.89 242.33 P
+0.25 0.44 (and graphics capabilities and other f) 54 231.33 B
+0.25 0.44 (acilities needed to) 216.29 231.33 B
+0.25 0.62 (de) 54 220.33 B
+0.25 0.62 (v) 64.43 220.33 B
+0.25 0.62 (elop and run sophisticated applications. The Ja) 69.9 220.33 B
+0.25 0.62 (v) 287.19 220.33 B
+0.25 0.62 (a) 292.56 220.33 B
+0.25 0.08 (platform also pro) 54 209.33 B
+0.25 0.08 (vides an important capability not found in) 124.55 209.33 B
+0.25 0.39 (traditional operating systems. This ability) 54 198.33 B
+0.25 0.39 (, called Write) 237.33 198.33 B
+0.25 0.35 (Once/Run An) 54 187.33 B
+0.25 0.35 (ywhere e) 113.2 187.33 B
+0.25 0.35 (x) 152.45 187.33 B
+0.25 0.35 (ecutables, allo) 157.65 187.33 B
+0.25 0.35 (ws Ja) 220.08 187.33 B
+0.25 0.35 (v) 243.81 187.33 B
+0.25 0.35 (a programs) 248.91 187.33 B
+0.25 0.09 (written on one type of hardw) 54 176.33 B
+0.25 0.09 (are or operating system to run) 173.46 176.33 B
+(unmodi\336ed on almost an) 54 165.33 T
+(y other type of computer) 153.02 165.33 T
+(.) 251.34 165.33 T
+0.25 0.22 (Applications written for traditional operating systems are) 54 146.33 B
+0.25 0.07 (tied directly to that platform and cannot be easily mo) 54 135.33 B
+0.25 0.07 (v) 271.83 135.33 B
+0.25 0.07 (ed to) 276.75 135.33 B
+0.25 0.03 (another machine or operating system. This locks de) 54 124.33 B
+0.25 0.03 (v) 263.06 124.33 B
+0.25 0.03 (elopers) 267.94 124.33 B
+-0.08 (to that particular) 54 113.33 P
+-0.08 (, often proprietary) 119.54 113.33 P
+-0.08 (, system. If the application) 191.21 113.33 P
+0.25 0.17 (must be deplo) 54 102.33 B
+0.25 0.17 (yed on other platforms, the de) 112.77 102.33 B
+0.25 0.17 (v) 238.98 102.33 B
+0.25 0.17 (elopers must) 244 102.33 B
+0.24 (port the application to those platforms. These porting ef) 54 91.33 P
+0.24 (forts) 278.67 91.33 P
+0.25 0.11 (are often e) 54 80.33 B
+0.25 0.11 (xpensi) 97.74 80.33 B
+0.25 0.11 (v) 124.26 80.33 B
+0.25 0.11 (e and w) 129.21 80.33 B
+0.25 0.11 (aste resources that could be used) 161.48 80.33 B
+0.25 0.56 (for ne) 54 69.33 B
+0.25 0.56 (w de) 80.97 69.33 B
+0.25 0.56 (v) 102.37 69.33 B
+0.25 0.56 (elopment. Because ports to the secondary) 107.78 69.33 B
+0.25 0.11 (platforms often lag behind the primary platform by se) 54 58.33 B
+0.25 0.11 (v) 276.71 58.33 B
+0.25 0.11 (eral) 281.67 58.33 B
+315 54 558 621 R
+7 X
+V
+0 X
+0.11 (months, the application lock of traditional operating systems) 315 614.33 P
+0.25 0.51 (also forces the or) 315 603.33 B
+0.25 0.51 (g) 393.4 603.33 B
+0.25 0.51 (anization to support man) 398.86 603.33 B
+0.25 0.51 (y dif) 510.94 603.33 B
+0.25 0.51 (ferent) 532.11 603.33 B
+0.25 0.27 (v) 315 592.33 B
+0.25 0.27 (ersions of the application. This administrati) 320.12 592.33 B
+0.25 0.27 (v) 506.95 592.33 B
+0.25 0.27 (e o) 512.07 592.33 B
+0.25 0.27 (v) 524.91 592.33 B
+0.25 0.27 (erhead) 530.02 592.33 B
+0.25 0.32 (mak) 315 581.33 B
+0.25 0.32 (es netw) 333.07 581.33 B
+0.25 0.32 (ork) 365.7 581.33 B
+0.25 0.32 (ed computing with traditional PCs a v) 379.88 581.33 B
+0.25 0.32 (ery) 544.6 581.33 B
+(e) 315 570.33 T
+(xpensi) 319.29 570.33 T
+(v) 345.15 570.33 T
+(e proposition.) 350 570.33 T
+0 8 Q
+(1) 405 574.33 T
+0 10 Q
+0.25 0.5 (W) 315 551.33 B
+0.25 0.5 (ith their Write Once/Run An) 324.54 551.33 B
+0.25 0.5 (ywhere capability) 453.4 551.33 B
+0.25 0.5 (, Ja) 532.92 551.33 B
+0.25 0.5 (v) 548.31 551.33 B
+0.25 0.5 (a) 553.56 551.33 B
+0.25 0.08 (applications do not suf) 315 540.33 B
+0.25 0.08 (fer from these problems. De) 408.23 540.33 B
+0.25 0.08 (v) 523.69 540.33 B
+0.25 0.08 (elopers) 528.62 540.33 B
+0.25 0.57 (w) 315 529.33 B
+0.25 0.57 (orking on a Sun Ultra computer running the Solaris) 322.69 529.33 B
+0.21 (operating system can produce an e) 315 518.33 P
+0.21 (x) 453.93 518.33 P
+0.21 (ecutable which also runs) 458.78 518.33 P
+0.25 0.54 (on W) 315 507.33 B
+0.25 0.54 (indo) 338.95 507.33 B
+0.25 0.54 (ws PCs, Macintosh and man) 358.65 507.33 B
+0.25 0.54 (y other types of) 486.64 507.33 B
+0.25 0.13 (computers without an) 315 496.33 B
+0.25 0.13 (y porting. This frees up de) 404.69 496.33 B
+0.25 0.13 (v) 514.86 496.33 B
+0.25 0.13 (elopment) 519.84 496.33 B
+0.25 0.11 (resources for other w) 315 485.33 B
+0.25 0.11 (ork and ensures that ne) 402.7 485.33 B
+0.25 0.11 (w applications) 498.24 485.33 B
+0.25 0.32 (and ne) 315 474.33 B
+0.25 0.32 (w v) 343.33 474.33 B
+0.25 0.32 (ersions of old applications are simultaneously) 359.12 474.33 B
+(a) 315 463.33 T
+(v) 319.24 463.33 T
+(ailable for all platforms in an or) 323.99 463.33 T
+(g) 451.01 463.33 T
+(anization.) 455.96 463.33 T
+1 F
+(The Vir) 315 441.33 T
+(tual Mac) 349.1 441.33 T
+(hine) 389.01 441.33 T
+0 F
+0.25 0.41 (Ja) 315 425.33 B
+0.25 0.41 (v) 323.96 425.33 B
+0.25 0.41 (a pro) 329.13 425.33 B
+0.25 0.41 (vides its Write Once/Run An) 351.57 425.33 B
+0.25 0.41 (ywhere capability) 479.73 425.33 B
+0.25 0.19 (through the Ja) 315 414.33 B
+0.25 0.19 (v) 374.55 414.33 B
+0.25 0.19 (a V) 379.49 414.33 B
+0.25 0.19 (irtual Machine. The V) 393.86 414.33 B
+0.25 0.19 (irtual Machine is) 486.77 414.33 B
+0.25 0.01 (implemented on top of a machine\325) 315 403.33 B
+0.25 0.01 (s nati) 453.51 403.33 B
+0.25 0.01 (v) 474.96 403.33 B
+0.25 0.01 (e operating system.) 479.82 403.33 B
+0.25 0.32 (Ja) 315 392.33 B
+0.25 0.32 (v) 323.78 392.33 B
+0.25 0.32 (a applications run on top of the virtual machine. The) 328.86 392.33 B
+0.25 0.2 (virtual machine insulates the application from dif) 315 381.33 B
+0.25 0.2 (ferences) 523.31 381.33 B
+0.25 0.28 (between underlying operating systems and hardw) 315 370.33 B
+0.25 0.28 (are and) 526.93 370.33 B
+0.25 1.19 (ensures cross platform compatibility among all) 315 359.33 B
+(implementations of the Ja) 315 348.33 T
+(v) 417.85 348.33 T
+(a platform \050see \336g. 1\051.) 422.6 348.33 T
+0.25 0.1 (The Ja) 315 154.71 B
+0.25 0.1 (v) 342 154.71 B
+0.25 0.1 (a V) 346.85 154.71 B
+0.25 0.1 (irtual machine w) 360.95 154.71 B
+0.25 0.1 (as f) 430.09 154.71 B
+0.25 0.1 (irst widely a) 444.33 154.71 B
+0.25 0.1 (v) 495.31 154.71 B
+0.25 0.1 (ailable in web) 500.16 154.71 B
+0.25 0.09 (bro) 315 143.71 B
+0.25 0.09 (wsers. Ja) 328.33 143.71 B
+0.25 0.09 (v) 365.25 143.71 B
+0.25 0.09 (a-enabled bro) 370.08 143.71 B
+0.25 0.09 (wsers are currently a) 425.89 143.71 B
+0.25 0.09 (v) 511.24 143.71 B
+0.25 0.09 (ailable for) 516.08 143.71 B
+315 117 558 137.09 C
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+315 124.99 446.98 124.99 2 L
+0.25 H
+2 Z
+0 X
+0 0 0 1 0 0 0 K
+N
+0 0 612 792 C
+0 9.5 Q
+0 X
+0 0 0 1 0 0 0 K
+1.12 (1 A recent report from F) 315 110.67 P
+1.12 (orrester Research estimates that, for) 417.11 110.67 P
+-0.09 (companies aggressi) 315 100.67 P
+-0.09 (v) 388.82 100.67 P
+-0.09 (ely managing their PC related costs, cost of) 393.42 100.67 P
+3.11 (o) 315 90.67 P
+3.11 (wnership for the a) 319.51 90.67 P
+3.11 (v) 397.5 90.67 P
+3.11 (erage PC ranges between $3,500 and) 402.11 90.67 P
+1 ($5,000 per year) 315 80.67 P
+1 (. Other studies ha) 375.84 80.67 P
+1 (v) 445.14 80.67 P
+1 (e sho) 449.75 80.67 P
+1 (wn that for companies) 470.3 80.67 P
+0.19 (which are not closely w) 315 70.67 P
+0.19 (atching PC related costs, cost of o) 405.9 70.67 P
+0.19 (wner-) 535.85 70.67 P
+(ship can be as high as $12,000 per year) 315 60.67 T
+(.) 463.54 60.67 T
+0 0 0 1 0 0 0 K
+315 170.38 558 345 C
+0 0 0 1 0 0 0 K
+321.88 311.75 547.5 334.87 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0.5 H
+2 Z
+0 X
+N
+0 10 Q
+(Ja) 399.02 322.04 T
+(v) 407.15 322.04 T
+(a Applications) 411.9 322.04 T
+322.38 286.25 548 307.5 R
+7 X
+V
+0 X
+N
+(Ja) 392.5 294.87 T
+(v) 400.63 294.87 T
+(a V) 405.38 294.87 T
+(irtual Machine) 418.94 294.87 T
+322.5 231.5 373.75 279 R
+7 X
+V
+0 X
+N
+380.5 232.12 431.75 279.62 R
+7 X
+V
+0 X
+N
+439.13 231.5 490.38 279 R
+7 X
+V
+0 X
+N
+496.5 232.12 547.75 279.62 R
+7 X
+V
+0 X
+N
+(Solaris) 336.25 253.62 T
+(W) 388.13 253.62 T
+(indo) 397.17 253.62 T
+(ws) 414.7 253.62 T
+(MacOS) 451.25 253.62 T
+(Ja) 505.63 253.62 T
+(v) 513.76 253.62 T
+(aOS) 518.51 253.62 T
+322.38 206.62 373.63 228.5 R
+7 X
+V
+0 X
+N
+380.38 206.62 431.63 228.5 R
+7 X
+V
+0 X
+N
+439.63 206.62 490.88 228.5 R
+7 X
+V
+0 X
+N
+496.38 206.62 547.63 228.5 R
+7 X
+V
+0 X
+N
+0 9 Q
+(SP) 325.63 216.75 T
+(ARC/Intel) 334.81 216.75 T
+(Intel/Others) 385 216.12 T
+(Po) 448.75 216.12 T
+(werPC) 458.03 216.12 T
+(Thin Clients) 500.63 217.37 T
+(Fig. 1 The Ja) 321.88 193.62 T
+(v) 368.7 193.62 T
+(a V) 372.97 193.62 T
+(irtual Machine sits between a nati) 385.17 193.62 T
+(v) 506.18 193.62 T
+(e operating) 510.54 193.62 T
+(system and Ja) 321.88 184.62 T
+(v) 371.69 184.62 T
+(a applications, allo) 375.97 184.62 T
+(wing a single e) 443.48 184.62 T
+(x) 497.59 184.62 T
+(ecutable to) 501.96 184.62 T
+(run on man) 321.88 175.62 T
+(y dif) 362.74 175.62 T
+(ferent systems.) 379.26 175.62 T
+0 0 0 1 0 0 0 K
+0 0 612 792 C
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 630 558 740.88 R
+7 X
+0 0 0 1 0 0 0 K
+V
+1 18 Q
+0 X
+(Ja) 243.58 727.96 T
+(v) 263.33 727.96 T
+(a) 272.97 727.96 T
+0 9.6 Q
+(\252) 282.98 732.76 T
+1 18 Q
+( Security) 292.39 727.96 T
+2 12 Q
+(J) 212.98 692.23 T
+(. Ste) 218 692.23 T
+(ven F) 238.49 692.23 T
+(ritzing) 264.82 692.23 T
+(er) 296.04 692.23 T
+(, Marianne Mueller) 304.7 692.23 T
+0 F
+(Sun Microsystems, Inc.) 249.34 676.23 T
+FMENDPAGE
+%%EndPage: "1" 1
+%%Page: "2" 2
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 18 558 45 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 39.67 T
+(2) 306 39.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 0.11 (the major v) 54 731.33 B
+0.25 0.11 (ersions of the Unix operating system, W) 101.1 731.33 B
+0.25 0.11 (indo) 267.82 731.33 B
+0.25 0.11 (ws) 285.78 731.33 B
+0.25 0.49 (3.1, 95, and NT) 54 720.33 B
+0.25 0.49 (, the MacOS and OS/2 W) 124.1 720.33 B
+0.25 0.49 (arp. The Ja) 237.5 720.33 B
+0.25 0.49 (v) 287.32 720.33 B
+0.25 0.49 (a) 292.56 720.33 B
+0.25 0.42 (V) 54 709.33 B
+0.25 0.42 (irtual Machine has also been licensed by e) 61.04 709.33 B
+0.25 0.42 (v) 249.48 709.33 B
+0.25 0.42 (ery major) 254.76 709.33 B
+0.25 0.54 (operating systems v) 54 698.33 B
+0.25 0.54 (endor) 144.07 698.33 B
+0.25 0.54 (, including Apple, HP) 169.15 698.33 B
+0.25 0.54 (, IBM,) 267.65 698.33 B
+0.25 0.09 (Microsoft and SunSoft. These v) 54 687.33 B
+0.25 0.09 (endors will b) 184.95 687.33 B
+0.25 0.09 (undle the Ja) 238.61 687.33 B
+0.25 0.09 (v) 287.72 687.33 B
+0.25 0.09 (a) 292.56 687.33 B
+0.25 0.4 (V) 54 676.33 B
+0.25 0.4 (irtual Machine with their operating systems. As these) 61.02 676.33 B
+0.25 0.35 (implementations become a) 54 665.33 B
+0.25 0.35 (v) 169.84 665.33 B
+0.25 0.35 (ailable o) 174.94 665.33 B
+0.25 0.35 (v) 212.32 665.33 B
+0.25 0.35 (er the ne) 217.52 665.33 B
+0.25 0.35 (xt se) 255.43 665.33 B
+0.25 0.35 (v) 275.77 665.33 B
+0.25 0.35 (eral) 280.97 665.33 B
+0.25 0.2 (months, Ja) 54 654.33 B
+0.25 0.2 (v) 98.83 654.33 B
+0.25 0.2 (a will become a standard part of all important) 103.79 654.33 B
+(operating systems, and an e) 54 643.33 T
+(xpected part of e) 164.11 643.33 T
+(v) 230.78 643.33 T
+(ery desktop.) 235.63 643.33 T
+1 F
+(Applets) 54 621.33 T
+0 F
+0.25 0.17 (W) 54 605.33 B
+0.25 0.17 (eb Applets are one of the most e) 62.81 605.33 B
+0.25 0.17 (xciting uses of the Ja) 199.12 605.33 B
+0.25 0.17 (v) 287.64 605.33 B
+0.25 0.17 (a) 292.56 605.33 B
+0.18 (Platform. Applets are small pieces of e) 54 594.33 P
+0.18 (x) 210.16 594.33 P
+0.18 (ecutable code which) 215.01 594.33 P
+0.25 0.12 (may be included in W) 54 583.33 B
+0.25 0.12 (eb pages and which run inside of the) 144.84 583.33 B
+0.25 0.46 (user\325) 54 572.33 B
+0.25 0.46 (s bro) 75.76 572.33 B
+0.25 0.46 (wser) 97.8 572.33 B
+0.25 0.46 (. While traditional web pages ha) 117.98 572.33 B
+0.25 0.46 (v) 263.3 572.33 B
+0.25 0.46 (e been) 268.61 572.33 B
+0.25 0.48 (limited to simple te) 54 561.33 B
+0.25 0.48 (xt and graphics, applets allo) 141.76 561.33 B
+0.25 0.48 (w web) 268.44 561.33 B
+0.25 0.1 (publishers to include sophisticated, interacti) 54 550.33 B
+0.25 0.1 (v) 235.22 550.33 B
+0.25 0.1 (e applications) 240.17 550.33 B
+0.25 0.22 (in their pages. F) 54 539.33 B
+0.25 0.22 (or e) 122.72 539.33 B
+0.25 0.22 (xample, a stock brok) 138.96 539.33 B
+0.25 0.22 (er might w) 227.27 539.33 B
+0.25 0.22 (ant to) 273.17 539.33 B
+0.25 0.49 (publish the results of a f) 54 528.33 B
