Secure Systems Development with UML [1 ed.] 9783540007012, 3-540-00701-6

The correct development of security-critical computer systems is as vital as it is difficult. This book presents the ext

213 102 4MB

English Pages 317 Year 2005

Report DMCA / Copyright

DOWNLOAD PDF FILE

Recommend Papers

Model-driven development with executable uml [1st ed] 0470481633, 9780470481639

Aimed at the professional information system developer, the author starts with the basic characteristics of information

432 20 20MB Read more

Secure Communicating Systems

685 27 21MB Read more

UML with Rational Rose

424 94 33KB Read more

Mastering UML with Rational Rose

532 53 7MB Read more

Object-Oriented Analysis and Design: Understanding System Development with UML 2.0 [1 ed.] 9780470092408, 0470092408

Covering the breadth of a large topic, this book provides a thorough grounding in object-oriented concepts, the software

359 32 7MB Read more

Advanced Systems Design with Java, UML and MDA [1 ed.] 0750664967, 9780750664967

The Model Driven Architecture defines an approach where the specification of the functionality of a system can be separa

300 94 51KB Read more

The Object Primer: Agile Model-Driven Development with UML 2.0 [3 ed.] 0521540186, 9780521540186

Scott Ambler, award-winning author of Building Object Applications that Work, Process Patterns, and More Process Pattern

421 77 10MB Read more

Enterprise development with Visual Studio .NET, UML, and MSF 1590590422, 9781590590423

Written for experienced developers, team leaders, and project managers who need a structured way of creating enterprise

364 112 28MB Read more

Model-Driven Development with Executable UML 978-0-470-48163-9

A comprehensive reference for an executable UML and the advantages of modeling This book presents the most up-to-date te

358 111 20MB Read more

Object-oriented Analysis And Design: Understanding System Development With UML 2.0 [1 ed.] 9780470092408, 0470092408

Covering the breadth of a large topic, this book provides a thorough grounding in object-oriented concepts, the software

402 33 7MB Read more

Secure Systems Development with UML [1 ed.]
9783540007012, 3-540-00701-6

Author / Uploaded
Jan Jürjens

0 0 0
Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up

File loading please wait...

Citation preview

Jan Jürjens Secure Systems Development with UML

Jan Jürjens

Secure Systems Development with UML With 79 Figures

123

Jan Jürjens Dep. of Informatics Software and Systems Engineering Technische Universität München Boltzmannstr. 3 85748 München/Garching e-mail: [email protected]

Library of Congress Control Number: 2004112217

ACM Computing Classification (1998): D.2.2, D.2.4 ISBN 3-540-00701-6 Springer Berlin Heidelberg New York

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilm or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable for prosecution under the German Copyright Law. Springer is a part of Springer Science+Business Media springeronline.com © Springer-Verlag Berlin Heidelberg 2005 Printed in Germany The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. Cover design: KünkelLopka, Heidelberg Production: LE-TeX Jelonek, Schmidt & Vöckler GbR, Leipzig Typesetting: by the Authors Printed on acid-free paper 45/3142/YL - 5 4 3 2 1 0

! " # $ %

&'& "& ' & %

(

)

# $

* ! +,,-

!

!

. !

/ . 0

!

( (

Æ ) & .

.

.

.

.

1 .

.

!

2

0

. .

)

.

" %

.

! 3 4 "!34% . .

5 . 6'

.

.

* # $ .

.

.

0

' 7--8

) . .

2 9

.

. Æ '

.

Æ

: 1

6 ' "6'% (

Æ ;

¯

)

¯

½ =

. = 1 6' *

: ! &

5 ) . A +87

. ' H 9 ; &) HOL +87 ML+

) ) & H +88

ML7

!

9 +8G

MLL

4 H +>+

. ' > M8+

&

A +>>

M87

+>N

MM

9 +>,

' +! +

+M+

G+

6' ' +M+

G7

6' ' & +M,

GL

H

G8

HA & +GM

G>

H ) & +GG

+G7

G>+

H +N-

G>7

& +N7

G>L

! +N8

G>8

) +N>

G>>

* +N>

G>M

& !

