Learning Objectives (cont'd.) - East Carolina University

Learning Objectives (cont'd.) - East Carolina University

ELEVENTH EDITION ELECTRONIC COMMERCE GARY P. SCHNEIDER Chapter 10 Electronic Commerce Security Cengage Learning 2015 Learning Objectives In this chapter, you will learn: What security risks arise in online business and how to manage them How to create a security policy

How to implement security on Web client computers How to implement security in the communication channels between computers Cengage Learning 2015 2 Learning Objectives (contd.) How to implement security on Web server computers What organizations promote computer, network, and Internet security Cengage Learning 2015

3 Introduction Government and large business Web sites constantly under attack from intruders Several incidents in 2009 Sensitive military data stolen North Korean and Chinese governments may have been involved Threats are constantly changing Cengage Learning 2015 4

Online Security Issues Overview Individuals and businesses concerned about security Since Internet became a business communications tool Concerns increasing with steady increase in sales and all types of financial transactions Chapter topics Key security problems Solutions to those problems Cengage Learning 2015 5

Origins of Security on Interconnected Computer Systems Modern computer security techniques Developed by US Department of Defense Orange Book: rules for mandatory access control Business computers Initially adopted militarys security methods Networks Increased number of users accessing computers Computers now transmit valuable information Cengage Learning 2015

6 Computer Security and Risk Management Computer security Asset protection from unauthorized access, use, alteration, and destruction Physical security Includes tangible protection devices Alarms, guards, fireproof doors, security fences, safes or vaults, and bombproof buildings Logical security Asset protection using nonphysical means

Cengage Learning 2015 7 Computer Security and Risk Management (contd.) Threat Any act or object posing danger to computer assets Countermeasure Procedure (physical or logical) Recognizes, reduces, and eliminates threat Extent and expense of countermeasures Vary depending on asset importance

Cengage Learning 2015 8 Computer Security and Risk Management (contd.) Risk management model Four general organizational actions Impact (cost) and probability of physical threat Also applicable for protecting Internet and electronic commerce assets from physical and electronic threats Electronic threat examples Impostors, eavesdroppers, thieves

Eavesdropper (person or device) Listens in on and copies Internet transmissions Cengage Learning 2015 9 FIGURE 10-1 Risk management model Cengage Learning 2015 Cengage Learning 2015 10 Computer Security and Risk Management (contd.) Crackers or hackers (people)

Write programs; manipulate technologies Obtain unauthorized access to computers and networks White hat hacker and black hat hacker Distinction between good hackers and bad hackers Good security scheme implementation Identify risks Determine how to protect threatened assets Calculate costs to protect assets Cengage Learning 2015 11 Elements of Computer Security

Secrecy Protecting against unauthorized data disclosure Ensuring data source authenticity Integrity Preventing unauthorized data modification Man-in-the-middle exploit E-mail contents changed before forwarded to original destination Necessity Preventing data delays or denials (removal) Cengage Learning 2015 12

Establishing a Security Policy Security policy elements Assets to protect and why Protection responsibility Acceptable and unacceptable behaviors Physical and network security, access authorizations, virus protection, disaster recovery Corporate information classifications Public Company confidential

Cengage Learning 2015 13 Establishing a Security Policy (contd.) Steps to create security policy Determine which assets to protect from which threats Determine access needs to various system parts Identify resources to protect assets

Develop written security policy Commit resources Comprehensive security plan goals Protect privacy, integrity and availability Authenticate users Selected to satisfy Figure 10-2 requirements Cengage Learning 2015 14 FIGURE 10-2 Requirements for secure electronic commerce Cengage Learning 2015 Cengage Learning 2015 15

Establishing a Security Policy (contd.) Integrated security All security measures work together Prevents unauthorized disclosure, destruction, or modification of assets Cengage Learning 2015 16 Establishing a Security Policy (contd.) Security policy points Authentication: Who is trying to access site? Access control: Who is allowed to log on to and access site?