+0.25 0.49 (inancial analysis model. W) 163.93 528.33 B
+0.25 0.49 (ith) 285.45 528.33 B
+0.25 0.21 (applets, instead of publishing a simple graph sho) 54 517.33 B
+0.25 0.21 (wing the) 260.59 517.33 B
+0.25 0.31 (results of the model, the brok) 54 506.33 B
+0.25 0.31 (er could publish the model) 181.62 506.33 B
+0.25 0.1 (itself, along with connections to li) 54 495.33 B
+0.25 0.1 (v) 194.6 495.33 B
+0.25 0.1 (e stock mark) 199.55 495.33 B
+0.25 0.1 (et data and) 252.21 495.33 B
+(the customer\325) 54 484.33 T
+(s portfolio.) 108.16 484.33 T
+1 F
+(Security Implications) 54 462.33 T
+0 F
+0.25 0.4 (While applets solv) 54 446.33 B
+0.25 0.4 (e man) 135.98 446.33 B
+0.25 0.4 (y of the important problems in) 162.23 446.33 B
+0.25 0.04 (client/serv) 54 435.33 B
+0.25 0.04 (er and netw) 95.93 435.33 B
+0.25 0.04 (ork-centric computing, the) 143.39 435.33 B
+0.25 0.04 (y also raise) 251.09 435.33 B
+0.25 0.23 (ne) 54 424.33 B
+0.25 0.23 (w concerns about security) 63.65 424.33 B
+0.25 0.23 (. In traditional en) 173.62 424.33 B
+0.25 0.23 (vironments,) 247.21 424.33 B
+0.25 0.04 (companies could protect themselv) 54 413.33 B
+0.25 0.04 (es by controlling ph) 192.25 413.33 B
+0.25 0.04 (ysical) 273.47 413.33 B
+0.25 0.49 (and netw) 54 402.33 B
+0.25 0.49 (ork access to their computers by establishing) 94.46 402.33 B
+0.25 0.34 (policies for what kinds of softw) 54 391.33 B
+0.25 0.34 (are can be used on their) 193.12 391.33 B
+0.25 0.16 (machines. These steps include b) 54 380.33 B
+0.25 0.16 (uilding a f) 188.4 380.33 B
+0.25 0.16 (ire) 231.24 380.33 B
+0.25 0.16 (w) 242.03 380.33 B
+0.25 0.16 (all between) 249.31 380.33 B
+0.25 0.09 (the Internet and the compan) 54 369.33 B
+0.25 0.09 (y\325) 169.02 369.33 B
+0.25 0.09 (s intranet, obtaining softw) 176.99 369.33 B
+0.25 0.09 (are) 284.6 369.33 B
+0.25 0.15 (only from kno) 54 358.33 B
+0.25 0.15 (wn and trusted sources, and using anti-virus) 113.38 358.33 B
+(programs to check all ne) 54 347.33 T
+(w softw) 152.06 347.33 T
+(are.) 183.9 347.33 T
+0.25 0.09 (Use of applets potentially adds a ne) 54 328.33 B
+0.25 0.09 (w security vunerability) 200.49 328.33 B
+0.25 0.09 (.) 294.5 328.33 B
+0.17 (An emplo) 54 317.33 P
+0.17 (yee searching an e) 93.79 317.33 P
+0.17 (xternal W) 167.71 317.33 P
+0.17 (eb site for information) 206.79 317.33 P
+-0.19 (might inadv) 54 306.33 P
+-0.19 (ertently load and e) 101.72 306.33 P
+-0.19 (x) 175.15 306.33 P
+-0.19 (ecute an applet without being) 180 306.33 P
+0.25 0.03 (a) 54 295.33 B
+0.25 0.03 (w) 58.32 295.33 B
+0.25 0.03 (are that the site contains e) 65.47 295.33 B
+0.25 0.03 (x) 171.06 295.33 B
+0.25 0.03 (ecutable code. This automatic) 175.94 295.33 B
+0.22 (distrib) 54 284.33 P
+0.22 (ution of e) 79.36 284.33 P
+0.22 (x) 117.98 284.33 P
+0.22 (ecutables mak) 122.83 284.33 P
+0.22 (es it v) 179.88 284.33 P
+0.22 (ery lik) 204.06 284.33 P
+0.22 (ely that softw) 230.01 284.33 P
+0.22 (are) 284.79 284.33 P
+0.25 0.41 (will be obtained from untrusted third parties. Since the) 54 273.33 B
+0.25 0.36 (applet is imported into the user\325) 54 262.33 B
+0.25 0.36 (s web bro) 194.19 262.33 B
+0.25 0.36 (wser and runs) 236.6 262.33 B
+0.25 0.42 (locally) 54 251.33 B
+0.25 0.42 (, this softw) 83.51 251.33 B
+0.25 0.42 (are could potentially steal or damage) 133.13 251.33 B
+0.25 0.17 (information stored in the user\325) 54 240.33 B
+0.25 0.17 (s machine on a netw) 181.26 240.33 B
+0.25 0.17 (ork f) 266.97 240.33 B
+0.25 0.17 (ile) 286.67 240.33 B
+0.25 0.53 (serv) 54 229.33 B
+0.25 0.53 (er) 72.62 229.33 B
+0.25 0.53 (. Also, since this softw) 80.9 229.33 B
+0.25 0.53 (are is already behind the) 185.58 229.33 B
+-0.13 (compan) 54 218.33 P
+-0.13 (y\325) 85.51 218.33 P
+-0.13 (s \336re) 93.29 218.33 P
+-0.13 (w) 112.63 218.33 P
+-0.13 (all, the applet could attack other unprotected) 119.75 218.33 P
+-0.14 (machines on a corporate intranet. These attacks w) 54 207.33 P
+-0.14 (ould not be) 252.29 207.33 P
+(stopped by traditional security measures.) 54 196.33 T
+0.25 0.15 (Ja) 54 177.33 B
+0.25 0.15 (v) 62.43 177.33 B
+0.25 0.15 (a protects its users from these dangers by placing strict) 67.32 177.33 B
+0.25 0.15 (limits on applets. Applets cannot read from or write to the) 54 166.33 B
+0.25 0.42 (local disk. Stand-alone windo) 54 155.33 B
+0.25 0.42 (ws created by applets are) 185.47 155.33 B
+0.25 0 (clearly labeled as being o) 54 144.33 B
+0.25 0 (wned by untrusted softw) 156.4 144.33 B
+0.25 0 (are. These) 255.66 144.33 B
+0.25 0.11 (limits pre) 54 133.33 B
+0.25 0.11 (v) 93.2 133.33 B
+0.25 0.11 (ent malicious applets from stealing information,) 98.17 133.33 B
+0.25 0.22 (spreading viruses, or acting as T) 54 122.33 B
+0.25 0.22 (rojan horses. Applets are) 191.56 122.33 B
+0.25 0.15 (also prohibited from making netw) 54 111.33 B
+0.25 0.15 (ork connections to other) 195.84 111.33 B
+0.09 (computers on the corporate intranet. This pre) 54 100.33 P
+0.09 (v) 234.56 100.33 P
+0.09 (ents malicious) 239.41 100.33 P
+0.25 0.48 (applets from e) 54 89.33 B
+0.25 0.48 (xploiting security f) 118.27 89.33 B
+0.25 0.48 (la) 203.91 89.33 B
+0.25 0.48 (ws that might e) 211.94 89.33 B
+0.25 0.48 (xist) 281.11 89.33 B
+0.25 0.2 (behind the f) 54 78.33 B
+0.25 0.2 (ire) 104.17 78.33 B
+0.25 0.2 (w) 115.09 78.33 B
+0.25 0.2 (all or in the underlying operating system.) 122.41 78.33 B
+-0.14 (While Ja) 54 67.33 P
+-0.14 (v) 88.93 67.33 P
+-0.14 (a is the not \336rst or only platform that claims to be a) 93.68 67.33 P
+0.25 0.53 (secure means of distrib) 315 731.33 B
+0.25 0.53 (uting e) 420.14 731.33 B
+0.25 0.53 (x) 451.43 731.33 B
+0.25 0.53 (ecutable code o) 456.8 731.33 B
+0.25 0.53 (v) 527.25 731.33 B
+0.25 0.53 (er the) 532.63 731.33 B
+(internet, it it perhaps the best kno) 315 720.33 T
+(wn and most widely used.) 448.35 720.33 T
+1 F
+(WHA) 315 697.33 T
+(T IS SECURITY?) 337.98 697.33 T
+(The Security Pr) 315 674.33 T
+(ocess) 388.16 674.33 T
+0 F
+-0 (Ef) 315 651.33 P
+-0 (fecti) 324.19 651.33 P
+-0 (v) 341.71 651.33 P
+-0 (e security is an on-going process which must in) 346.56 651.33 P
+-0 (v) 536.13 651.33 P
+-0 (olv) 540.93 651.33 P
+-0 (e) 553.56 651.33 P
+0.73 (e) 315 640.33 P
+0.73 (v) 319.19 640.33 P
+0.73 (ery member of an or) 324.04 640.33 P
+0.73 (g) 408.43 640.33 P
+0.73 (anization and touch e) 413.38 640.33 P
+0.73 (v) 500.59 640.33 P
+0.73 (ery aspect of) 505.44 640.33 P
+0.92 (its operation. The strongest possible netw) 315 629.33 P
+0.92 (ork and computer) 485.61 629.33 P
+0.76 (security does little to protect an or) 315 618.33 P
+0.76 (g) 456.05 618.33 P
+0.76 (anization which has not) 461 618.33 P
+0.12 (tak) 315 607.33 P
+0.12 (en steps to ensure that its emplo) 327.12 607.33 P
+0.12 (yees are trustw) 455.49 607.33 P
+0.12 (orth) 515.6 607.33 P
+0.12 (y or to) 531.66 607.33 P
+2.69 (protect its ph) 315 596.33 P
+2.69 (ysical assets from theft. Similarly) 372.54 596.33 P
+2.69 (, the best) 516.8 596.33 P
+4.97 (security mechanisms and procedures quickly f) 315 585.33 P
+4.97 (all into) 524.97 585.33 P
+-0.05 (disrepair if the) 315 574.33 P
+-0.05 (y are not constantly reinforced by training and) 373.08 574.33 P
+(periodically updated to account for ne) 315 563.33 T
+(w threats.) 466.66 563.33 T
+1 F
+(Cost V) 315 541.33 T
+(. Security) 345.47 541.33 T
+0 F
+0.25 0.05 (Security is one means by which an or) 315 525.33 B
+0.25 0.05 (g) 468.15 525.33 B
+0.25 0.05 (anization can protect) 473.15 525.33 B
+0.25 0.16 (or e) 315 514.33 B
+0.25 0.16 (xtend a competiti) 331.01 514.33 B
+0.25 0.16 (v) 403.44 514.33 B
+0.25 0.16 (e adv) 408.45 514.33 B
+0.25 0.16 (antage. By protecting v) 430.63 514.33 B
+0.25 0.16 (aluable) 528.15 514.33 B
+0.25 0.09 (ph) 315 503.33 B
+0.25 0.09 (ysical assets or proprietary intellectual property) 325.12 503.33 B
+0.25 0.09 (, security) 520.31 503.33 B
+0.25 0.32 (policies and procedures allo) 315 492.33 B
+0.25 0.32 (w an or) 436.46 492.33 B
+0.25 0.32 (g) 469.02 492.33 B
+0.25 0.32 (anization to e) 474.3 492.33 B
+0.25 0.32 (xploit) 533.05 492.33 B
+0.05 (those assets to the fullest. But there are costs associated with) 315 481.33 P
+0.25 0.33 (all security procedures and these costs must be weighed) 315 470.33 B
+0.25 0.12 (ag) 315 459.33 B
+0.25 0.12 (ainst the v) 324.63 459.33 B
+0.25 0.12 (alue of the assets protected by those measures) 367.3 459.33 B
+0.25 0.02 (and the potential harm which could be caused by the loss of) 315 448.33 B
+0.05 (that asset. A compan) 315 437.33 P
+0.05 (y which wished to adv) 398.33 437.33 P
+0.05 (ertise on the W) 488.38 437.33 P
+0.05 (eb) 548.56 437.33 P
+0.25 0.6 (may be satisf) 315 426.33 B
+0.25 0.6 (ied with a simple f) 375.56 426.33 B
+0.25 0.6 (ire) 461.91 426.33 B
+0.25 0.6 (w) 474.02 426.33 B
+0.25 0.6 (all to discourage) 481.75 426.33 B
+0.12 (electronic v) 315 415.33 P
+0.12 (andals. A lar) 361.8 415.33 P
+0.12 (ge \336nancial institute with billions of) 412.68 415.33 P
+0.25 0.12 (dollars at stak) 315 404.33 B
+0.25 0.12 (e could justify much more elaborate security) 372.83 404.33 B
+0.25 0.68 (measures, possibly including public k) 315 393.33 B
+0.25 0.68 (e) 491.86 393.33 B
+0.25 0.68 (y encryption,) 496.83 393.33 B
+0.25 0.17 (dedicated, pri) 315 382.33 B
+0.25 0.17 (v) 371.87 382.33 B
+0.25 0.17 (ate netw) 376.8 382.33 B
+0.25 0.17 (orks and re) 411.94 382.33 B
+0.25 0.17 (gular security audits. In) 458.64 382.33 B
+0.25 0.03 (e) 315 371.33 B
+0.25 0.03 (xtreme cases, public safety and national security may be at) 319.32 371.33 B
+0.25 0.05 (risk. F) 315 360.33 B
+0.25 0.05 (or applications such as air traf) 341.04 360.33 B
+0.25 0.05 (f) 464.05 360.33 B
+0.25 0.05 (ic control and military) 466.88 360.33 B
+0.25 0.46 (and intelligence systems, the risks of connecting these) 315 349.33 B
+0.25 0.06 (systems to the Internet may so f) 315 338.33 B
+0.25 0.06 (ar out-weigh the benef) 445.46 338.33 B
+0.25 0.06 (its of) 537.18 338.33 B
+0.25 0.25 (increased communication that the most sensiti) 315 327.33 B
+0.25 0.25 (v) 511.85 327.33 B
+0.25 0.25 (e of these) 516.95 327.33 B
+(systems should ne) 315 316.33 T
+(v) 387.53 316.33 T
+(er be connected \050see \336g. 2\051.) 392.38 316.33 T
+3 F
+(Ne) 315 135.15 T
+(w T) 327.63 135.15 T
+(ec) 343.7 135.15 T
+(hnology) 354.72 135.15 T
+0 F
+0.25 0.08 (Since no security system can e) 315 116.15 B
+0.25 0.08 (v) 440.85 116.15 B
+0.25 0.08 (er be 100% secure, it is not) 445.78 116.15 B
+0.02 (meaningful to ask if a ne) 315 105.15 P
+0.02 (w technology or system is \322secure\323.) 414.02 105.15 P
+0.25 0.14 (Instead one should e) 315 94.15 B
+0.25 0.14 (v) 400.21 94.15 B
+0.25 0.14 (aluate the ne) 405.1 94.15 B
+0.25 0.14 (w technology in light of) 457.69 94.15 B
+0.25 0.21 (the e) 315 83.15 B
+0.25 0.21 (xisting cost/security tradeof) 335.29 83.15 B
+0.25 0.21 (fs. If the ne) 452.61 83.15 B
+0.25 0.21 (w technology) 501.33 83.15 B
+0.25 0.54 (mak) 315 72.15 B
+0.25 0.54 (es it easier or cheaper to obtain the same le) 333.75 72.15 B
+0.25 0.54 (v) 532.13 72.15 B
+0.25 0.54 (el of) 537.52 72.15 B
+0.25 0.04 (security) 315 61.15 B
+0.25 0.04 (, that technology w) 346.36 61.15 B
+0.25 0.04 (ould be v) 424.49 61.15 B
+0.25 0.04 (ery attracti) 462.45 61.15 B
+0.25 0.04 (v) 506.02 61.15 B
+0.25 0.04 (e. If, on the) 510.91 61.15 B
+0 0 0 1 0 0 0 K
+315 150.82 558 313 C
+0 0 0 1 0 0 0 K
+333 304 333 205 531 205 3 L
+0.5 H
+2 Z
+0 X
+0 0 0 1 0 0 0 K
+N
+0 10 Q
+(Cost) 438.5 191.73 T
+(Security) 0 -270 328.33 234 TF
+90 180 180 72 522 214 A
+J
+333 292.5 540 292.5 2 L
+J
+333 292.5 336.75 292.5 2 L
+N
+[7.389 6.404] 7.389 I
+336.75 292.5 536.25 292.5 2 L
+N
+J
+536.25 292.5 540 292.5 2 L
+N
+(Fig. 2 Increasing security increases costs. Or) 326.5 176.04 T
+(g) 505.17 176.04 T
+(anizations) 510.12 176.04 T
+(must choose the appropriate trade of) 326.5 166.04 T
+(f.) 472.05 166.04 T
+(W) 355.5 225 T
+(eb adv) 364.14 225 T
+(ertiser) 390.37 225 T
+(On-line commerce) 395.5 256.5 T
+(National) 494 274.5 T
+(Security) 494 264.5 T
+J
+340 228.64 346.36 235 352.73 228.64 346.36 222.27 4 Y
+V
+J
+340 228.64 346.36 235 352.73 228.64 346.36 222.27 4 Y
+J
+342.65 225.98 340 228.64 342.65 231.29 3 L
+N
+[1.731 1.5] 1.731 I
+342.65 231.29 343.71 232.35 2 L
+N
+J
+343.71 232.35 346.36 235 349.02 232.35 3 L
+N
+[1.731 1.5] 1.731 I
+349.02 232.35 350.08 231.29 2 L
+N
+J
+350.08 231.29 352.73 228.64 350.08 225.98 3 L
+N
+[1.731 1.5] 1.731 I
+350.08 225.98 349.02 224.92 2 L
+N