* +NG

GM

+NN

GG

9 +N,

+! ! ! % N+

N7

+,+

* & * 6' +,+ N++

A L

L 8

M G * & 9 6' 7M7

5 6'& "

% +GL

GM

& +GL

N+

4 ; 7-G

N7

& 7-,

NL

4 7+-

N8

4 7+-

N>

4 7++

NM

4 7++

NG

4 ; 7+7

NN

4 7+7

N,

6' '

7+M

N+- ) 7+N N++ ) 4 7+N N+7 ) 4 7+, 5+

6' ' 7>-

' 5 '

.

) .

2

! B .

) .

! !

".

.%

# ! 9 Æ ' : * D,>℄ +G .

& D&GN℄ '

. * +,,G

&) . . 6& 9

9

6&

,++

1 9℄ ' # .

B

B $ "H % !

D& ,,℄ N>Q ℄

D& ,,℄ .

D) -+℄ &

!

( ' !

#

$; !

1 .

&

# $ D1,> ' A,N℄ *

; 4

*

(

.

.

. &

D) -+℄ 0

* '

D' -+ -+℄

) 7--+

)

'

!

7--

D5N+℄ Æ

D' D6'-L℄¿

6' ( . ( ! . . ;

(

;

=

"

%

;

0 B D0A,G℄

,

&

:

" .

%

( . (

¾ ¿

= $1 >0 ' @ &℄ 4 1 # A A

. B !

)

(

.

* .

!

. . )

11 3 ! 6

6

)

4

)

)

* L+ ) .

= .

) .

"

) * L+

buys good sells good

Customer

Business

)

. 0 1

11 3 ! )

#

&

)

$ D6'-L A+-℄ )

#

)

$ D6'-L A8℄ 1

(

)

!

)

.

9

. !

( . )

6'

R

& L7N

6' )

)

%

.

"

%

!

1

6

*

!

)

!

"

* * L7

; 6

11 ! 6'

D6'-L℄

. B

*

«Interface»

«Interface»

sending

receiving

send(d:Data)

receive():Data «send»

Sender

Receiver receive():Data transmit(d:Data)

send(d:Data)

% 0 D0A,G℄ )

#

$

D6'-L A+8℄ & " %

" % ) "

%

%

,

"

1

1

) *

. * LL )

D ℄

"

%

S S

"

%

" % " %

" " %%

;S !

.

" " %%

"%

"%

R

A

R

.

+

. 0 1 ) * LL

" #

% )

"

1

# # & " "% S ;; " ;; % "

"

entry/i:=i+1

Wait

send(d) /request()

Request

return(K,C)

> 89 ; 33 ℄ 8 33 9 Send

4 11" 7 ! )

,

!

#

)

" %

" %$ D6'-L A+L℄ 4

1

*

*

1

C " # # 4 ...

. B

-

2

(

;;S

"

"

5

"

*

" " ¼¼ " " %%% * L8

. D℄

!

)

* L8 !

" ;; % ! " " ¼ " %% S ¼

" ;; ¼ %¼ " ;; % .

.

. !

& >7

C:Client

Si :Server 8

8 33 99

8 33 ¼ 9¼

8 33 9

> 8 ¼ 8 99

> 8 8 99 ; 8 ¼¼ 8 8 999

; ℄

; ¼ ℄

8 9

33;

33;

33; 8 8 99 33; 8 ¼¼ 8 8 999

¼¼

¼

¼

33;

33;

33;

47

A " # # 4 ...

.

. 0 1

11& ' ! ) 6' +

D6'-L L+>M℄

$

*

&

$

*

11) ! ! )

#

$ D6'-L AM℄

. )

L% )

.

. D)3,M℄ )

.

=&

4"

" AC ,4

89

! 1 ½

2 " " # #

# # #" G H #

(+

& $# 4 " 6 4"

" AC ,4

89

! 1 * 8G

.