+J
+349.02 224.92 346.36 222.27 343.71 224.92 3 L
+N
+[1.731 1.5] 1.731 I
+343.71 224.92 342.65 225.98 2 L
+N
+J
+377.64 260 384 266.36 390.36 260 384 253.64 4 Y
+V
+J
+377.64 260 384 266.36 390.36 260 384 253.64 4 Y
+J
+380.29 257.35 377.64 260 380.29 262.65 3 L
+N
+[1.731 1.5] 1.731 I
+380.29 262.65 381.35 263.71 2 L
+N
+J
+381.35 263.71 384 266.36 386.65 263.71 3 L
+N
+[1.731 1.5] 1.731 I
+386.65 263.71 387.71 262.65 2 L
+N
+J
+387.71 262.65 390.36 260 387.71 257.35 3 L
+N
+[1.731 1.5] 1.731 I
+387.71 257.35 386.65 256.29 2 L
+N
+J
+386.65 256.29 384 253.64 381.35 256.29 3 L
+N
+[1.731 1.5] 1.731 I
+381.35 256.29 380.29 257.35 2 L
+N
+J
+478.14 283.5 484.5 289.86 490.86 283.5 484.5 277.14 4 Y
+V
+J
+478.14 283.5 484.5 289.86 490.86 283.5 484.5 277.14 4 Y
+J
+480.79 280.85 478.14 283.5 480.79 286.15 3 L
+N
+[1.731 1.5] 1.731 I
+480.79 286.15 481.85 287.21 2 L
+N
+J
+481.85 287.21 484.5 289.86 487.15 287.21 3 L
+N
+[1.731 1.5] 1.731 I
+487.15 287.21 488.21 286.15 2 L
+N
+J
+488.21 286.15 490.86 283.5 488.21 280.85 3 L
+N
+[1.731 1.5] 1.731 I
+488.21 280.85 487.15 279.79 2 L
+N
+J
+487.15 279.79 484.5 277.14 481.85 279.79 3 L
+N
+[1.731 1.5] 1.731 I
+481.85 279.79 480.79 280.85 2 L
+N
+0 0 0 1 0 0 0 K
+J
+0 0 612 792 C
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "2" 2
+%%Page: "3" 3
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 9 558 36 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 30.67 T
+(3) 306 30.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 1.22 (other hand, the ne) 54 731.33 B
+0.25 1.22 (w system opens ne) 148.02 731.33 B
+0.25 1.22 (w security) 244.44 731.33 B
+0.25 0.5 (vulnerabilities and mak) 54 720.33 B
+0.25 0.5 (es it more costly to achie) 159.79 720.33 B
+0.25 0.5 (v) 273.52 720.33 B
+0.25 0.5 (e an) 278.87 720.33 B
+0.25 0.06 (acceptable le) 54 709.33 B
+0.25 0.06 (v) 106.72 709.33 B
+0.25 0.06 (el of security) 111.63 709.33 B
+0.25 0.06 (, the or) 164.56 709.33 B
+0.25 0.06 (g) 193.42 709.33 B
+0.25 0.06 (anization must carefully) 198.43 709.33 B
+0.11 (weigh the bene\336ts of) 54 698.33 P
+0.11 (fered by the technology and ask itself if) 137.67 698.33 P
+0.25 0.14 (these benef) 54 687.33 B
+0.25 0.14 (its are w) 100.46 687.33 B
+0.25 0.14 (orth either the added risk the) 135.96 687.33 B
+0.25 0.14 (y bring or) 255.84 687.33 B
+(the added e) 54 676.33 T
+(xpense required to manage these risks.) 99.39 676.33 T
+3 F
+(Usability) 54 657.33 T
+0 F
+0.25 0.17 (When calculating security costs, usability is an important,) 54 638.33 B
+0.25 0.33 (and often hidden, f) 54 627.33 B
+0.25 0.33 (actor) 136.54 627.33 B
+0.25 0.33 (. If security mechanisms are too) 157.65 627.33 B
+0.25 0.58 (time-consuming or dif) 54 616.33 B
+0.25 0.58 (f) 155.81 616.33 B
+0.25 0.58 (icult to use, the) 159.17 616.33 B
+0.25 0.58 (y can decrease) 230.69 616.33 B
+-0.03 (producti) 54 605.33 P
+-0.03 (vity by taking time and resources which should ha) 87.08 605.33 P
+-0.03 (v) 287.71 605.33 P
+-0.03 (e) 292.56 605.33 P
+0.25 (been directed to the or) 54 594.33 P
+0.25 (g) 144.23 594.33 P
+0.25 (anization\325) 149.18 594.33 P
+0.25 (s mission. Ov) 188.62 594.33 P
+0.25 (erly stringent) 243.7 594.33 P
+0.23 (procedures can actually weak) 54 583.33 P
+0.23 (en security) 172.61 583.33 P
+0.23 (. Users who \336nd the) 215.79 583.33 P
+0.25 0.56 (policies dif) 54 572.33 B
+0.25 0.56 (f) 105.47 572.33 B
+0.25 0.56 (icult to follo) 108.82 572.33 B
+0.25 0.56 (w may ignore the policies or) 166.4 572.33 B
+0.25 0.18 (implement them haphazardly) 54 561.33 B
+0.25 0.18 (. In e) 175.13 561.33 B
+0.25 0.18 (xtreme cases, where the) 196.82 561.33 B
+0.25 0.39 (policies are seen as b) 54 550.33 B
+0.25 0.39 (ureaucratic roadblocks, users may) 147.76 550.33 B
+0.25 0.06 (acti) 54 539.33 B
+0.25 0.06 (v) 68.44 539.33 B
+0.25 0.06 (ely sabotage the policies in order to \322get the job done\323) 73.35 539.33 B
+(\050see \336g. 3\051.) 54 528.33 T
+0.25 0.52 (In general, it is v) 54 337.33 B
+0.25 0.52 (ery dif) 132.16 337.33 B
+0.25 0.52 (f) 162.16 337.33 B
+0.25 0.52 (icult to design easy-to-use or) 165.46 337.33 B
+0.25 0.52 (automatic security mechanisms which still ef) 54 326.33 B
+0.25 0.52 (fecti) 258.23 326.33 B
+0.25 0.52 (v) 278.36 326.33 B
+0.25 0.52 (ely) 283.73 326.33 B
+0.25 0.18 (protect an or) 54 315.33 B
+0.25 0.18 (g) 107.22 315.33 B
+0.25 0.18 (anization\325) 112.35 315.33 B
+0.25 0.18 (s assets. Despite these dif) 153.61 315.33 B
+0.25 0.18 (f) 261.2 315.33 B
+0.25 0.18 (iculties,) 264.16 315.33 B
+0.25 0.31 (Ja) 54 304.33 B
+0.25 0.31 (v) 62.74 304.33 B
+0.25 0.31 (a is able to pro) 67.8 304.33 B
+0.25 0.31 (vide transparent security mechanisms,) 132.44 304.33 B
+0.25 0.01 (which do not require an) 54 293.33 B
+0.25 0.01 (y kno) 150 293.33 B
+0.25 0.01 (wledge or action on the part of) 172.53 293.33 B
+0.25 0.06 (the end user) 54 282.33 B
+0.25 0.06 (. This is possible because Ja) 102.97 282.33 B
+0.25 0.06 (v) 217.93 282.33 B
+0.25 0.06 (a\325) 222.74 282.33 B
+0.25 0.06 (s security model) 230.07 282.33 B
+0.25 0.09 (is intended to protect the end-user from hostile e) 54 271.33 B
+0.25 0.09 (x) 254.14 271.33 B
+0.25 0.09 (ecutables) 259.08 271.33 B
+-0.19 (accidentally imported from untrusted sources. Limiting these) 54 260.33 P
+0.25 0.68 (so called \322T) 54 249.33 B
+0.25 0.68 (rojan horses\323 is a much easier task than) 110.65 249.33 B
+0.25 0.42 (pro) 54 238.33 B
+0.25 0.42 (viding general netw) 68.44 238.33 B
+0.25 0.42 (ork and ph) 156.23 238.33 B
+0.25 0.42 (ysical security) 203.64 238.33 B
+0.25 0.42 (. Since) 267.02 238.33 B
+0.25 0.18 (Ja) 54 227.33 B
+0.25 0.18 (v) 62.49 227.33 B
+0.25 0.18 (a\325) 67.43 227.33 B
+0.25 0.18 (s security model is intended to augment, not replace,) 75.01 227.33 B
+0.25 0.22 (these traditional security mechanisms, Ja) 54 216.33 B
+0.25 0.22 (v) 227.51 216.33 B
+0.25 0.22 (a can pro) 232.48 216.33 B
+0.25 0.22 (vide a) 271.48 216.33 B
+0.25 0.26 (simple, usable solution to this simpler) 54 205.33 B
+0.25 0.26 (, more manageable) 216.57 205.33 B
+(problem.) 54 194.33 T
+1 F
+(Common Security F) 54 172.33 T
+(allacies) 148.26 172.33 T
+3 F
+(Risk A) 54 156.33 T
+(v) 84.72 156.33 T
+(oidance) 89.98 156.33 T
+0 F
+-0.17 (The most common security f) 54 137.33 P
+-0.17 (allac) 168.2 137.33 P
+-0.17 (y is that the goal of security) 186.93 137.33 P
+0.25 0.03 (is to eliminate all risk and vulnerabilities from a system. As) 54 126.33 B
+0.25 0.03 (discussed abo) 54 115.33 B
+0.25 0.03 (v) 109.72 115.33 B
+0.25 0.03 (e, this is an unobtainable goal and little good) 114.6 115.33 B
+0.25 0.03 (comes from pursuing it. A compan) 54 104.33 B
+0.25 0.03 (y with a \322zero tolerance\323) 195.39 104.33 B
+0.25 0.28 (approach to security risks w) 54 93.33 B
+0.25 0.28 (ould be forced to disconnect) 175.04 93.33 B
+0.25 0.47 (itself completely from the Internet and thus w) 54 82.33 B
+0.25 0.47 (ould not) 260.39 82.33 B
+0.25 0.88 (benef) 54 71.33 B
+0.25 0.88 (it from the v) 80.04 71.33 B
+0.25 0.88 (ast resources and near) 141.66 71.33 B
+0.25 0.88 (-uni) 249.52 71.33 B
+0.25 0.88 (v) 268.89 71.33 B
+0.25 0.88 (ersal) 274.61 71.33 B
+0.25 0.16 (connecti) 54 60.33 B
+0.25 0.16 (vity it pro) 88.92 60.33 B
+0.25 0.16 (vides. Such a compan) 130.49 60.33 B
+0.25 0.16 (y w) 221.53 60.33 B
+0.25 0.16 (ould still be at) 236.88 60.33 B
+0.25 0.56 (risk from undetected viruses in commercial softw) 315 731.33 B
+0.25 0.56 (are,) 541.61 731.33 B
+(disgruntled emplo) 315 720.33 T
+(yees and industrial espionage.) 387.4 720.33 T
+0.25 0.68 (While this compan) 315 701.33 B
+0.25 0.68 (y spends v) 402.52 701.33 B
+0.25 0.68 (ast sums of mone) 451.82 701.33 B
+0.25 0.68 (y and) 533.08 701.33 B
+0.25 0.82 (resources chasing the chimera of total security) 315 690.33 B
+0.25 0.82 (, its) 540.01 690.33 B
+0.25 0.17 (competitors with more realistic security policies w) 315 679.33 B
+0.25 0.17 (ould be) 527.04 679.33 B
+0.25 0.14 (concentrating on more practical matters such as e) 315 668.33 B
+0.25 0.14 (xploiting) 520.78 668.33 B
+0.25 0.64 (ne) 315 657.33 B
+0.25 0.64 (w) 325.47 657.33 B
+0.25 0.64 (, \322risk) 332.68 657.33 B
+0.25 0.64 (y\323 technologies to better their competiti) 361.7 657.33 B
+0.25 0.64 (v) 548.07 657.33 B
+0.25 0.64 (e) 553.56 657.33 B
+(position.) 315 646.33 T
+3 F
+(Piecemeal Security) 315 627.33 T
+0 F
+0.13 (The risk a) 315 608.33 P
+0.13 (v) 355.06 608.33 P
+0.13 (oidance f) 359.86 608.33 P
+0.13 (allac) 396.82 608.33 P
+0.13 (y is v) 415.55 608.33 P
+0.13 (ery common among computer) 437.34 608.33 P
+0.08 (users and managers. F) 315 597.33 P
+0.08 (ortunately) 403.97 597.33 P
+0.08 (, most security professionals) 443.87 597.33 P
+0.25 0.54 (recognize that their goal is risk management, not risk) 315 586.33 B
+0.25 0.5 (a) 315 575.33 B
+0.25 0.5 (v) 319.74 575.33 B
+0.25 0.5 (oidance, and do not f) 325.04 575.33 B
+0.25 0.5 (all into this trap. Among these) 420.61 575.33 B
+0.25 0.66 (professionals, piecemeal security is a more common) 315 564.33 B
+(problem.) 315 553.33 T
+0.25 0 (Piecemeal security is the tendenc) 315 534.33 B
+0.25 0 (y to look at small pieces of) 448.67 534.33 B
+0.08 (a system or netw) 315 523.33 P
+0.08 (ork in isolation from the system as a whole.) 382.64 523.33 P
+0.25 0.73 (Because computer systems and especially computer) 315 512.33 B
+0.25 0.19 (netw) 315 501.33 B
+0.25 0.19 (orks can be e) 335.09 501.33 B
+0.25 0.19 (xtremely comple) 390.61 501.33 B
+0.25 0.19 (x, it is of little v) 461.02 501.33 B
+0.25 0.19 (alue to) 529.68 501.33 B
+0.25 0.02 (e) 315 490.33 B
+0.25 0.02 (xamine indi) 319.31 490.33 B
+0.25 0.02 (vidual aspects of the system. Informed security) 367.02 490.33 B
+0.25 0.06 (decisions can only be made by e) 315 479.33 B
+0.25 0.06 (xamining the entire system) 447.67 479.33 B
+0.25 0.22 (and looking for the unanticipated side-ef) 315 468.33 B
+0.25 0.22 (fects of adding a) 487.4 468.33 B
+(ne) 315 457.33 T
+(w type of softw) 324.19 457.33 T
+(are or netw) 386.58 457.33 T
+(ork resource.) 431.46 457.33 T
+0.25 0.42 (Piecemeal security often is the result of ha) 315 438.33 B
+0.25 0.42 (ving se) 504.89 438.33 B
+0.25 0.42 (v) 536.46 438.33 B
+0.25 0.42 (eral) 541.74 438.33 B
+0.25 0.1 (departments responsible for dif) 315 427.33 B
+0.25 0.1 (ferent aspects of security) 443.35 427.33 B
+0.25 0.1 (. If) 545.78 427.33 B
+0.15 (these departments do not w) 315 416.33 P
+0.15 (ork closely together) 424.92 416.33 P
+0.15 (, each can set) 504.25 416.33 P
+0.12 (policies without re) 315 405.33 P
+0.12 (g) 389.53 405.33 P
+0.12 (ard for ho) 394.48 405.33 P
+0.12 (w those policies af) 433.9 405.33 P
+0.12 (fect security) 508.73 405.33 P
+0.25 0.29 (as a whole. This can create vulnerabilities at the borders) 315 394.33 B
+0.25 0.09 (between tw) 315 383.33 B
+0.25 0.09 (o departments and decrease the total security of) 361.86 383.33 B
+-0.16 (the or) 315 372.33 P
+-0.16 (g) 337.71 372.33 P
+-0.16 (anization. These g) 342.66 372.33 P
+-0.16 (aps are particularly dangerous since) 415.34 372.33 P
+0.25 0.49 (attack) 315 361.33 B
+0.25 0.49 (ers may acti) 341.71 361.33 B
+0.25 0.49 (v) 396.13 361.33 B
+0.25 0.49 (ely seek out areas in which se) 401.47 361.33 B
+0.25 0.49 (v) 536.21 361.33 B
+0.25 0.49 (eral) 541.55 361.33 B
+0.25 0.02 (departments share security responsibilities or in which there) 315 350.33 B
+(is a g) 315 339.33 T
+(ap between departments.) 336.06 339.33 T
+3 F
+(Steel Door) 315 320.33 T
+(s And Grass Huts) 364.86 320.33 T
+0 F
+-0.23 (Piecemeal security can lead an or) 315 301.33 P
+-0.23 (g) 447.26 301.33 P
+-0.23 (anization to o) 452.21 301.33 P
+-0.23 (v) 506.05 301.33 P
+-0.23 (er) 510.9 301.33 P
+-0.23 (-react to a) 518.47 301.33 P
+0.25 0.07 (percei) 315 290.33 B
+0.25 0.07 (v) 339.59 290.33 B
+0.25 0.07 (ed vulnerability) 344.51 290.33 B
+0.25 0.07 (. This is often the case when dealing) 408.26 290.33 B
+0.25 0.05 (with ne) 315 279.33 B
+0.25 0.05 (w technologies. A f) 345.04 279.33 B
+0.25 0.05 (la) 424.42 279.33 B
+0.25 0.05 (w found in the ne) 431.58 279.33 B
+0.25 0.05 (w technology) 503.09 279.33 B
+0.25 0.02 (prompts the or) 315 268.33 B
+0.25 0.02 (g) 373.92 268.33 B
+0.25 0.02 (anization to e) 378.89 268.33 B
+0.25 0.02 (xpend great ef) 433.38 268.33 B
+0.25 0.02 (fort patching the) 491.1 268.33 B
+0.25 0.43 (vulnerability) 315 257.33 B
+0.25 0.43 (, without f) 371.07 257.33 B
+0.25 0.43 (irst checking to see if this same) 417.15 257.33 B
+0.25 0.22 (vulnerability e) 315 246.33 B
+0.25 0.22 (xists, undetected, in e) 376.45 246.33 B
+0.25 0.22 (xisting systems. Lik) 468.48 246.33 B
+0.25 0.22 (e) 553.56 246.33 B
+0.25 0.12 (steel doors on a grass hut, these patches, produced at great) 315 235.33 B
+0.25 0.04 (e) 315 224.33 B
+0.25 0.04 (xpense, close one possible hole b) 319.33 224.33 B
+0.25 0.04 (ut do little to increase the) 454.36 224.33 B
+(security of the system as a whole.) 315 213.33 T
+0.08 (While the desire to b) 315 194.33 P
+0.08 (uild steel doors to protect ag) 398.42 194.33 P
+0.08 (ainst ne) 512.34 194.33 P
+0.08 (wly) 543 194.33 P
+0.25 0.02 (percei) 315 183.33 B
+0.25 0.02 (v) 339.31 183.33 B
+0.25 0.02 (ed threats can w) 344.18 183.33 B
+0.25 0.02 (aste resources and slo) 409.88 183.33 B
+0.25 0.02 (w the adoption) 497.78 183.33 B
+0.25 0.18 (of ne) 315 172.33 B
+0.25 0.18 (w technology) 336.18 172.33 B
+0.25 0.18 (, pre) 392.13 172.33 B
+0.25 0.18 (viously constructed steel doors can) 410.82 172.33 B
+0.02 (blind an or) 315 161.33 P
+0.02 (g) 358.19 161.33 P
+0.02 (anization to ne) 363.14 161.33 P
+0.02 (w or pre) 421.8 161.33 P
+0.02 (viously unnoticed threats.) 454.91 161.33 P
+0.25 0.01 (If the ne) 315 150.33 B
+0.25 0.01 (w found threat is not well-understood and is similar) 348.69 150.33 B
+0.25 0.19 (to the threat which moti) 315 139.33 B
+0.25 0.19 (v) 415.85 139.33 B
+0.25 0.19 (ated the construction of the steel) 420.79 139.33 B
+0.25 0.1 (door) 315 128.33 B
+0.25 0.1 (, f) 333.32 128.33 B
+0.25 0.1 (alse conf) 342.08 128.33 B
+0.25 0.1 (idence in the elaborately constructed door\325) 378.47 128.33 B
+0.25 0.1 (s) 554.11 128.33 B
+0.25 0.62 (ability to protect ag) 315 117.33 B
+0.25 0.62 (ainst the ne) 406.71 117.33 B
+0.25 0.62 (w threat can slo) 459.92 117.33 B
+0.25 0.62 (w the) 533.34 117.33 B
+(adoption of more ef) 315 106.33 T
+(fecti) 393.9 106.33 T
+(v) 411.42 106.33 T
+(e measures.) 416.27 106.33 T
+1 F
+(K) 315 84.33 T
+(eeping Current) 322.07 84.33 T
+0 F
+0.25 0.2 (One of the most important parts of the security process is) 315 68.33 B
+0.25 0.44 (staying informed. Ne) 315 57.33 B
+0.25 0.44 (w vulnerabilities in computer and) 408.66 57.33 B
+0 0 0 1 0 0 0 K
+54 353 297 525 C
+0 0 0 1 0 0 0 K
+72 516 72 417 270 417 3 L
+0.5 H
+2 Z
+0 X
+0 0 0 1 0 0 0 K
+N
+0 10 Q
+(Cost) 177.5 399 T
+(Security) 0 -270 67.33 446 TF
+J
+72 504.5 279 504.5 2 L
+J
+72 504.5 75.75 504.5 2 L
+N
+[7.389 6.404] 7.389 I
+75.75 504.5 275.25 504.5 2 L
+N
+J
+275.25 504.5 279 504.5 2 L
+N
+J
+84.5 428 M
+ 87.78 446.62 130.8 492.97 143 466 D
+ 152.5 445 169.38 437.04 196.5 439.44 D
+ 202.3 439.95 260.67 438.81 266.5 439 D
+N
+(Fig. 3 Ov) 63.5 377.5 T
+(erly complicated and dif) 101.41 377.5 T
+(\336cult to follo) 198.64 377.5 T
+(w) 250.62 377.5 T
+(procedures reduce o) 63.5 367.5 T
+(v) 143.87 367.5 T
+(erall security and increase cost.) 148.72 367.5 T
+0 0 0 1 0 0 0 K
+0 0 612 792 C
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "3" 3
+%%Page: "4" 4
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 18 558 45 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 39.67 T
+(4) 306 39.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 0.49 (netw) 54 731.33 B
+0.25 0.49 (ork systems, and ne) 75.31 731.33 B
+0.25 0.49 (w attacks which e) 164.04 731.33 B
+0.25 0.49 (xploit those) 244.38 731.33 B
+0.25 0.21 (vulnerabilities, are found re) 54 720.33 B
+0.25 0.21 (gularly) 171.28 720.33 B
+0.25 0.21 (. Because of these ne) 200.44 720.33 B
+0.25 0.21 (w) 289.78 720.33 B
+0.25 0.51 (attacks, e) 54 709.33 B
+0.25 0.51 (v) 96.35 709.33 B
+0.25 0.51 (en the most secure installation will quickly) 101.72 709.33 B
+0.25 0.09 (become vulnerable if its security is not acti) 54 698.33 B
+0.25 0.09 (v) 231.48 698.33 B
+0.25 0.09 (ely maintained) 236.42 698.33 B
+(by a well-informed, up-to-date staf) 54 687.33 T
+(f.) 193.44 687.33 T
+0.25 0.13 (The CER) 54 668.33 B
+0.25 0.13 (T) 92.04 668.33 B
+0 8 Q
+0.2 0.13 (2) 98.28 672.33 B
+0 10 Q
+0.25 0.13 ( Coordination Center \050CER) 102.4 668.33 B
+0.25 0.13 (T/CC\051 maintains an) 215.45 668.33 B
+0.25 0.06 (e) 54 657.33 B
+0.25 0.06 (xcellent set of on-line resources for security professionals.) 58.35 657.33 B
+-0.03 (The CER) 54 646.33 P
+-0.03 (T/CC e) 90.87 646.33 P
+-0.03 (v) 119.75 646.33 P
+-0.03 (olv) 124.55 646.33 P
+-0.03 (ed from an Adv) 137.18 646.33 P
+-0.03 (anced Research Projects) 199.88 646.33 P
+0 (Agenc) 54 635.33 P
+0 (y \050ARP) 79.95 635.33 P
+0 (A\051 computer emer) 109.31 635.33 P
+0 (genc) 182.45 635.33 P
+0 (y response team formed) 201.18 635.33 P
+0.25 0 (in 1988 follo) 54 624.33 B
+0.25 0 (wing the Morris Internet W) 105.96 624.33 B
+0.25 0 (orm. The CER) 216.21 624.33 B
+0.25 0 (T/CC) 274.76 624.33 B
+0.25 0.05 (collects and in) 54 613.33 B
+0.25 0.05 (v) 112.62 613.33 B
+0.25 0.05 (estig) 117.52 613.33 B
+0.25 0.05 (ates reports of security attacks and ne) 136.61 613.33 B
+0.25 0.05 (w) 289.78 613.33 B
+0.25 0.27 (found vulnerabilities. The) 54 602.33 B
+0.25 0.27 (y distrib) 165.01 602.33 B
+0.25 0.27 (ute this information as) 200.56 602.33 B
+0.25 0.14 (CER) 54 591.33 B
+0.25 0.14 (T Advisories, which document the vulnerabilities, list) 73.26 591.33 B
+0.02 (con\336rmed and rumored occurrences of attacks e) 54 580.33 P
+0.02 (xploiting the) 246.14 580.33 P
+0.25 0.31 (vulnerabilities, and document patches and procedures to) 54 569.33 B
+(close the vulnerabilities.) 54 558.33 T
+0.25 0.2 (Ov) 54 539.33 B
+0.25 0.2 (er the last se) 66.47 539.33 B
+0.25 0.2 (v) 119.46 539.33 B
+0.25 0.2 (eral years the CER) 124.5 539.33 B
+0.25 0.2 (T/CC has documented) 203.49 539.33 B
+0.25 0.51 (approximately 10 to 20 ne) 54 528.33 B
+0.25 0.51 (w-found vulnerabilities and) 172.59 528.33 B
+0.25 0.09 (attacks each year) 54 517.33 B
+0.25 0.09 (. These vulnerabilities co) 123.82 517.33 B
+0.25 0.09 (v) 227.35 517.33 B
+0.25 0.09 (er all aspects of) 232.29 517.33 B
+0.25 0.14 (computer security on systems ranging from mainframes to) 54 506.33 B
+0.25 1.08 (Microsoft W) 54 495.33 B
+0.25 1.08 (indo) 117.09 495.33 B
+0.25 1.08 (ws. CER) 138.93 495.33 B
+0.25 1.08 (T Advisories and other) 181.68 495.33 B
+0.25 0.31 (information can be found on their web site at) 54 484.33 B
+4 F
+0.6 0.31 (http://) 253.12 484.33 B
+(www.cert.org) 54 473.33 T
+0 F
+(.) 126 473.33 T
+1 F
+(J) 54 450.33 T
+(A) 59.36 450.33 T
+(V) 65.78 450.33 T
+(A SECURITY) 71.65 450.33 T
+(The Sandbo) 54 427.33 T
+(x) 110.93 427.33 T
+0 F
+0.25 0.05 (Ja) 54 411.33 B
+0.25 0.05 (v) 62.23 411.33 B
+0.25 0.05 (a\325) 67.03 411.33 B
+0.25 0.05 (s security allo) 74.35 411.33 B
+0.25 0.05 (ws a user to import and run applets from) 130.88 411.33 B
+0.25 0.44 (the W) 54 400.33 B
+0.25 0.44 (eb or an intranet without undue risk to the user\325) 79.79 400.33 B
+0.25 0.44 (s) 293.11 400.33 B
+0.03 (machine. The applet\325) 54 389.33 P
+0.03 (s actions are restricted to its \322sandbox\323,) 138.22 389.33 P
+0.25 0.3 (an area of the web bro) 54 378.33 B
+0.25 0.3 (wser dedicated to that applet. The) 150.79 378.33 B
+0.25 0.36 (applet may do an) 54 367.33 B
+0.25 0.36 (ything it w) 128.99 367.33 B
+0.25 0.36 (ants within its sandbox, b) 176.71 367.33 B
+0.25 0.36 (ut) 288.86 367.33 B
+0.25 0.29 (cannot read or alter an) 54 356.33 B
+0.25 0.29 (y data outside of its sandbox. The) 151.05 356.33 B
+0.25 0.73 (sandbox model is to run untrusted code in a trusted) 54 345.33 B
+0.25 0.12 (en) 54 334.33 B
+0.25 0.12 (vironment so that if a user accidentally imports a hostile) 63.28 334.33 B
+(applet, that applet cannot damage the local machine.) 54 323.33 T
+0.15 (This approach is much dif) 54 304.33 P
+0.15 (ferent from that used in traditional) 158.77 304.33 P
+0.25 0.19 (operating systems. Because most operating systems allo) 54 293.33 B
+0.25 0.19 (w) 289.78 293.33 B
+0.25 0.07 (applications broad access to the machine, especially in PCs) 54 282.33 B
+0.25 0.32 (where v) 54 271.33 B
+0.25 0.32 (ery little protection is pro) 88.28 271.33 B
+0.25 0.32 (vided by the operating) 199.79 271.33 B
+0.25 0.46 (system, the runtime en) 54 260.33 B
+0.25 0.46 (vironment cannot be trusted. T) 154.99 260.33 B
+0.25 0.46 (o) 292 260.33 B
+0.25 0.21 (compensate for this lack, security policies often require a) 54 249.33 B
+0.25 0.06 (le) 54 238.33 B
+0.25 0.06 (v) 61.09 238.33 B
+0.25 0.06 (el of trust to be established in the application before it is) 66 238.33 B
+0.25 0.18 (e) 54 227.33 B
+0.25 0.18 (x) 58.47 227.33 B
+0.25 0.18 (ecuted. F) 63.5 227.33 B
+0.25 0.18 (or e) 101.9 227.33 B
+0.25 0.18 (xample, an or) 118 227.33 B
+0.25 0.18 (g) 175.39 227.33 B
+0.25 0.18 (anization might require that) 180.52 227.33 B
+0.25 0.18 (before an emplo) 54 216.33 B
+0.25 0.18 (yee runs an application obtained from the) 122.12 216.33 B
+0.25 0.25 (web, that application must be check) 54 205.33 B
+0.25 0.25 (ed for viruses and its) 207.35 205.33 B
+(source code e) 54 194.33 T
+(xamined for malicious code.) 108.27 194.33 T
+0.13 (There are tw) 54 175.33 P
+0.13 (o problems with this approach. First, the checks) 104.7 175.33 P
+0.06 (required to b) 54 164.33 P
+0.06 (uild trust in the application may be too comple) 105.02 164.33 P
+0.06 (x) 292 164.33 P
+0.25 0.28 (and time-consuming to be practical. Fe) 54 153.33 B
+0.25 0.28 (w emplo) 221.82 153.33 B
+0.25 0.28 (yees will) 258.66 153.33 B
+0.25 0.13 (tak) 54 142.33 B
+0.25 0.13 (e the time to read the source code of an application and) 66.5 142.33 B
+0.25 0.2 (compile it locally to ensure that it tak) 54 131.33 B
+0.25 0.2 (es no hidden hostile) 212.76 131.33 B
+0.25 1.06 (actions. Second, virus check) 54 120.33 B
+0.25 1.06 (ers require constant) 198 120.33 B
+0.25 0.38 (maintenance in order to remain ef) 54 109.33 B
+0.25 0.38 (fecti) 202.64 109.33 B
+0.25 0.38 (v) 222.04 109.33 B
+0.25 0.38 (e. The) 227.26 109.33 B
+0.25 0.38 (y must be) 254.6 109.33 B
+54 77 297 97.09 C
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 84.99 185.98 84.99 2 L
+0.25 H
+2 Z
+0 X
+0 0 0 1 0 0 0 K
+N
+0 0 612 792 C
+0 9 Q
+0 X
+0 0 0 1 0 0 0 K
+(2 CER) 54 71 T
+(T is a service mark of Carne) 79.96 71 T
+(gie Mellon Uni) 181.8 71 T
+(v) 236.57 71 T
+(ersity) 240.94 71 T
+0 10 Q
+0.25 0.03 (updated with samples of ne) 315 731.33 B
+0.25 0.03 (wly disco) 425.91 731.33 B
+0.25 0.03 (v) 464.88 731.33 B
+0.25 0.03 (ered viruses and must) 469.76 731.33 B
+0.03 (be installed on each machine. Also, man) 315 720.33 P
+0.03 (y virus check) 476.66 720.33 P
+0.03 (ers can) 529.93 720.33 P
+0.25 0.17 (be turned of) 315 709.33 B
+0.25 0.17 (f, either accidentally) 365.6 709.33 B
+0.25 0.17 (, as part of an installation) 451.09 709.33 B
+0.11 (procedure, or to sa) 315 698.33 P
+0.11 (v) 389.56 698.33 P
+0.11 (e time when handling \322safe\323 disk) 394.41 698.33 P
+0.11 (ettes. If) 527.9 698.33 P
+0.13 (the check) 315 687.33 P
+0.13 (er is accidentally left of) 353.07 687.33 P
+0.13 (f, the machine and possibly) 447.77 687.33 P
+(the entire or) 315 676.33 T
+(g) 363.14 676.33 T
+(anization are at risk.) 368.09 676.33 T
+0.25 0.52 (Ja) 315 657.33 B
+0.25 0.52 (v) 324.16 657.33 B
+0.25 0.52 (a solv) 329.43 657.33 B
+0.25 0.52 (es these problems, and the usability problem) 356.24 657.33 B
+0.25 0.15 (discussed abo) 315 646.33 B
+0.25 0.15 (v) 372.38 646.33 B
+0.25 0.15 (e, by automatically conf) 377.38 646.33 B
+0.25 0.15 (ining applets to the) 477.93 646.33 B
+0.22 (sandbox. End-users do not ha) 315 635.33 P
+0.22 (v) 433.74 635.33 P
+0.22 (e to tak) 438.59 635.33 P
+0.22 (e an) 468.38 635.33 P
+0.22 (y special action in) 484.83 635.33 P
+0.25 0.47 (order to ensure the safety of the machine. Because the) 315 624.33 B
+0.25 0.19 (sandbox pre) 315 613.33 B
+0.25 0.19 (v) 365.71 613.33 B
+0.25 0.19 (ents the actions required to spread a virus or) 370.75 613.33 B
+0.25 0.46 (steal information, instead of trying to identify a virus-) 315 602.33 B
+0.25 0.14 (infected e) 315 591.33 B
+0.25 0.14 (x) 355.67 591.33 B
+0.25 0.14 (ecutable or potential attack) 360.66 591.33 B
+0.25 0.14 (er) 473.31 591.33 B
+0.25 0.14 (, the sandbox does) 480.96 591.33 B
+(not require periodic updates with ne) 315 580.33 T
+(w viruses.) 458.89 580.33 T
+3 F
+(Applets And Applications) 315 561.33 T
+0 F
+0.25 0.34 (Ja) 315 542.33 B
+0.25 0.34 (v) 323.8 542.33 B
+0.25 0.34 (a programs can e) 328.89 542.33 B
+0.25 0.34 (xist in tw) 402.9 542.33 B
+0.25 0.34 (o forms: as applets, which) 443.89 542.33 B