& >L )

!

. .

.

.

0 0

& L+ LL

= .

" %

" %

"

6 %

:

&' B

(-

*

(

;

( *

=

1 .

.

'

6'

.

;

S S S

!"

1

.

* 8N A

* 8M

Ë "% S

Ë "%

Ë "%

!

.

& " %

!

!

.

& " %

)

& $# 4 " 6 «secure links»

remote access

{adversary=default}

client machine get_password client apps

«secrecy»

web server access control

browser

«Internet»

6

'

server machine

«call»

"

;

*

%

!

"

!

% %

"

"

"

"

!"

* 8, .

H

3

3 ' ; 3

H !

H

&' B

)'

«secure dependency»

Key generation newkey(): Key

«interface» Random number random(): Real

Random generator

Key generator

«critical»

{high={random()}}

seed: Real

«call»

random(): Real

newkey(): Key

;℄

3

>;℄ tls.C

tls.S

init(n:Data,k:Keys,cert:Exp) xchd(mstr:Exp)

tls:

Si :Server

C:Client

8

8 33 99

8 33 ¼ 9¼

8 33 9

> 8 ¼ 8 99 ; ¼ ℄

> 8 8 99 ; 8 ¼ 8 8 999 ; ℄

8 9

33; 33; ¼ 33; 8 8 99 33; 8 ¼ 8 8 999

33;

«LAN»

serversite «Internet» serverapp

clientapp C:Client

«LAN»

clientsite

¼ 33; ¼ 33;

«send» «send»

!4

S:Server

)&

& $# 4 " 6

.

.

.

. # $ # .$

.

& "%

)

=

. . ) .

.

( $)(0 $)( ; !

$4

%

.

: .

"

'

6'

: " :%

& LL>

!" * 8++

L%

.

&

(

1 6'

.

9 6' . H D?C -7 ?1-L 0?-L ?15-L 550 -L℄ 1

: ! D8

0

.

=

;; ;;

)

;

;

;

;

" ;; %

" ;; ;; %

" ;; %

1

>8

.

.

. 0

( A !4 «data security»

TLS variant

{adversary=default}

C:Client

«critical»

; ; ; ;8 9

S:Server

C:Client

3 : 3 3

resp(shrd:Exp,cert:Exp) «send»

3 :

entry/i:=0

entry/j:=0

entry/i:=i+1

entry/j:=j+1

«send»

«critical» S:Server ; ; ;

+(

> ; ℄

> ; ℄

3

tls.C

tls.S

init(n:Data,k:Keys,cert:Exp) xchd(mstr:Exp)

tls:

Si :Server

C:Client

8

8 33 ¼ 33 ¼ 9¼ 8 33 9

> 8 8 99 ; 8 9 8 ¼ 8 8 999 ;

8 ¼ 8 8 999 ; ℄ 33; 33; ¼ 33; 8 8 99 33; 8 ¼ 8 8 999

8 33 99

> 8 ¼ 8 99 ; ¼℄

33;

serversite

«LAN»

clientsite

¼ 33; ¼ 33;

«LAN»

«Internet» serverapp

clientapp C:Client

«send»

S:Server

«send»

@ !4 1

+)

( A

.

!

.

B

.

8

.

1

'

* >8

1

.

.

.

* >8

+

=

.

( ! &1&1

&$

(

"

" (

¼

0

S /

+ S ( / 7

"

(

S"

0 0

(

( 5

0

( "

" "

"

S

¼

(

(

; + (

$4 $4

.

0 0

" ;;

;;

%

" ;; % " ;; %

;

6

S

S

0 /

S

( A !4

+*

.

" ;; ;; % " ;; % " S % " ;; % "

S %

.

1

.

. 1

.

.

S"

+S(

"

& LL8 % !

!

.

" ;;

;;

%

.

>8 .;

B .

.

.

+)(

;;

;;

" ;;

%

.

B

.

.

# $

.

Æ

Æ !