+0.25 0.19 (tra) 315 531.33 B
+0.25 0.19 (v) 325.91 531.33 B
+0.25 0.19 (el across the Internet or intranet as part of a web page) 330.94 531.33 B
+0.25 0.21 (and run inside of the end-user\325) 315 520.33 B
+0.25 0.21 (s bro) 444.81 520.33 B
+0.25 0.21 (wser; or as traditional) 465.61 520.33 B
+0.25 0.32 (stand-alone applications. Only applets are subject to the) 315 509.33 B
+(security restrictions described abo) 315 498.33 T
+(v) 451.21 498.33 T
+(e.) 456.06 498.33 T
+0.25 0.51 (Ja) 315 479.33 B
+0.25 0.51 (v) 324.15 479.33 B
+0.25 0.51 (a applications are purchased and installed just lik) 329.42 479.33 B
+0.25 0.51 (e) 553.56 479.33 B
+0.21 (traditional commercial applications. The) 315 468.33 P
+0.21 (y may be purchased) 477.67 468.33 P
+0.25 0.04 (in \322shrink-wrapped\323 box) 315 457.33 B
+0.25 0.04 (es or imported o) 415.77 457.33 B
+0.25 0.04 (v) 482.34 457.33 B
+0.25 0.04 (er a netw) 487.23 457.33 B
+0.25 0.04 (ork, and) 524.67 457.33 B
+0.25 0.8 (may be installed by users or system administrators) 315 446.33 B
+0.25 0.36 (\050according to standard practice within an or) 315 435.33 B
+0.25 0.36 (g) 506.59 435.33 B
+0.25 0.36 (anization.\051) 511.9 435.33 B
+0.25 0.62 (Since applications are not imported from outside the) 315 424.33 B
+0.25 0.23 (or) 315 413.33 B
+0.25 0.23 (g) 323.61 413.33 B
+0.25 0.23 (anization, and are \050in theory\051 only installed by trusted) 328.78 413.33 B
+0.25 0.01 (indi) 315 402.33 B
+0.25 0.01 (viduals, Ja) 330.37 402.33 B
+0.25 0.01 (v) 372.8 402.33 B
+0.25 0.01 (a applications add no ne) 377.56 402.33 B
+0.25 0.01 (w security concerns.) 475.31 402.33 B
+0.25 0.11 (Security comes from maintaining ph) 315 391.33 B
+0.25 0.11 (ysical control o) 465.9 391.33 B
+0.25 0.11 (v) 529.73 391.33 B
+0.25 0.11 (er the) 534.69 391.33 B
+0.25 0.1 (systems, pre) 315 380.33 B
+0.25 0.1 (v) 365.7 380.33 B
+0.25 0.1 (enting end-users from do) 370.65 380.33 B
+0.25 0.1 (wnloading untrusted) 473.92 380.33 B
+0.25 0.26 (applications from the net, using virus check) 315 369.33 B
+0.25 0.26 (ers and other) 502.69 369.33 B
+(traditional security measures.) 315 358.33 T
+1 F
+(Building The Sandbo) 315 336.33 T
+(x) 414.71 336.33 T
+0 F
+0.25 0.63 (The sandbox is made up of se) 315 320.33 B
+0.25 0.63 (v) 452.87 320.33 B
+0.25 0.63 (eral dif) 458.35 320.33 B
+0.25 0.63 (ferent systems) 492.02 320.33 B
+0.25 0.48 (operating together) 315 309.33 B
+0.25 0.48 (. These systems range from security) 396.45 309.33 B
+0.25 0.09 (managers running inside of the application which imported) 315 298.33 B
+0.17 (the applet, to safety features b) 315 287.33 P
+0.17 (uilt into the Ja) 435.64 287.33 P
+0.17 (v) 492.92 287.33 P
+0.17 (a language and) 497.67 287.33 P
+(the virtual machine.) 315 276.33 T
+3 F
+(Class Loader) 315 257.33 T
+0 F
+0.19 (When an applet is to be imported from the netw) 315 238.33 P
+0.19 (ork, the web) 507.92 238.33 P
+0.25 0.05 (bro) 315 227.33 B
+0.25 0.05 (wser calls the applet class loader) 328.24 227.33 B
+0.25 0.05 (. The class loader is the) 461.58 227.33 B
+0.25 0.3 (f) 315 216.33 B
+0.25 0.3 (irst link in the security chain. In addition to fetching an) 318.08 216.33 B
+0.25 0.09 (applet\325) 315 205.33 B
+0.25 0.09 (s e) 342.83 205.33 B
+0.25 0.09 (x) 354.02 205.33 B
+0.25 0.09 (ecutable code from the netw) 358.96 205.33 B
+0.25 0.09 (ork, the class loader) 475.52 205.33 B
+0.25 0.15 (enforces the name space hierarch) 315 194.33 B
+0.25 0.15 (y) 453.42 194.33 B
+0.25 0.15 (. A name space controls) 457.92 194.33 B
+0.25 0.2 (what other portions of the Ja) 315 183.33 B
+0.25 0.2 (v) 435.9 183.33 B
+0.25 0.2 (a V) 440.85 183.33 B
+0.25 0.2 (irtual Machine an applet) 455.25 183.33 B
+-0.09 (can access. By maintaining a separate name space for trusted) 315 172.33 P
+0.25 0.05 (code which w) 315 161.33 B
+0.25 0.05 (as loaded from the local disk, the class loader) 371.59 161.33 B
+0.25 0.41 (pre) 315 150.33 B
+0.25 0.41 (v) 328.73 150.33 B
+0.25 0.41 (ents untrusted applets from g) 333.99 150.33 B
+0.25 0.41 (aining access to more) 462.78 150.33 B
+(pri) 315 139.33 T
+(vile) 325.86 139.33 T
+(ged, trusted parts of the system.) 340.71 139.33 T
+0.25 0.21 (Applets do) 315 120.33 B
+0.25 0.21 (wnloaded from the net cannot create their o) 360.75 120.33 B
+0.25 0.21 (wn) 545.57 120.33 B
+0.25 0.12 (class loaders. Do) 315 109.33 B
+0.25 0.12 (wnloaded applets are also pre) 385.4 109.33 B
+0.25 0.12 (v) 508.06 109.33 B
+0.25 0.12 (ented from) 513.03 109.33 B
+(in) 315 98.33 T
+(v) 322.38 98.33 T
+(oking methods in the system\325) 327.18 98.33 T
+(s class loader) 444.41 98.33 T
+(.) 497.18 98.33 T
+3 F
+(V) 315 79.33 T
+(eri\336er) 321.17 79.33 T
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "4" 4
+%%Page: "5" 5
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 9 558 36 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 30.67 T
+(5) 306 30.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 0.26 (Before running a ne) 54 731.33 B
+0.25 0.26 (wly imported applet, the class loader) 139.16 731.33 B
+0.25 0.44 (in) 54 720.33 B
+0.25 0.44 (v) 62.26 720.33 B
+0.25 0.44 (ok) 67.5 720.33 B
+0.25 0.44 (es the v) 78.27 720.33 B
+0.25 0.44 (erif) 112.68 720.33 B
+0.25 0.44 (ier) 127.76 720.33 B
+0.25 0.44 (. The v) 139.07 720.33 B
+0.25 0.44 (erif) 170.54 720.33 B
+0.25 0.44 (ier checks that the applet) 185.62 720.33 B
+0.25 0.17 (conforms to the Ja) 54 709.33 B
+0.25 0.17 (v) 131.25 709.33 B
+0.25 0.17 (a language specif) 136.18 709.33 B
+0.25 0.17 (ication and that there) 208.48 709.33 B
+0.25 0.14 (are no violations of the Ja) 54 698.33 B
+0.25 0.14 (v) 161.99 698.33 B
+0.25 0.14 (a language rules or name space) 166.88 698.33 B
+0.25 0.05 (restrictions. The v) 54 687.33 B
+0.25 0.05 (erif) 127.84 687.33 B
+0.25 0.05 (ier also checks for common violations) 141.38 687.33 B
+0.13 (of memory management, lik) 54 676.33 P
+0.13 (e stack under\337o) 167.6 676.33 P
+0.13 (ws or o) 230.92 676.33 P
+0.13 (v) 260.46 676.33 P
+0.13 (er\337o) 265.31 676.33 P
+0.13 (ws,) 283.39 676.33 P
+-0.12 (and ille) 54 665.33 P
+-0.12 (g) 83.45 665.33 P
+-0.12 (al data type casts, which could allo) 88.4 665.33 P
+-0.12 (w a hostile applet) 227.1 665.33 P
+0.25 0.09 (to corrupt part of the security mechanism or to replace part) 54 654.33 B
+(of the system with its o) 54 643.33 T
+(wn code.) 146.81 643.33 T
+3 F
+(Security Mana) 54 624.33 T
+(g) 121.7 624.33 T
+(er) 127.91 624.33 T
+0 F
+0.25 0.22 (The security manager enforces the boundaries around the) 54 605.33 B
+0.25 0.37 (sandbox. Whene) 54 594.33 B
+0.25 0.37 (v) 125.8 594.33 B
+0.25 0.37 (er an applet tries to perform an action) 131.02 594.33 B
+-0.21 (which could corrupt the local machine or access information,) 54 583.33 P
+0.25 0.15 (the Ja) 54 572.33 B
+0.25 0.15 (v) 78.01 572.33 B
+0.25 0.15 (a V) 82.91 572.33 B
+0.25 0.15 (irtual Machine f) 97.18 572.33 B
+0.25 0.15 (irst asks the security manager if) 163.98 572.33 B
+0.25 0.06 (this action can be performed safely) 54 561.33 B
+0.25 0.06 (. If the security manager) 197.03 561.33 B
+-0.01 (appro) 54 550.33 P
+-0.01 (v) 76.62 550.33 P
+-0.01 (es the action \321 for e) 81.47 550.33 P
+-0.01 (xample, a trusted applet from the) 164.85 550.33 P
+0.25 0.28 (local disk may be trying to read the disk, or an imported) 54 539.33 B
+0.25 0.11 (untrusted applet may be trying to connect back to its home) 54 528.33 B
+0.25 0.13 (serv) 54 517.33 B
+0.25 0.13 (er \321 the virtual machine will then perform the action.) 71.04 517.33 B
+0.25 0.18 (Otherwise, the virtual machine raises a security e) 54 506.33 B
+0.25 0.18 (xception) 261.29 506.33 B
+(and writes an error to the Ja) 54 495.33 T
+(v) 164.88 495.33 T
+(a console.) 169.63 495.33 T
+0.25 0.13 (The security manager will not allo) 54 476.33 B
+0.25 0.13 (w an untrusted applet to) 196.91 476.33 B
+-0.01 (read or write to a \336le, delete a \336le, get an) 54 465.33 P
+-0.01 (y information about) 217.58 465.33 P
+0.25 0.15 (a f) 54 454.33 B
+0.25 0.15 (ile, e) 64.42 454.33 B
+0.25 0.15 (x) 84.86 454.33 B
+0.25 0.15 (ecute operating system commands or nati) 89.86 454.33 B
+0.25 0.15 (v) 262.53 454.33 B
+0.25 0.15 (e code,) 267.53 454.33 B
+0.25 0.39 (load a library) 54 443.33 B
+0.25 0.39 (, or establish a netw) 112.69 443.33 B
+0.25 0.39 (ork connection to an) 201.58 443.33 B
+0.25 0.39 (y) 292 443.33 B
+0.25 0.04 (machine other than the applet\325) 54 432.33 B
+0.25 0.04 (s home serv) 177.4 432.33 B
+0.25 0.04 (er) 225.99 432.33 B
+0.25 0.04 (. This list is not) 233.3 432.33 B
+0.25 0.41 (e) 54 421.33 B
+0.25 0.41 (xhausti) 58.7 421.33 B
+0.25 0.41 (v) 90.19 421.33 B
+0.25 0.41 (e b) 95.45 421.33 B
+0.25 0.41 (ut does gi) 108.67 421.33 B
+0.25 0.41 (v) 151.89 421.33 B
+0.25 0.41 (e a representati) 157.15 421.33 B
+0.25 0.41 (v) 224.46 421.33 B
+0.25 0.41 (e sample of the) 229.71 421.33 B
+(restrictions place on applets.) 54 410.33 T
+0.25 0.02 (An application or a web bro) 54 391.33 B
+0.25 0.02 (wser can only ha) 167.47 391.33 B
+0.25 0.02 (v) 235.82 391.33 B
+0.25 0.02 (e one security) 240.7 391.33 B
+0.25 0.11 (manager) 54 380.33 B
+0.25 0.11 (. This assures that all access checks are made by a) 88.67 380.33 B
+0.25 0.15 (single security manager enforcing a single security polic) 54 369.33 B
+0.25 0.15 (y) 290 369.33 B
+0.25 0.15 (.) 294.5 369.33 B
+0.25 0.27 (The security manager is loaded at start-up and cannot be) 54 358.33 B
+0.25 0.43 (e) 54 347.33 B
+0.25 0.43 (xtended, o) 58.72 347.33 B
+0.25 0.43 (v) 104.74 347.33 B
+0.25 0.43 (erridden or replaced. F) 110.01 347.33 B
+0.25 0.43 (or ob) 211.49 347.33 B
+0.25 0.43 (vious reasons,) 234.55 347.33 B
+(applets can not create their o) 54 336.33 T
+(wn security managers.) 168.44 336.33 T
+3 F
+(Langua) 54 317.33 T
+(g) 89.46 317.33 T
+(e Features) 95.67 317.33 T
+0 F
+-0.19 (Ja) 54 298.33 P
+-0.19 (v) 62.13 298.33 P
+-0.19 (a has se) 66.88 298.33 P
+-0.19 (v) 97.36 298.33 P
+-0.19 (eral language features which protect the inte) 102.21 298.33 P
+-0.19 (grity) 278.11 298.33 P
+0.25 0.18 (of the security system and which pre) 54 287.33 B
+0.25 0.18 (v) 208.3 287.33 B
+0.25 0.18 (ent se) 213.33 287.33 B
+0.25 0.18 (v) 237.45 287.33 B
+0.25 0.18 (eral common) 242.48 287.33 B
+0.25 0.41 (attacks. F) 54 276.33 B
+0.25 0.41 (or e) 96.49 276.33 B
+0.25 0.41 (xample, Ja) 113.48 276.33 B
+0.25 0.41 (v) 160.35 276.33 B
+0.25 0.41 (a programs are not allo) 165.51 276.33 B
+0.25 0.41 (wed to) 267.78 276.33 B
+0.25 0.39 (def) 54 265.33 B
+0.25 0.39 (ine their o) 67.4 265.33 B
+0.25 0.39 (wn memory pointers or to access ph) 112.51 265.33 B
+0.25 0.39 (ysical) 271.71 265.33 B
+-0.01 (memory directly) 54 254.33 P
+-0.01 (. This pre) 119.72 254.33 P
+-0.01 (v) 157.5 254.33 P
+-0.01 (ents an applet from accessing and) 162.35 254.33 P
+-0 (modifying critical parts of the security system. The language) 54 243.33 P
+0.25 0.11 (tracks the type of ne) 54 232.33 B
+0.25 0.11 (wly created classes and objects so that) 138.1 232.33 B
+0.25 0.48 (an applet cannot for) 54 221.33 B
+0.25 0.48 (ge its o) 143.88 221.33 B
+0.25 0.48 (wn class loader or security) 176.87 221.33 B
+-0.18 (manager) 54 210.33 P
+-0.18 (. The Ja) 87.88 210.33 P
+-0.18 (v) 118.7 210.33 P
+-0.18 (a language also has se) 123.45 210.33 P
+-0.18 (v) 210.78 210.33 P
+-0.18 (eral other checks for) 215.63 210.33 P
+0.25 0.03 (memory and pointer ab) 54 199.33 B
+0.25 0.03 (use which could weak) 148.1 199.33 B
+0.25 0.03 (en the security) 237.84 199.33 B
+(system.) 54 188.33 T
+0.25 0.39 (In addition to making Ja) 54 169.33 B
+0.25 0.39 (v) 161.38 169.33 B
+0.25 0.39 (a a more secure system, these) 166.52 169.33 B
+0.25 0.11 (language features also mak) 54 158.33 B
+0.25 0.11 (e Ja) 166.1 158.33 B
+0.25 0.11 (v) 181.86 158.33 B
+0.25 0.11 (a programs safer and more) 186.72 158.33 B
+0.05 (reliable. Studies ha) 54 147.33 P
+0.05 (v) 130.27 147.33 P
+0.05 (e sho) 135.12 147.33 P
+0.05 (wn that 40% to 50% of all b) 155.75 147.33 P
+0.05 (ugs are) 268.36 147.33 P
+0.25 0.23 (caused by errors in memory management. By automating) 54 136.33 B
+0.25 0.04 (memory management, Ja) 54 125.33 B
+0.25 0.04 (v) 155.37 125.33 B
+0.25 0.04 (a eliminates a lar) 160.15 125.33 B
+0.25 0.04 (ge class of b) 229.46 125.33 B
+0.25 0.04 (ugs;) 280.21 125.33 B
+(this results in more stable and reliable code.) 54 114.33 T
+1 F
+(Security Thr) 54 92.33 T
+(ough Openness) 112.15 92.33 T
+0 F
+0.25 0.27 (In the past, man) 54 76.33 B
+0.25 0.27 (y computer and netw) 122.74 76.33 B
+0.25 0.27 (ork systems tried to) 212.59 76.33 B
+0.25 0.09 (maintain security by hiding the inner w) 54 65.33 B
+0.25 0.09 (orks and policies of) 216 65.33 B
+0.25 0.61 (the system. This practice, kno) 315 731.33 B
+0.25 0.61 (wn as security through) 453.56 731.33 B
+0.25 0.31 (obscurity) 315 720.33 B
+0.25 0.31 (, assumed that if the system w) 354.37 720.33 B
+0.25 0.31 (as presented as a) 485.36 720.33 B
+0.25 0.25 (black box then no one w) 315 709.33 B
+0.25 0.25 (ould e) 419.84 709.33 B
+0.25 0.25 (xpend the ef) 446.14 709.33 B
+0.25 0.25 (fort needed to) 498.77 709.33 B
+0.25 0.32 (disco) 315 698.33 B
+0.25 0.32 (v) 337.55 698.33 B
+0.25 0.32 (er the hidden vulnerabilities. The e) 342.72 698.33 B
+0.25 0.32 (xistence of the) 494.72 698.33 B
+0.25 0.05 (CER) 315 687.33 B
+0.25 0.05 (T/CC and a number of well publicized netw) 334.01 687.33 B
+0.25 0.05 (ork attacks) 513.62 687.33 B
+0.25 0.8 (in recent years demonstrate that this assumption is) 315 676.33 B
+0.13 (unfounded; the box is ne) 315 665.33 P
+0.13 (v) 414.17 665.33 P
+0.13 (er black enough. This is especially) 419.02 665.33 P
+0.25 0.12 (true for commercially successful systems. F) 315 654.33 B
+0.25 0.12 (or such widely) 497 654.33 B
+0.25 0.09 (used systems, too man) 315 643.33 B
+0.25 0.09 (y people kno) 407.56 643.33 B
+0.25 0.09 (w the internal w) 460.59 643.33 B
+0.25 0.09 (orkings) 527.44 643.33 B
+0.03 (of the system for the details to remain secret and the re) 315 632.33 P
+0.03 (w) 534.22 632.33 P
+0.03 (ards) 541.34 632.33 P
+(for breaking into the system are too great.) 315 621.33 T
+0.03 (Sun took the opposite approach, and published all the details) 315 602.33 P
+0.25 0.23 (of Ja) 315 591.33 B
+0.25 0.23 (v) 335.36 591.33 B
+0.25 0.23 (a security model when Ja) 340.34 591.33 B
+0.25 0.23 (v) 447.77 591.33 B
+0.25 0.23 (a w) 452.75 591.33 B
+0.25 0.23 (as f) 467.75 591.33 B
+0.25 0.23 (irst released. This) 482.53 591.33 B
+0.25 0.79 (included the design specif) 315 580.33 B
+0.25 0.79 (ications for the language) 439.79 580.33 B
+0.25 1.2 (mechanisms and the sandbox, and a full source) 315 569.33 B
+0.25 0.28 (implementation. This approach, dubbed security through) 315 558.33 B
+0.25 0.02 (openness, w) 315 547.33 B
+0.25 0.02 (as intended to encourage security researchers to) 364.3 547.33 B
+0.25 0.31 (e) 315 536.33 B
+0.25 0.31 (xamine the Ja) 319.6 536.33 B
+0.25 0.31 (v) 378.98 536.33 B
+0.25 0.31 (a model and to report an) 384.04 536.33 B
+0.25 0.31 (y security f) 490.17 536.33 B
+0.25 0.31 (la) 538.88 536.33 B
+0.25 0.31 (ws) 546.58 536.33 B
+0 (found; the \337a) 315 525.33 P
+0 (ws could be \336x) 368.18 525.33 P
+0 (ed before attacks based on those) 428.86 525.33 P
+0.25 0.11 (f) 315 514.33 B
+0.25 0.11 (la) 317.89 514.33 B
+0.25 0.11 (ws could become endemic on the W) 325.18 514.33 B
+0.25 0.11 (eb) 474.41 514.33 B
+0.25 0.11 (. Security through) 483.67 514.33 B
+0.25 0.36 (openness also allo) 315 503.33 B
+0.25 0.36 (ws an) 394.46 503.33 B
+0.25 0.36 (y or) 419.4 503.33 B
+0.25 0.36 (g) 436.73 503.33 B
+0.25 0.36 (anization to study the Ja) 442.04 503.33 B
+0.25 0.36 (v) 548.45 503.33 B
+0.25 0.36 (a) 553.56 503.33 B
+-0.11 (security model in detail and mak) 315 492.33 P
+-0.11 (e an informed assessment of) 445.15 492.33 P
+(the potential risks v) 315 481.33 T
+(ersus the bene\336ts of the Ja) 393.46 481.33 T
+(v) 498.52 481.33 T
+(a platform.) 503.27 481.33 T
+1 F
+(The Ja) 315 459.33 T
+(v) 346.53 459.33 T
+(a Security F) 351.89 459.33 T
+(A) 407.78 459.33 T
+(Q) 414.6 459.33 T
+0 F
+0.25 0.07 (K) 315 443.33 B
+0.25 0.07 (eeping current is as important for Ja) 322.04 443.33 B
+0.25 0.07 (v) 469.65 443.33 B
+0.25 0.07 (a security as it is for) 474.47 443.33 B
+0.25 0.35 (general security) 315 432.33 B
+0.25 0.35 (. T) 383.72 432.33 B
+0.25 0.35 (o f) 395.32 432.33 B
+0.25 0.35 (acilitate this, Sun maintains a Ja) 407.33 432.33 B
+0.25 0.35 (v) 548.46 432.33 B
+0.25 0.35 (a) 553.56 432.33 B
+0.25 0.29 (Security Frequently Ask) 315 421.33 B
+0.25 0.29 (ed Questions \050F) 419.88 421.33 B
+0.25 0.29 (A) 487.35 421.33 B
+0.25 0.29 (Q\051 page on the) 494.31 421.33 B
+0.25 0.77 (Ja) 315 410.33 B
+0.25 0.77 (v) 324.67 410.33 B
+0.25 0.77 (a web site. This F) 330.2 410.33 B
+0.25 0.77 (A) 415.18 410.33 B
+0.25 0.77 (Q can be found at) 422.63 410.33 B
+4 F
+0.6 0.77 (http://) 511.37 410.33 B
+0.6 0.15 (java.sun.com/sfaq.) 315 399.33 B
+0 F
+0.25 0.15 ( The F) 425.68 399.33 B
+0.25 0.15 (A) 452.45 399.33 B
+0.25 0.15 (Q contains more details) 459.26 399.33 B
+0.25 0.1 (on kno) 315 388.33 B
+0.25 0.1 (wn vulnerabilities, the status of these vulnerabilities) 343.1 388.33 B
+0.25 0.51 (and, when a) 315 377.33 B
+0.25 0.51 (v) 368.95 377.33 B
+0.25 0.51 (ailable, dates and release numbers of the) 374.21 377.33 B
+0.05 (v) 315 366.33 P
+0.05 (ersion of Ja) 319.85 366.33 P
+0.05 (v) 365.85 366.33 P
+0.05 (a in which the vulnerabilities were \336x) 370.6 366.33 P
+0.05 (ed. More) 521.85 366.33 P
+0.25 0.43 (security related information can be found at) 315 355.33 B
+4 F
+0.6 0.43 (http://) 513.44 355.33 B
+(java.sun.com/security) 315 344.33 T
+0 F
+(.) 440.35 344.33 T
+0.25 0.14 (Se) 315 325.33 B
+0.25 0.14 (v) 325.02 325.33 B
+0.25 0.14 (eral other or) 330.01 325.33 B
+0.25 0.14 (g) 380.97 325.33 B
+0.25 0.14 (anizations are also tracking Ja) 386.06 325.33 B
+0.25 0.14 (v) 511.05 325.33 B
+0.25 0.14 (a security) 515.94 325.33 B
+0.25 0.14 (.) 555.5 325.33 B
+0.25 0.5 (The CER) 315 314.33 B
+0.25 0.5 (T/CC has released se) 355.68 314.33 B
+0.25 0.5 (v) 450.43 314.33 B
+0.25 0.5 (eral advisories on Ja) 455.78 314.33 B
+0.25 0.5 (v) 548.3 314.33 B
+0.25 0.5 (a) 553.56 314.33 B
+0.25 0.2 (Security) 315 303.33 B
+0.25 0.2 (. These vulnerabilities ha) 349.3 303.33 B
+0.25 0.2 (v) 455.63 303.33 B
+0.25 0.2 (e closely paralleled the) 460.69 303.33 B
+0.25 0.22 (vulnerabilities listed abo) 315 292.33 B
+0.25 0.22 (v) 419.26 292.33 B
+0.25 0.22 (e and in the Ja) 424.32 292.33 B
+0.25 0.22 (v) 485.55 292.33 B
+0.25 0.22 (a Security F) 490.52 292.33 B
+0.25 0.22 (A) 541.18 292.33 B
+0.25 0.22 (Q.) 548.07 292.33 B
+0.25 0.48 (Details are from the CER) 315 281.33 B
+0.25 0.48 (T/CC web site. Se) 428.59 281.33 B
+0.25 0.48 (v) 510.05 281.33 B
+0.25 0.48 (eral other) 515.38 281.33 B
+0.25 0.02 (or) 315 270.33 B
+0.25 0.02 (g) 323.19 270.33 B
+0.25 0.02 (anizations, including researchers at Princeton Uni) 328.16 270.33 B
+0.25 0.02 (v) 528.95 270.33 B
+0.25 0.02 (ersity) 533.82 270.33 B
+0.25 0.02 (,) 555.5 270.33 B
+0.01 (ha) 315 259.33 P
+0.01 (v) 324.24 259.33 P
+0.01 (e been in) 329.09 259.33 P
+0.01 (v) 364.81 259.33 P
+0.01 (estig) 369.66 259.33 P
+0.01 (ating Ja) 388.5 259.33 P
+0.01 (v) 419.14 259.33 P
+0.01 (a security) 423.89 259.33 P
+0.01 (. The Princeton \336ndings) 461.86 259.33 P
+0.25 0.24 (can be found at) 315 248.33 B
+4 F
+0.6 0.24 (http://www.cs.princeton.edu/) 383.64 248.33 B
+(sip/) 315 237.33 T
+0 F
+(.) 339 237.33 T
+1 F
+(EXTENDING J) 315 214.33 T
+(A) 381.48 214.33 T
+(V) 387.9 214.33 T
+(A SECURITY) 393.77 214.33 T
+(Security Modeling) 315 191.33 T
+0 F
+0.25 0.22 (While man) 315 175.33 B
+0.25 0.22 (y e) 361.19 175.33 B
+0.25 0.22 (xperts agree that the Ja) 373.88 175.33 B
+0.25 0.22 (v) 471.48 175.33 B
+0.25 0.22 (a Security model is) 476.44 175.33 B
+0.25 0.22 (basically sound, there is a concern that the model has not) 315 164.33 B
+-0.01 (been e) 315 153.33 P
+-0.01 (xamined in enough detail to ensure that the sandbox is) 340.65 153.33 P
+0.25 0.17 (as secure as is claimed. There is also the possibility that a) 315 142.33 B
+0.25 0.02 (particular implementation of the Ja) 315 131.33 B
+0.25 0.02 (v) 456.47 131.33 B
+0.25 0.02 (a security model suf) 461.24 131.33 B
+0.25 0.02 (fers) 542.95 131.33 B
+0.25 0.03 (from b) 315 120.33 B
+0.25 0.03 (ugs and other coding errors which could be e) 342.14 120.33 B
+0.25 0.03 (xploited) 525.04 120.33 B
+0.25 0.41 (by a malicious applet which wished to break out of the) 315 109.33 B
+0.25 0.31 (sandbox. Finally) 315 98.33 B
+0.25 0.31 (, there could be une) 386.15 98.33 B
+0.25 0.31 (xpected interactions) 471.69 98.33 B
+0.25 0.13 (between Ja) 315 87.33 B
+0.25 0.13 (v) 360.48 87.33 B
+0.25 0.13 (a applets and other parts of the netw) 365.36 87.33 B
+0.25 0.13 (ork which) 516.45 87.33 B
+0.06 (could be e) 315 76.33 P
+0.06 (xploited. Problems which e) 356.07 76.33 P
+0.06 (xploit all three of these) 465.55 76.33 P
+(cate) 315 65.33 T
+(gories ha) 330.95 65.33 T
+(v) 367.13 65.33 T
+(e been reported.) 371.98 65.33 T
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "5" 5
+%%Page: "6" 6
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 18 558 45 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 39.67 T
+(6) 306 39.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 0.22 (F) 54 731.33 B
+0.25 0.22 (or these reasons, Sun has initiated an independent, third) 59.63 731.33 B
+0.25 0.72 (party security modeling ef) 54 720.33 B
+0.25 0.72 (fort. The f) 178.44 720.33 B
+0.25 0.72 (irst step, being) 227.11 720.33 B
+0.25 0.02 (conducted by security consultant Blackw) 54 709.33 B
+0.25 0.02 (atch Inc. \050) 219.97 709.33 B
+4 F
+0.6 0.02 (http:/) 260.92 709.33 B
+0.6 0.61 (/www.blackwatch.com) 54 698.33 B
+0 F
+0.25 0.61 (\051, will produce a Security) 179.5 698.33 B
+0.25 0.41 (Reference Model. The Reference Model will document) 54 687.33 B
+(Ja) 54 676.33 T
+(v) 62.13 676.33 T
+(a\325) 66.88 676.33 T
+(s security model in rigorous detail.) 74.1 676.33 T
+0.25 0.04 (The second step will be to de) 54 657.33 B
+0.25 0.04 (v) 172.93 657.33 B
+0.25 0.04 (elop a more rigorous security) 177.81 657.33 B
+0.07 (compatibility test suite based on the Reference Model. Since) 54 646.33 P
+0.25 0.23 (each Ja) 54 635.33 B
+0.25 0.23 (v) 84.82 635.33 B
+0.25 0.23 (a licensee is free to re-implement portions of the) 89.8 635.33 B
+-0.04 (Ja) 54 624.33 P
+-0.04 (v) 62.13 624.33 P
+-0.04 (a V) 66.88 624.33 P
+-0.04 (irtual Machine, the ne) 80.4 624.33 P
+-0.04 (w test suite will ensure that both) 167.79 624.33 P
+0.25 0.57 (Sun and all licensees ha) 54 613.33 B
+0.25 0.57 (v) 164.05 613.33 B
+0.25 0.57 (e correctly implemented the) 169.47 613.33 B
+0.25 0.06 (Reference Model. This test suite will be an enhancement to) 54 602.33 B
+0.82 1.25 (the test suite already used to ensure that Ja) 54 591.33 B
+0.82 1.25 (v) 286.56 591.33 B
+0.82 1.25 (a) 292.56 591.33 B
+(implementations comply with the Ja) 54 580.33 T
+(v) 198.8 580.33 T
+(a standard.) 203.55 580.33 T
+-0.22 (The third step will be to commission independent, third party) 54 561.33 P
+0.25 0.12 (assessments of Sun\325) 54 550.33 B
+0.25 0.12 (s reference implementation of the Ja) 136.88 550.33 B
+0.25 0.12 (v) 287.68 550.33 B
+0.25 0.12 (a) 292.56 550.33 B
+0.25 0.19 (standard. This assessment ef) 54 539.33 B
+0.25 0.19 (fort relies on ha) 173.61 539.33 B
+0.25 0.19 (ving a formal) 240.38 539.33 B
+0.25 0.08 (model specif) 54 528.33 B
+0.25 0.08 (ied so that the implementation can be assessed) 106 528.33 B
+(in the conte) 54 517.33 T
+(xt of the assertions of the security model.) 100.51 517.33 T
+(This re) 54 498.33 T
+(vie) 81.8 498.33 T
+(w is e) 93.77 498.33 T
+(xpected to be complete by the f) 116.95 498.33 T
+(all of 1996.) 242.38 498.33 T
+1 F
+(Ne) 54 476.33 T
+(w Security F) 66.63 476.33 T
+(acilities) 125.34 476.33 T
+0 F
+0.25 0.05 (The sandbox model described abo) 54 460.33 B
+0.25 0.05 (v) 193.15 460.33 B
+0.25 0.05 (e protects the end-user\325) 198.05 460.33 B
+0.25 0.05 (s) 293.11 460.33 B
+0.25 0.1 (machine and netw) 54 449.33 B
+0.25 0.1 (ork) 128.73 449.33 B
+0.25 0.1 (ed computing resources from damage) 142.25 449.33 B
+0.25 0.04 (or theft by a malicious applet. Users can run untrusted code) 54 438.33 B
+0.25 0.5 (obtained from the netw) 54 427.33 B
+0.25 0.5 (ork without undue risk to their) 158.74 427.33 B
+(system.) 54 416.33 T
+0.25 0.1 (The sandbox model does not address se) 54 397.33 B
+0.25 0.1 (v) 217.45 397.33 B
+0.25 0.1 (eral other security) 222.41 397.33 B
+0.25 0.17 (and pri) 54 386.33 B
+0.25 0.17 (v) 83.28 386.33 B
+0.25 0.17 (ac) 88.2 386.33 B
+0.25 0.17 (y issues. Authentication is needed, to guarantee) 97.28 386.33 B
+0.25 0.1 (that an applet comes from the place it claims to ha) 54 375.33 B
+0.25 0.1 (v) 262.68 375.33 B
+0.25 0.1 (e come) 267.63 375.33 B
+0.25 0.38 (from. Digitally signed and authenticated applets can be) 54 364.33 B