+

+M *

* >+>

) ;;S " 0 "

5 "

)

¼

; "

¼

% ;;S

¼

¼

) . &)'

=

.

*

&)'

&)' 0 +7

$

& 8+7

$

; !

6

$

$

% # & % # ! &

Init

!

RespI

! # $ !$ $ $ $ % ! & $ ℄ ! $ $ $ $ ! ! & % Credit RespC Fail &℄ %& & $ ℄ && ! & Success

3 7

«critical»

«send»

RespC

& $ ℄ ! &

!

&℄

%

RespL(s2)

IntIssuer

«send»

%& &&

Credit

C:Card

c

l

! ℄

! ℄

entry/ n:=n+1

entry/ nt:=nt+1

entry/n:=0

L:LSAM

Ilog(cep,lda,m,nt,r,ml,r2l)

! !

ILog

«send»

Load(cep,lda,m,nt,s1,ml,h hl,h2l) Comp(cep,lda,m,nt,r2l,s3)

«critical»

# ! $ $ $ $ entry/nt:=0 $ $ !

RespI

Llog(cep,m,nt,rc)

!

LLog

«send»

RespI(cep,nt,sl,hc) RespC(s3,rc) RespL(s2)

Issuer

«interface»

«critical» LSAM «send»

!

«send»

«send»

$ % ! ! $ $

Init

Success

Clog(lda,m,nt,s2,rl)

& $ ℄ ! ! &

Fail

!

CLog

Init(lda,m) Credit(s2,rl)

«interface»

RespI(cep,nt,sl,hc) RespC(s3,rc)

IntCard

$ "

«critical» Card

«data security»

% # & % # ! &

l:

Load

i

I:Issuer

' ( A

i:

Init

& Load

C:CEPS

Init

L:LSAM

«smart.card»

l:LLog

loadapp

Loadacq

# &

«Internet»

«send»

«send»

i:ILog

I:Issuer

«issuer node» issuerapp

Issuer

%# ! !

! !

4 B

«LAN»

«send»

«send»

Fail

%# & ! &

Load?

!

! !$ $ $ ℄ $

$ %

% ! ! $ $ %& Fail $

$'℄ % ! ! $ $

! &

&

$ $ &℄

$ &℄ $

RespI

$

Success

! $ !

# !

«smart.card»

c:CLog

cardapp

Card

c:

(. % 6 4 B ' .

' &

( A

8 9 33; 8

33 33339 > 8!9; 3333 33 ;"℄ 8# 9

!

33; 8 33

33339 33; 8

33 3333 9 8

9

Init

8

9

RespI

#

8

9

!

8

# "

Success #

9

> 8!9; 3333 33 ;"℄ 33; 8

33 33339

8

9

#

Load

33; 8 33

33339 8

33; 8 33

33"339

#

Fail

33; 8 33

33"339 8

9

9

$

" !

$

!

3

8

%$

" "

8 9

% "

33; 89 >$ ' ℄

8

%$

9

!

33; 8

33 3333 9

Fail

8

9

%$

Init

9

!

Load?

>& 8 9 8 9; 33

3333 33 33 !℄ 89; 3333

3333 33 ! 33; 8 3333 33 9 33; 89 33; 8

33 3333 9 %8!9 8

$

! #

8

%$

!

3

9

9

¼

¼

¼¼

¼

9

8

8

8

¼

9

9

8

¼

¼

9

"

¼

¼

" #

9

!