+-0.03 (promoted to the status of trusted applets, and then allo) 54 353.33 P
+-0.03 (wed to) 270.09 353.33 P
+0.25 0.12 (run with fe) 54 342.33 B
+0.25 0.12 (wer security restrictions. Encryption can ensure) 99.48 342.33 B
+0.25 0.25 (the pri) 54 331.33 B
+0.25 0.25 (v) 81.58 331.33 B
+0.25 0.25 (ac) 86.58 331.33 B
+0.25 0.25 (y of data passed between an applet client and a) 95.81 331.33 B
+0.25 0.21 (serv) 54 320.33 B
+0.25 0.21 (er on the Internet. W) 71.36 320.33 B
+0.25 0.21 (ork is underw) 159.05 320.33 B
+0.25 0.21 (ay to e) 217.2 320.33 B
+0.25 0.21 (xtend Ja) 245.7 320.33 B
+0.25 0.21 (v) 280.5 320.33 B
+0.25 0.21 (a\325) 285.46 320.33 B
+0.25 0.21 (s) 293.11 320.33 B
+(security model into each of these areas.) 54 309.33 T
+3 F
+(Signed J) 54 290.33 T
+(AR \336les) 95.48 290.33 T
+0 F
+0.25 0.37 (All netw) 54 271.33 B
+0.25 0.37 (ork) 91.85 271.33 B
+0.25 0.37 (ed systems are potentially vulnerable to the) 106.19 271.33 B
+0.25 0.05 (\322Man-in-the-Middle\323 attack. In this attack, a client contacts) 54 260.33 B
+0.2 (a le) 54 249.33 P
+0.2 (gitimate serv) 68.21 249.33 P
+0.2 (er on the netw) 120.19 249.33 P
+0.2 (ork and requests some action.) 177.62 249.33 P
+0.25 0.07 (The attack) 54 238.33 B
+0.25 0.07 (er) 96.82 238.33 B
+0.25 0.07 (, or man in the middle, notices this request and) 104.34 238.33 B
+0.25 0.07 (w) 54 227.33 B
+0.25 0.07 (aits for the serv) 61.19 227.33 B
+0.25 0.07 (er to respond. The attack) 124.83 227.33 B
+0.25 0.07 (er then intercepts) 226.51 227.33 B
+0.25 0.21 (the response and supplies a bogus reply to the client. The) 54 216.33 B
+0.25 0.15 (client then acts on the bogus information, or possibly runs) 54 205.33 B
+0.25 0.29 (the program supplied by the attack) 54 194.33 B
+0.25 0.29 (er) 203.49 194.33 B
+0.25 0.29 (, gi) 211.43 194.33 B
+0.25 0.29 (ving the attack) 225.36 194.33 B
+0.25 0.29 (er) 288.94 194.33 B
+0.23 (access to the client machine. F) 54 183.33 P
+0.23 (or e) 177.19 183.33 P
+0.23 (xample, an attack) 192.54 183.33 P
+0.23 (er might) 263.16 183.33 P
+0.25 0.27 (w) 54 172.33 B
+0.25 0.27 (atch an Internet-based banking site. As clients visit the) 61.39 172.33 B
+-0.06 (page which pro) 54 161.33 P
+-0.06 (vides bill paying services, the attack) 115.38 161.33 P
+-0.06 (er di) 259.97 161.33 P
+-0.06 (v) 277.71 161.33 P
+-0.06 (erts) 282.56 161.33 P
+0.25 0.05 (the bank\325) 54 150.33 B
+0.25 0.05 (s responses and pro) 91.64 150.33 B
+0.25 0.05 (vides a malicious applet which) 171.23 150.33 B
+-0.15 (mimics the bank\325) 54 139.33 P
+-0.15 (s service, b) 122.59 139.33 P
+-0.15 (ut also steals a cop) 166.79 139.33 P
+-0.15 (y of the user\325) 241.07 139.33 P
+-0.15 (s) 293.11 139.33 P
+(credit card and bank account numbers.) 54 128.33 T
+-0.16 (This attack can be thw) 54 109.33 P
+-0.16 (arted by applying \322digital shrinkwrap\323) 143.23 109.33 P
+0.25 0.04 (to the applet. W) 54 98.33 B
+0.25 0.04 (e trust ph) 118.41 98.33 B
+0.25 0.04 (ysical softw) 156.45 98.33 B
+0.25 0.04 (are we ha) 205.08 98.33 B
+0.25 0.04 (v) 244.02 98.33 B
+0.25 0.04 (e purchased) 248.91 98.33 B
+-0.23 (because its packaging sho) 54 87.33 P
+-0.23 (ws who produced the softw) 156.64 87.33 P
+-0.23 (are, and) 265.58 87.33 P
+-0.16 (the shrinkwrap sho) 54 76.33 P
+-0.16 (ws that the product has not been tampered) 129.53 76.33 P
+0.25 0.26 (with. If the producer has a good reputation for pro) 54 65.33 B
+0.25 0.26 (viding) 270.11 65.33 B
+0.25 0.03 (softw) 315 731.33 B
+0.25 0.03 (are which does not tak) 337.29 731.33 B
+0.25 0.03 (e an) 428.92 731.33 B
+0.25 0.03 (y hostile actions ag) 445.54 731.33 B
+0.25 0.03 (ainst the) 523.87 731.33 B
+0.25 0.23 (user) 315 720.33 B
+0.25 0.23 (, then we can install the product with some de) 332.19 720.33 B
+0.25 0.23 (gree of) 528.31 720.33 B
+(con\336dence.) 315 709.33 T
+0.25 0.3 (\322Signed applets\323 gi) 315 690.33 B
+0.25 0.3 (v) 398.65 690.33 B
+0.25 0.3 (e us the same le) 403.8 690.33 B
+0.25 0.3 (v) 472.61 690.33 B
+0.25 0.3 (el of conf) 477.76 690.33 B
+0.25 0.3 (idence in) 519 690.33 B
+-0.03 (netw) 315 679.33 P
+-0.03 (ork distrib) 334.34 679.33 P
+-0.03 (uted softw) 375.51 679.33 P
+-0.03 (are. T) 417.32 679.33 P
+-0.03 (o sign an applet, the producer) 439.82 679.33 P
+0.25 0.09 (f) 315 668.33 B
+0.25 0.09 (irst b) 317.87 668.33 B
+0.25 0.09 (undles all the Ja) 338.75 668.33 B
+0.25 0.09 (v) 405.01 668.33 B
+0.25 0.09 (a code and related f) 409.85 668.33 B
+0.25 0.09 (iles into a single) 490.42 668.33 B
+0.12 (\336le called a Ja) 315 657.33 P
+0.12 (v) 372.09 657.33 P
+0.12 (a Archi) 376.84 657.33 P
+0.12 (v) 406.42 657.33 P
+0.12 (e, or J) 411.27 657.33 P
+0.12 (AR. The producer then creates) 435.06 657.33 P
+-0.1 (a string called a digital signature based on the contents of the) 315 646.33 P
+0.25 0.26 (J) 315 635.33 B
+0.25 0.26 (AR. The full details of digital signatures are be) 318.55 635.33 B
+0.25 0.26 (yond the) 521.2 635.33 B
+0.25 0.4 (scope of this white paper) 315 624.33 B
+0.25 0.4 (. More details can be found in) 425.32 624.33 B
+0.25 0.42 (\322) 315 613.33 B
+0.25 0.42 (Applied Cryptograph) 319.06 613.33 B
+0.25 0.42 (y) 412.55 613.33 B
+0.25 0.42 (,) 417.32 613.33 B
+0.25 0.42 (\323 by Bruce Schneier) 419.55 613.33 B
+0.25 0.42 (, as well as) 508.73 613.33 B
+(numerous other cryptographic reference books.) 315 602.33 T
+0.25 0.45 (J) 315 583.33 B
+0.25 0.45 (AR f) 318.74 583.33 B
+0.25 0.45 (iles solv) 339.97 583.33 B
+0.25 0.45 (e another problem. Currently) 377.21 583.33 B
+0.25 0.45 (, man) 506.08 583.33 B
+0.25 0.45 (y Ja) 530.66 583.33 B
+0.25 0.45 (v) 548.36 583.33 B
+0.25 0.45 (a) 553.56 583.33 B
+-0.16 (applets tak) 315 572.33 P
+-0.16 (e a v) 357.79 572.33 P
+-0.16 (ery long time to do) 376.2 572.33 P
+-0.16 (wnload and be) 451.42 572.33 P
+-0.16 (gin running.) 509.27 572.33 P
+0.25 0.09 (This can be anno) 315 561.33 B
+0.25 0.09 (ying e) 385.12 561.33 B
+0.25 0.09 (v) 410.38 561.33 B
+0.25 0.09 (en for those users with a v) 415.32 561.33 B
+0.25 0.09 (ery high) 524.07 561.33 B
+0.25 0.51 (speed link to the Internet. The problem is that current) 315 550.33 B
+0.25 0.15 (Internet protocols mo) 315 539.33 B
+0.25 0.15 (v) 404.67 539.33 B
+0.25 0.15 (e web pages across the Internet one) 409.67 539.33 B
+0.25 0.09 (f) 315 528.33 B
+0.25 0.09 (ile at a time. Since there is some o) 317.87 528.33 B
+0.25 0.09 (v) 460.05 528.33 B
+0.25 0.09 (erhead associated with) 464.99 528.33 B
+0.07 (each request for a \336le, web pages and Ja) 315 517.33 P
+0.07 (v) 476.12 517.33 P
+0.07 (a applets which are) 480.88 517.33 P
+0.25 0.55 (composed of man) 315 506.33 B
+0.25 0.55 (y small f) 394.63 506.33 B
+0.25 0.55 (iles might spend more time) 434.48 506.33 B
+0.09 (requesting those \336les and w) 315 495.33 P
+0.09 (aiting for replies than the) 426.35 495.33 P
+0.09 (y spend) 527.08 495.33 P
+-0.12 (actually mo) 315 484.33 P
+-0.12 (ving the information. Since a J) 361.67 484.33 P
+-0.12 (AR \336le b) 483.27 484.33 P
+-0.12 (undles all) 519.51 484.33 P
+0.15 (the information needed by the applet and its web page into a) 315 473.33 P
+0.25 0.08 (single f) 315 462.33 B
+0.25 0.08 (ile, the entire page can be do) 345.02 462.33 B
+0.25 0.08 (wnloaded with a single) 463.19 462.33 B
+0.25 0.13 (request. F) 315 451.33 B
+0.25 0.13 (or man) 355.86 451.33 B
+0.25 0.13 (y pages this will greatly reduce do) 384.81 451.33 B
+0.25 0.13 (wnload) 527.9 451.33 B
+(times.) 315 440.33 T
+0.25 0.57 (J) 315 421.33 B
+0.25 0.57 (ARs and digital signatures can also be used for Ja) 318.86 421.33 B
+0.25 0.57 (v) 548.23 421.33 B
+0.25 0.57 (a) 553.56 421.33 B
+0.25 0.12 (applications. While Ja) 315 410.33 B
+0.25 0.12 (v) 406.55 410.33 B
+0.25 0.12 (a applications are more trustw) 411.42 410.33 B
+0.25 0.12 (orth) 536.46 410.33 B
+0.25 0.12 (y) 553 410.33 B
+0.25 0.01 (than applets because the) 315 399.33 B
+0.25 0.01 (y do not tra) 412.84 399.33 B
+0.25 0.01 (v) 459.38 399.33 B
+0.25 0.01 (el o) 464.24 399.33 B
+0.25 0.01 (v) 479.12 399.33 B
+0.25 0.01 (er the Internet and) 483.98 399.33 B
+0.25 0.1 (are subject to an or) 315 388.33 B
+0.25 0.1 (g) 393.86 388.33 B
+0.25 0.1 (anizations traditional security policies,) 398.91 388.33 B
+0.25 0.49 (applications are subject to se) 315 377.33 B
+0.25 0.49 (v) 445.39 377.33 B
+0.25 0.49 (eral types of attack. F) 450.73 377.33 B
+0.25 0.49 (or) 549.18 377.33 B
+0.25 0.08 (e) 315 366.33 B
+0.25 0.08 (xample, viruses spread by modifying e) 319.37 366.33 B
+0.25 0.08 (xisting applications) 478.25 366.33 B
+0.25 0.21 (to include a cop) 315 355.33 B
+0.25 0.21 (y of the virus. Since a virus w) 382.67 355.33 B
+0.25 0.21 (ould not be) 510.36 355.33 B
+0.08 (able to produce a v) 315 344.33 P
+0.08 (alid signature for the altered program, the) 391.16 344.33 P
+0.25 0.08 (Ja) 315 333.33 B
+0.25 0.08 (v) 323.3 333.33 B
+0.25 0.08 (a system could detect that a signed application has been) 328.13 333.33 B
+0.25 0.03 (tampered with, and refuse to run it. Since the J) 315 322.33 B
+0.25 0.03 (AR signature) 504.38 322.33 B
+0.25 0 (system will w) 315 311.33 B
+0.25 0 (ork with all types of information, not just Ja) 371.01 311.33 B
+0.25 0 (v) 548.81 311.33 B
+0.25 0 (a) 553.56 311.33 B
+-0.22 (\336les, J) 315 300.33 P
+-0.22 (AR signatures can also be used to protect data \336les and) 339.73 300.33 P
+(other information.) 315 289.33 T
+0.25 0.26 (Signed J) 315 270.33 B
+0.25 0.26 (AR f) 350.91 270.33 B
+0.25 0.26 (iles will be included in Ja) 371.38 270.33 B
+0.25 0.26 (v) 481.42 270.33 B
+0.25 0.26 (a release 1.1 and) 486.43 270.33 B
+(should be a) 315 259.33 T
+(v) 360.35 259.33 T
+(ailable by the end of 1996.) 365.1 259.33 T
+3 F
+(Fle) 315 240.33 T
+(xib) 329.3 240.33 T
+(le P) 343.65 240.33 T
+(olicies) 361.04 240.33 T
+0 F
+0.04 (Since digital signatures allo) 315 221.33 P
+0.04 (w us to assign to Ja) 425.69 221.33 P
+0.04 (v) 503.18 221.33 P
+0.04 (a applets the) 507.93 221.33 P
+0.25 0.53 (same le) 315 210.33 B
+0.25 0.53 (v) 348.97 210.33 B
+0.25 0.53 (el of trust which we assign to shrinkwrapped) 354.35 210.33 B
+0.25 0.39 (applications, it may be useful to relax the Ja) 315 199.33 B
+0.25 0.39 (v) 510.51 199.33 B
+0.25 0.39 (a security) 515.65 199.33 B
+-0.21 (restrictions for some applets. F) 315 188.33 P
+-0.21 (or e) 437.63 188.33 P
+-0.21 (xample, it w) 452.54 188.33 P
+-0.21 (ould be useful) 501.75 188.33 P
+0.25 0.08 (if the home banking applet described abo) 315 177.33 B
+0.25 0.08 (v) 484.6 177.33 B
+0.25 0.08 (e could establish) 489.53 177.33 B
+0.25 0.41 (its o) 315 166.33 B
+0.25 0.41 (wn directory on the user\325) 333.98 166.33 B
+0.25 0.41 (s hard disk. It could store) 445.1 166.33 B
+-0.13 (account and credit card numbers, passw) 315 155.33 P
+-0.13 (ords, PINs, and other) 473.67 155.33 P
+0.25 0.05 (frequently used information so the end-user w) 315 144.33 B
+0.25 0.05 (ould not ha) 502.86 144.33 B
+0.25 0.05 (v) 548.66 144.33 B
+0.25 0.05 (e) 553.56 144.33 B
+(to constantly re-enter that information.) 315 133.33 T
+0.25 0 (Signed applets can be used to create this en) 315 114.33 B
+0.25 0 (vironment. If the) 489.98 114.33 B
+0.01 (end-user has pre) 315 103.33 P
+0.01 (viously told the Ja) 380.31 103.33 P
+0.01 (v) 453.21 103.33 P
+0.01 (a system that a particular) 457.96 103.33 P
+0.25 0.03 (web publisher) 315 92.33 B
+0.25 0.03 (, say a bank or credit card compan) 371.62 92.33 B
+0.25 0.03 (y) 511.4 92.33 B
+0.25 0.03 (, is trusted) 515.78 92.33 B
+0.25 0.06 (and a signed applet from that publisher has arri) 315 81.33 B
+0.25 0.06 (v) 507.87 81.33 B
+0.25 0.06 (ed o) 512.78 81.33 B
+0.25 0.06 (v) 530.06 81.33 B
+0.25 0.06 (er the) 534.97 81.33 B
+0.25 0.43 (Internet and been authenticated, then the Ja) 315 70.33 B
+0.25 0.43 (v) 508.39 70.33 B
+0.25 0.43 (a Security) 513.58 70.33 B
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "6" 6
+%%Page: "7" 7
+612 792 0 FMBEGINPAGE
+[0 0 0 1 0 0 0]
+[ 0 1 1 0 1 0 0]
+[ 1 0 1 0 0 1 0]
+[ 1 1 0 0 0 0 1]
+[ 1 0 0 0 0 1 1]
+[ 0 1 0 0 1 0 1]
+[ 0 0 1 0 1 1 0]
+ 7 FrameSetSepColors
+FrameNoSep
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+0 0 0 1 0 0 0 K
+54 9 558 36 R
+7 X
+0 0 0 1 0 0 0 K
+V
+0 8 Q
+0 X
+(\251 Sun Microsystems, Inc., 1996) 54 30.67 T
+(7) 306 30.67 T
+54 54 558 738 R
+7 X
+V
+0 10 Q
+0 X
+0.25 0.29 (Manager could allo) 54 731.33 B
+0.25 0.29 (w that applet out of the sandbox, and) 137.17 731.33 B
+(treat it as an application.) 54 720.33 T