9

8

%$

¼¼

¼¼

¼¼

9 "

>& 8 ¼¼ 9 8 ¼¼ 9; ¼¼33

¼¼33¼¼33¼¼ ¼ 8¼ 9; ¼¼33¼¼33

¼¼33¼¼33 ¼¼ 33 33 ¼33 !¼ ℄

I:Issuer

8 ¼¼

¼¼ ¼¼ ¼¼ ¼¼ ¼ ¼ !¼ 933;%$

¼ 33; 89 ¼¼ ¼¼ ¼¼ ¼ !33; 8 33 33 33 9 ¼¼ ¼¼ ¼¼ 33; 8

33 33 33 9

47

¼

¼ ! 33; % 8#¼ ¼ 9 33; 8 ¼ ¼ ¼ ¼ 9 33; ¼ ¼ 33; 8

33 33 339 ¼ ¼ !33; 8

33 33 33! 9 ¼ ¼ ¼ ¼ 33; 8 33 33

3333 33 33 33 ! 9

8

8

8 9

¼

$

%$

>!¼;"℄

¼

% !

%$

L:LSAM

> ¼;"

¼ ; 8

33 3333 9℄

#

8

!

9

9

8

¼ ¼ 9 33; ¼ ¼ 33; 8 33

33 339 ¼ 33; 8

33 3333 9 ¼ #33; 8 33

33 339 ¼¼ ¼ 8! 9 33; ¼¼ ¼ ¼ 33; 8

33 3333 9

$

!

8

> 8!¼¼ 9; 3333 33 ¼¼ ¼;"℄

C:Card

(. % 6 4 B ' (

')

( A

!

.

)

;

)

. &)' &)' !

.

$

.

&)' ) .

)

&)'

*

)

5 &)'

2

"

%

# 6

% 4A

# ! # 4A " 1" 4A

# 7$ B #

B

B

3 8 33

33 33 9

3 8

33 33 33 9 7 1" # 1" # 4A 8 33 33

33 33 33 33 33 9 8 #" 3 8

33 33 33 9 3 8

33 33 33 !9 ! 3 8 33 33 33 9 #

8 33

33 33 9

B

4A9

(. % 6 4 B 1

&)'

$

B

¼

¼

#! 2 -

.

$

&)'

$

.

&)'

-

1

$

& 8 9 8 9; 33

3333 33 33 !℄ 89; 3333

3333 33 (3; !3; 8 3333 33 9 8 33

333333 9 3; 8

33 3333 9 %8! (9 8

$

! #

8

%$

¼

9 9

!

@ 3

( A '')

¼

¼

¼¼

¼

9

8

8

¼

9

¼

9 9

8

!

8

#

8

¼

¼

¼

8

¼

9

% ! (

8

¼

9

" (

$

¼

" #

¼

9

!

>!;" 8(9; 33

333333 ℄

%$

L:LSAM

9

¼

8

%$

9

¼¼

%$

¼

¼¼

¼¼

8

¼¼

¼¼

"

9

>& 8 9 8 ¼¼ 9; ¼¼33

¼¼33¼¼33¼¼ 8¼ 9; ¼¼33¼¼33

¼¼33¼¼33 ¼¼ 33 ¼33 !¼ ℄ 33

I:Issuer

¼¼

¼¼

¼¼

¼

¼

8

! 9 33; %$

! 33; % ¼ 8 9 33; 8#¼ ¼ 9 33; ¼ ¼¼ ¼¼ ¼¼ !33; 8 ¼ ¼ ¼ ¼ 9 33; 8 33 33 33 9 ¼ ¼ ¼¼ ¼¼ ¼¼ 33; 8

33 33 33 9 33; 8

33 33 339 ¼ ¼¼ ¼¼ ¼¼ ¼¼ ¼ ¼ (33; !33; 8

33 33 33! 9 8 33

33 33 33 9 ¼ ¼ ¼ ¼ 33; 8 33 33

3333 33 33 33 ! 9 ¼

> ;"

; 8

33 3333 9℄

C:Card

¼

;"℄

!

> 8!¼¼ 9; 3333 33 ¼¼

8

$

¼¼

8

¼ ¼ 9 33; ¼ ¼ 33; 8 33

33 339 ¼ 33; 8

33 3333 9 ¼ #33; 8 33

33 339 8!¼¼ ¼ 9 33; 33; 8

¼33 3333¼ 9

47

(. % 6 4 B

''*

1 *

6'

& 8+7

&1

1

%

0

0

¼

%

0 0 0 0 0 0 . 0

0

3

(

4

(

1

% S /

2

.