+0.25 0.13 (The Security Manger could also enforce dif) 54 701.33 B
+0.25 0.13 (ferent le) 235.01 701.33 B
+0.25 0.13 (v) 269.19 701.33 B
+0.25 0.13 (els of) 274.17 701.33 B
+0.25 0.03 (control based on ho) 54 690.33 B
+0.25 0.03 (w much a particular publisher is trusted,) 133.61 690.33 B
+0.25 0.46 (or on ho) 54 679.33 B
+0.25 0.46 (w much the Internet as a whole is trusted. F) 91.29 679.33 B
+0.25 0.46 (or) 288.21 679.33 B
+0.25 0.04 (e) 54 668.33 B
+0.25 0.04 (xample, a v) 58.33 668.33 B
+0.25 0.04 (ery security-conscious user could conf) 105.47 668.33 B
+0.25 0.04 (igure the) 261.18 668.33 B
+0.25 0.6 (system to allo) 54 657.33 B
+0.25 0.6 (w signed applets to run only inside the) 118.23 657.33 B
+0.03 (sandbox, and to pre) 54 646.33 P
+0.03 (v) 132.15 646.33 P
+0.03 (ent an) 137 646.33 P
+0.03 (y unsigned applet from running at) 161.04 646.33 P
+0.25 0.24 (all. Another user might conf) 54 635.33 B
+0.25 0.24 (igure the system to allo) 174.11 635.33 B
+0.25 0.24 (w the) 273.86 635.33 B
+0.18 (banking applet to access only one particular directory on the) 54 624.33 P
+0.25 0.18 (hard disk, while a net g) 54 613.33 B
+0.25 0.18 (aming applet could access another) 152.93 613.33 B
+(directory and all other applets are restricted to the sandbox.) 54 602.33 T
+3 F
+(A) 54 583.33 T
+(uditing) 60.92 583.33 T
+0 F
+0.25 0.33 (Auditing is another important security feature. Auditing) 54 564.33 B
+0.24 (softw) 54 553.33 P
+0.24 (are maintains a record of e) 76.12 553.33 P
+0.24 (v) 183.4 553.33 P
+0.24 (erything which happens on) 188.25 553.33 P
+0.25 0.06 (the system. When something goes wrong, either through an) 54 542.33 B
+0.25 0.29 (accident or a b) 54 531.33 B
+0.25 0.29 (ug, or because of an attack, the audit trail) 117.51 531.33 B
+0.25 0.35 (allo) 54 520.33 B
+0.25 0.35 (ws systems administrators and security personnel to) 70.16 520.33 B
+-0.08 (\336gure out what happened, and ho) 54 509.33 P
+-0.08 (w to pre) 186.66 509.33 P
+-0.08 (v) 219.02 509.33 P
+-0.08 (ent a reoccurrence) 223.87 509.33 P
+0.25 0.17 (in the future. While auditing cannot pre) 54 498.33 B
+0.25 0.17 (v) 219.95 498.33 B
+0.25 0.17 (ent accidents and) 224.96 498.33 B
+0.25 0.28 (attacks, once things go wrong, it is an important tool for) 54 487.33 B
+(cleaning up the mess.) 54 476.33 T
+0.25 0.22 (While some v) 54 457.33 B
+0.25 0.22 (ersions of the Ja) 112.56 457.33 B
+0.25 0.22 (v) 181.58 457.33 B
+0.25 0.22 (a platform include limited) 186.55 457.33 B
+0.25 0.58 (auditing features, there is no standard set of auditing) 54 446.33 B
+0.25 0.2 (capabilities on which an administrator can rely) 54 435.33 B
+0.25 0.2 (, and those) 251.45 435.33 B
+0.08 (features that do e) 54 424.33 P
+0.08 (xist do not record as much detail as is often) 122.68 424.33 P
+0.25 0.49 (needed. Ef) 54 413.33 B
+0.25 0.49 (forts are under w) 101.68 413.33 B
+0.25 0.49 (ay to def) 178.72 413.33 B
+0.25 0.49 (ine what standard) 218.09 413.33 B
+0.25 0.16 (features need to be included in e) 54 402.33 B
+0.25 0.16 (v) 190.03 402.33 B
+0.25 0.16 (ery Ja) 195.05 402.33 B
+0.25 0.16 (v) 219.67 402.33 B
+0.25 0.16 (a implementation) 224.59 402.33 B
+(and ho) 54 391.33 T
+(w these features should be implemented.) 80.69 391.33 T
+3 F
+(Encr) 54 372.33 T
+(yption) 76.33 372.33 T
+0 F
+0.25 0.22 (While the sandbox and signed applets can protect ag) 54 353.33 B
+0.25 0.22 (ainst) 277.22 353.33 B
+0.25 0.13 (hostile applets and man-in-the-middle attacks, information) 54 342.33 B
+0.25 0.12 (tra) 54 331.33 B
+0.25 0.12 (v) 64.71 331.33 B
+0.25 0.12 (eling between the applet and a serv) 69.69 331.33 B
+0.25 0.12 (er on the Internet is) 215.81 331.33 B
+0.25 0.06 (still vulnerable to theft. This is because the Internet itself is) 54 320.33 B
+0.25 0.51 (an insecure medium. An attack) 54 309.33 B
+0.25 0.51 (er attached to a central) 193.79 309.33 B
+0.1 (portion of the Internet can read all information which tra) 54 298.33 P
+0.1 (v) 281.04 298.33 P
+0.1 (els) 285.89 298.33 P
+0.04 (through that portion of the Internet. The attack) 54 287.33 P
+0.04 (er could listen) 240.26 287.33 P
+0.25 0.03 (to all traf) 54 276.33 B
+0.25 0.03 (f) 91.26 276.33 B
+0.25 0.03 (ic bound for a major bank or mail order compan) 94.08 276.33 B
+0.25 0.03 (y) 290.12 276.33 B
+0.25 0.03 (,) 294.5 276.33 B
+0.25 0.1 (and simply read credit card numbers and other information) 54 265.33 B
+-0.16 (of) 54 254.33 P
+-0.16 (f the wire as it passed. T) 62.08 254.33 P
+-0.16 (o secure ag) 157.78 254.33 P
+-0.16 (ainst this type of attack,) 202.38 254.33 P
+0.25 0.27 (all information f) 54 243.33 B
+0.25 0.27 (lo) 124.15 243.33 B
+0.25 0.27 (wing between the applet and its serv) 132.23 243.33 B
+0.25 0.27 (er) 288.96 243.33 B
+(must be rendered unreadable by encrypting it.) 54 232.33 T
+-0 (Se) 54 213.33 P
+-0 (v) 63.75 213.33 P
+-0 (eral Ja) 68.6 213.33 P
+-0 (v) 94.22 213.33 P
+-0 (a encryption f) 98.97 213.33 P
+-0 (acilities are being de) 154.4 213.33 P
+-0 (v) 236.61 213.33 P
+-0 (eloped. These) 241.46 213.33 P
+0.25 0.18 (f) 54 202.33 B
+0.25 0.18 (acilities will allo) 57.41 202.33 B
+0.25 0.18 (w applet de) 127.72 202.33 B
+0.25 0.18 (v) 176.03 202.33 B
+0.25 0.18 (elopers to select the type of) 181.06 202.33 B
+0.25 0.21 (encryption algorithm used, to ne) 54 191.33 B
+0.25 0.21 (gotiate with the serv) 191.39 191.33 B
+0.25 0.21 (er to) 277.85 191.33 B
+0.25 0.16 (create the k) 54 180.33 B
+0.25 0.16 (e) 102.39 180.33 B
+0.25 0.16 (ys used in the encryption and to do the actual) 106.83 180.33 B
+(encryption of the data.) 54 169.33 T
+0.25 0.19 (While there are fe) 54 150.33 B
+0.25 0.19 (w technical challenges to implementing) 129.92 150.33 B
+0.25 0.01 (the cryptographic functionality) 54 139.33 B
+0.25 0.01 (, the US go) 178.01 139.33 B
+0.25 0.01 (v) 223.71 139.33 B
+0.25 0.01 (ernment imposes) 228.57 139.33 B
+0.01 (strict e) 54 128.33 P
+0.01 (xport controls on encryption technology) 80.8 128.33 P
+0.01 (. Since Ja) 240.75 128.33 P
+0.01 (v) 278.63 128.33 P
+0.01 (a is) 283.38 128.33 P
+0.25 0.2 (a) 54 117.33 B
+0.25 0.2 (v) 58.44 117.33 B
+0.25 0.2 (ailable w) 63.39 117.33 B
+0.25 0.2 (orld-wide, an) 101.73 117.33 B
+0.25 0.2 (y proposed cryptographic system) 157.75 117.33 B
+0.08 (must comply with these la) 54 106.33 P
+0.08 (ws. Ensuring this compliance may) 159.18 106.33 P
+(delay the release of the f) 54 95.33 T
+(acilities.) 151.92 95.33 T
+1 F
+(SUMMAR) 315 731.33 T
+(Y) 359.49 731.33 T
+0 F
+0.25 0.42 (The Ja) 315 715.33 B
+0.25 0.42 (v) 343.94 715.33 B
+0.25 0.42 (a platform supports Write Once/Run An) 349.11 715.33 B
+0.25 0.42 (ywhere) 526.48 715.33 B
+0.25 0.41 (applications. This, combined with the easy distrib) 315 704.33 B
+0.25 0.41 (ution) 535.79 704.33 B
+0.14 (mechanisms pro) 315 693.33 P
+0.14 (vided by the W) 380.26 693.33 P
+0.14 (orld W) 441.25 693.33 P
+0.14 (ide W) 469.04 693.33 P
+0.14 (eb and W) 492.54 693.33 P
+0.14 (eb-lik) 530.33 693.33 P
+0.14 (e) 553.56 693.33 P
+0.25 0.33 (systems called intranets, mak) 315 682.33 B
+0.25 0.33 (es Ja) 442.47 682.33 B
+0.25 0.33 (v) 463.34 682.33 B
+0.25 0.33 (a a po) 468.42 682.33 B
+0.25 0.33 (werful tool for) 494.54 682.33 B
+0.25 0.46 (man) 315 671.33 B
+0.25 0.46 (y netw) 333.46 671.33 B
+0.25 0.46 (ork based systems. The mobile applications) 363.33 671.33 B
+0.25 0.53 (which Ja) 315 660.33 B
+0.25 0.53 (v) 354.55 660.33 B
+0.25 0.53 (a enables \321 applications that automatically) 359.83 660.33 B
+0.25 0.08 (migrate o) 315 649.33 B
+0.25 0.08 (v) 353.9 649.33 B
+0.25 0.08 (er the netw) 358.83 649.33 B
+0.25 0.08 (ork to where the) 404.58 649.33 B
+0.25 0.08 (y are needed \321solv) 471.76 649.33 B
+0.25 0.08 (e) 553.56 649.33 B
+0.25 0.3 (man) 315 638.33 B
+0.25 0.3 (y persistent problems in application distrib) 332.96 638.33 B
+0.25 0.3 (ution and) 517.88 638.33 B
+(systems management.) 315 627.33 T
+0.25 0.22 (While mobile applications solv) 315 608.33 B
+0.25 0.22 (e the softw) 447.03 608.33 B
+0.25 0.22 (are distrib) 493.77 608.33 B
+0.25 0.22 (ution) 536.54 608.33 B
+0.25 0.18 (problem, the) 315 597.33 B
+0.25 0.18 (y also mak) 367.76 597.33 B
+0.25 0.18 (e it more lik) 413.24 597.33 B
+0.25 0.18 (ely that end-users will) 464.79 597.33 B
+0.04 (unintentionally import hostile applications into the corporate) 315 586.33 P
+0.25 0.5 (netw) 315 575.33 B
+0.25 0.5 (ork. Ja) 336.32 575.33 B
+0.25 0.5 (v) 366.49 575.33 B
+0.25 0.5 (a addresses these concerns by running all) 371.74 575.33 B
+0.25 0.41 (untrusted applications in a protected area kno) 315 564.33 B
+0.25 0.41 (wn as the) 516.49 564.33 B
+0.25 0.4 (sandbox. Applications running in the sandbox can only) 315 553.33 B
+0.25 0.09 (access local and netw) 315 542.33 B
+0.25 0.09 (ork resources through a limited set of) 403.85 542.33 B
+0.25 0.33 (trusted mechanisms. The sandbox model gi) 315 531.33 B
+0.25 0.33 (v) 502.57 531.33 B
+0.25 0.33 (es users the) 507.76 531.33 B
+0.25 0.11 (adv) 315 520.33 B
+0.25 0.11 (antages of easy) 329.51 520.33 B
+0.25 0.11 (, ad-hoc application distrib) 392.04 520.33 B
+0.25 0.11 (ution while it) 502.78 520.33 B
+(protects them from potentially malicious applications.) 315 509.33 T
+0.25 0.01 (Se) 315 490.33 B
+0.25 0.01 (v) 324.77 490.33 B
+0.25 0.01 (eral ef) 329.64 490.33 B
+0.25 0.01 (forts are underw) 354.98 490.33 B
+0.25 0.01 (ay to further enhance the sandbox) 421.11 490.33 B
+0.25 0.07 (model. Independent contractors are re) 315 479.33 B
+0.25 0.07 (vie) 469.71 479.33 B
+0.25 0.07 (wing the design of) 481.89 479.33 B
+0.25 0.14 (the sandbox to ensure that it pro) 315 468.33 B
+0.25 0.14 (vides adequate protection.) 449.3 468.33 B
+0.25 0.19 (Future releases of Ja) 315 457.33 B
+0.25 0.19 (v) 401.45 457.33 B
+0.25 0.19 (a will pro) 406.39 457.33 B
+0.25 0.19 (vide applet signing, which) 446.96 457.33 B
+0.25 0.39 (acts as digital shrinkwrap. Support for f) 315 446.33 B
+0.25 0.39 (le) 490.63 446.33 B
+0.25 0.39 (xible security) 498.49 446.33 B
+0.25 0.49 (policies, encryption and other more adv) 315 435.33 B
+0.25 0.49 (anced security) 493.92 435.33 B
+(features are also being added.) 315 424.33 T
+0.25 0.78 (An) 315 405.33 B
+0.25 0.78 (y or) 328.63 405.33 B
+0.25 0.78 (g) 347.64 405.33 B
+0.25 0.78 (anization which is considering adding Ja) 353.37 405.33 B
+0.25 0.78 (v) 548.03 405.33 B
+0.25 0.78 (a) 553.56 405.33 B
+0.25 0.09 (applications or Ja) 315 394.33 B
+0.25 0.09 (v) 386.85 394.33 B
+0.25 0.09 (a enabled softw) 391.68 394.33 B
+0.25 0.09 (are to its netw) 456.14 394.33 B
+0.25 0.09 (ork should) 514.47 394.33 B
+0.25 0.01 (carefully consider ho) 315 383.33 B
+0.25 0.01 (w Ja) 399.98 383.33 B
+0.25 0.01 (v) 418.14 383.33 B
+0.25 0.01 (a will af) 422.91 383.33 B
+0.25 0.01 (fect their current security) 456.06 383.33 B
+0.25 0 (policies. While no set of security policies can e) 315 372.33 B
+0.25 0 (v) 505.39 372.33 B
+0.25 0 (er eliminate) 510.24 372.33 B
+0.25 0.12 (all risk from a netw) 315 361.33 B
+0.25 0.12 (ork) 396.61 361.33 B
+0.25 0.12 (ed en) 410.2 361.33 B
+0.25 0.12 (vironment, understanding ho) 432.03 361.33 B
+0.25 0.12 (w) 550.78 361.33 B
+0.25 0.02 (Ja) 315 350.33 B
+0.25 0.02 (v) 323.17 350.33 B
+0.25 0.02 (a\325) 327.93 350.33 B
+0.25 0.02 (s security model w) 335.19 350.33 B
+0.25 0.02 (orks and what sorts of attacks might) 411.44 350.33 B
+0.25 0.86 (be committed ag) 315 339.33 B
+0.25 0.86 (ainst it, k) 394.96 339.33 B
+0.25 0.86 (eeping current with ne) 441.73 339.33 B
+0.25 0.86 (w) 550.78 339.33 B
+0.25 0.11 (de) 315 328.33 B
+0.25 0.11 (v) 324.41 328.33 B
+0.25 0.11 (elopments by both attack) 329.38 328.33 B
+0.25 0.11 (ers and other security of) 432.98 328.33 B
+0.25 0.11 (f) 533.17 328.33 B
+0.25 0.11 (icers,) 536.06 328.33 B
+0.25 0.31 (and e) 315 317.33 B
+0.25 0.31 (v) 337.92 317.33 B
+0.25 0.31 (aluating Ja) 342.97 317.33 B
+0.25 0.31 (v) 389.45 317.33 B
+0.25 0.31 (a in light of the or) 394.51 317.33 B
+0.25 0.31 (g) 473.66 317.33 B
+0.25 0.31 (anization\325) 478.92 317.33 B
+0.25 0.31 (s o) 521.43 317.33 B
+0.25 0.31 (v) 533.84 317.33 B
+0.25 0.31 (erall) 539 317.33 B
+(security polic) 315 306.33 T
+(y can reduce risks to an acceptable le) 369.01 306.33 T
+(v) 517.32 306.33 T
+(el.) 522.17 306.33 T
+0 0 0 1 0 0 0 K
+FMENDPAGE
+%%EndPage: "7" 7
+%%Trailer
+%%BoundingBox: 0 0 612 792
+%%PageOrder: Ascend
+%%Pages: 7
+%%DocumentFonts: Times-Roman
+%%+ Helvetica-Bold
+%%+ Times-Italic
+%%+ Helvetica-BoldOblique
+%%+ Courier
+%%EOF