$;

++

$ " / %

$

.

$ )

; $$

%" 0

9

?

?93 +7 & ) DA ,, 3 --℄

Æ

* )+

.

DA ,N 5/,,℄ !

)

.

1

6'

) .

?

?

! & >8L

&1"1 '

3 ; ) 2

D&&,8℄

-

9 (

" 8 8 99 ; )℄ 3;

8

*

9 waitReq

checkReq

8

> ; ℄

899

8

9

3; 89

= # !" * >77

* >7L ! #

.

. ; ( . ¼

#

. *

. .

Æ

.

89

)

o 8

8

99

/

8 8 9

8)

)

99

o

)

o 8 9

)

= #

'

( A

#

. .

#

.

. .

. .

1 & LLL

.

"%

=

.

1

* "%

)

.

*

.

.

.

& >7 :

;

.

#

.

. * >78 0

.

1

: . 6'

o

/

o

/ )

)

= # " E &1"1 $4! + '

1

)

;

(& 5 4 I

'.

www.bankeasy.com Server

Local

Browser

Store

www.finance.com Server

B 3 A

&

. 6' 1 6' * )+

1

6'

) 6' ( !

; !

. 5 .

*

* >7>

.

; "+% ) .

+ 7 " .

% "7% ) "

%

. &

!

.

+ >7 (

D?C -+℄ H . & >+

D)*A-7℄ .

7

& D)&,,℄ .

2 & >L D?1-+ ?C -+ ?C -8 ℄ D?1-+℄

= '

A "='A% ) 2

) A !

'.*

MyApp JMI r

ate

MDR

MOF

3:

[UML 1.4]

ge

2 : ins

1: 01 - 02 - 15 . xm

ne

UML 1.4

ta ntia te

MyUml

l (U

4: M

ML 1.4 Me tam od el)

yU

ml

. xm

i

5@ #"

7 ) @'! '9H ?'!

L

6' ! 8 6'

?'!

?

@'! 5

'9H

6' 6'

2 ! ( / , )*

6'

6 ' D?&) -8℄

)11 ( +

6' & 8+7 ;

'.+

) !

& ;

& ;

2 "

%

«framework» GuiWrapper

IGuiMode

ITextMode

«tool» MyUmlTool

«framework» WebWrapper

!

IWebMode

) A ! ( 4

*"

. "A6!%

&

'&'

""

A6!

.

0

*

O

"

A6!

)

6' . 6' +>

@'! +7 D@'!-7℄ 6' ½ !

6' . !

& M> =

;

. 6'

)11 3 8 1 2 . & D0-L℄ 6' . ℄

!

D)--℄;

3

3

. ;

¯ ¯

.

3

¼

3

¼

3

¼

(

1

)

(

)

&

& & >7 )

* L8 & >7

"

0

;;S

'&

+ 4" 5

"

5

"

'# 4 7 ! )

)+"%

S ")+" % " %% ;

" %

" %

"% "% "%% "

% " %

" % $4 5

S " " %

"% $

"% )+"%

)+"%

"%

"% )+"%

)

"%

(

¼

¼

)+"% )+"¼ % S

(

9(

"%;

!

! 1

!

( *

!

#$

+' 4

'(

* 6' '

)

6' '

( )

& N+L )

. . 6' '

" %

(

6' ' & G+

" %

7 1

.

(

& N++

' 2 " " %%

(

( (

0

& N+G 1

1

S D ½

1

)+"%

6' '

-

1

℄

;

% % " % 4 "

%

"

"%

%

" %

0

" %

&

')

+ 4" 5

;;

;;

&

0

S

" % S

" %

" %

S

6'

' 2 "% & N++ *

' 2 " % ' 2 " % ' 2 " % A

" % S " % S )

B (

6' '

% %

S "% 4 ;S

!

!

* N,

!

;

6' '

" %

"! &' 3 ; > ℄

3; 88 99 ; 88 99

*

"!+8 88 999: 88 99 ;

3; 8 9: 88 99 ;

( (8 88 999 ; ( (8 9

0

$

/

/

3;

: 88 99 3; * 89: ( (89 )

8( (899 3; 89 3; 8 9 /

8( (899:

7

+' 4

" %% !

"

! .

1

'*

4

. )

" %

!

,1 1& ' ! !

) .

6' + D6'-L 7+GN℄

6' ! 6'

.

!

9 ( D6'-L 7+GN℄ &

Æ 1

:

& N+L )

S " & & %

&

&

,

#

" %

;

'+

+ 4" 5

"! &' 3 8 ! &' 8 9

-

9

$

3;

0

A "

' " % '

" %

%

" %

'

" %

& N+L

& &

$

"%

"%

;

5

"

" %

"%

&

$4

& N+L

& N+L

'#

(

6' ' !

* )

0

)+

8 9

& $

! 89

-

8

8 9

&

8 99: 8 99

$

8

A " 6

" %

+' 4

*

'-

& N+G !

( !

$4 $4

5

6' ' & G+

(

6' '

1

& N+L 6' '

$4 *

"%

* N++

" %

N+-

" %

& N+L

& N+L 1

* N+7

8 9 3;

*

"!+,! 8 8 99

8 8 99 ! 8 9

)

8 9

A " 6 ,1 1) ! ! 1 )

S " %

;

S " %

)

S "" % $" % !" %% ;

"% $"% "%

S "" % " %%

.

"% "%

2 2 " #" " B

+ 4" 5 !"%

" %

% 4

S " ¼ %

"

1

.

"

%

S

S

S " " %

.

,1 1* # ! !

6'

. 6'

6' *

. !

. 6' Æ

D6'-L℄

;

4

! 6' '

)

4

& N+L

" 6' ( D6'-L LG87℄

)

& N+8

(

(

& N+8 4

)

! "

+' 4

'

H

2

6' ! D6'-L 7+L7G℄ # $ &

6' + .

1

*

. .

6' + & N+> )

;

;

!

&

B

& N+8

(

) (

(

¼

¼

)+"%

)+" % ¼

5 (

(

(

;

¯

+ 4" 5 (

"

(

%

¯

(

¯

. *

&

3

5

&

3

6'

3

5

1

3

&

6' '

)

3

5

!

!

3

5

)

6'

.

; =

2

2 *

2 6' +

8 ,1 = #4 8 ! >1 ( $ ¼ 0 0 $ / . ¼ 3 4 $" %$ $" $4 ¼ 3 4 $" %$ $4 /

, 5!

S $ ; !!"% , ,

*

.

=

(

+ ,11 3

4 $" %$ $" $ $

/ . ($"

.

+ 5

-

6' ! .

8 ,1" = #4 8 ! >1 7 ¼ 3$ 4 " %$($" ¼ 3 4 " %$($" / 1 .

+ ,1&1 '

¼

¼

($"

$"

/

6'& G+L

( ! ,1)1 .$"

( /

8 ,1* = #4 7 >1

¼

7(

3 4 ($" ,

¼

¼

3 4 ($" $

3 4 ($"

/

1

3 ,1,1 .$"

,

( /

! : B

'

.

2

8 ,1. = 2 8 ! >1

¼

-

¼

' "& %0

¼

3 4

3 4 ($"

' " %/

'

( : ! ) .

(

D&&H5--℄

.

+ 4" 5

( ! ,1 /1 (

' "& %

S

!

&/

0 0 ¼

¼¼

' $ 0 ( ' Æ ' "& %

S ' "' "& %%/

' $ 0

¼¼

¼

¼

¼

0

¼¼

' $ $ ' Æ ' $

¼

¼

) .

¼

DA0?/,>℄

$

.

0

. . 1

& 8L ) & >+

,11 2 ℄ D*0,G℄

D* ,N℄ !

1 .

D*-+ & -L℄

D?3&,> &5