Secrecy: Who is permitted to view selected information? Data integrity: Who is allowed to change data? Audit: Who or what causes specific events to occur, and when? Cengage Learning 2015 17 Security for Client Devices Threats to computers, smartphones, and tablets Originate in software and downloaded Internet data Malevolent server site masquerades as legitimate Web site

Cengage Learning 2015 18 Cookies and Web Bugs Internet connection between Web clients and servers Multiple independent transmissions No continuous connection (open session) maintained between any client and server Cookies Small text files Web servers place on Web client Identify returning visitors Allow continuing open session

Cengage Learning 2015 19 Cookies and Web Bugs (contd.) Time duration for cookies Session cookies: exist until client connection ends Persistent cookies: remain indefinitely Electronic commerce sites use both Cookie sources First-party cookies Web server site places them on client computer Third-party cookies Different Web site places them on client computer

Cengage Learning 2015 20 Cookies and Web Bugs (contd.) Disable cookies entirely for complete cookie protection Disadvantages Useful cookies blocked (along with others) Full site resources not available Web browser cookie management functions Refuse only third-party cookies Review each cookie before allowing Provided by most Web browsers

Cengage Learning 2015 21 Cookies and Web Bugs (contd.) Web bug Tiny graphic that third-party Web site places on another sites Web page Provides method for third-party site to place cookie on visitors computer Web bugs (also called clear GIFs or 1-by-1 GIFs) Graphics created in GIF format Color value of transparent As small as 1 pixel by 1 pixel

Cengage Learning 2015 22 Active Content Active content Program runs when client device loads Web page Example actions: play audio, display moving graphics, place items into shopping cart Advantages Moves processing work from server to client device Disadvantages Can pose a threat to client device

Cengage Learning 2015 23 Active Content (contd.) Methods to deliver active content Cookies, Java applets, JavaScript, VBScript, ActiveX controls, graphics, Web browser plug-ins, e-mail attachments Scripting languages: provide executable script Examples: JavaScript and VBScript Applet: small application program Typically runs within Web browser

Most browsers include tools limiting applets actions Cengage Learning 2015 24 Active Content (contd.) Active content modules Embedded in Web pages ActiveX controls

Objects containing programs or properties Placed on Web pages to perform particular tasks Run only on Windows operating systems Give full access to client system resources Cengage Learning 2015 25 Active Content (contd.) Crackers: embed malicious active content Trojan horse Program hidden inside another program or Web page Masking true purpose May result in secrecy and integrity violations

Zombie (Trojan horse) Secretly takes over another computer Launches attacks on other computers Botnet (robotic network, zombie farm) All controlled computers act as an attacking unit Cengage Learning 2015 26 Graphics and Plug-Ins Graphics, browser plug-ins, and e-mail attachments can harbor executable content Graphic: embedded code can harm client computer Browser plug-ins (programs)

Enhance browser capabilities Can pose security threats Plug-ins executing commands buried within media Cengage Learning 2015 27 Viruses, Worms, and Antivirus Software Programs display e-mail attachments by automatically executing associated programs Macro viruses within attached files can cause damage Virus: software Attaches itself to another program Causes damage when host program activated

Worm: virus Replicates itself on computers it infects Spreads quickly through the Internet Cengage Learning 2015 28 Viruses, Worms, and Antivirus Software (contd.) Macro virus Small program (macro) embedded in file 2000: ILOVEYOU virus (love bug) Replicated through E-mail

Spread with amazing speed 2001 Code Red and Nimda: multivector virus-worm Entered computer system in several different ways 2002 and 2003: new virus-worm combinations Example: Bugbear Cengage Learning 2015 29 Viruses, Worms, and Antivirus Software (contd.) Antivirus software Detects viruses and worms

Either deletes or isolates them on client computer 2008: Conficker virus Can reinstall itself after removal 2010: new Trojan horse-worm combination attack Spread through a computer operating system Designed to target uranium enrichment equipment Cengage Learning 2015 30 Viruses, Worms, and Antivirus Software (contd.) 2011: Zeus and SpyEye combined

Targeted bank account information Not visible in Microsoft Windows Task Manager Intercept credit card or online banking data entered in Web browser 2013: Cryptolocker Ransomware Encrypts files and demands payment for keys to unlock Cengage Learning 2015 31 Viruses, Worms, and Antivirus Software (contd.)

Companies that track viruses, sell antivirus software, provide virus descriptions on Web sites Symantec (Symantec Security Response) McAfee (McAfee Virus Information) Data files must be updated regularly Recognize and eliminate newest viruses Some Web e-mail systems provide antivirus software Scan attachments before downloading Examples: Yahoo! Mail, Gmail Cengage Learning 2015 32

Digital Certificates Digital certificate (digital ID) E-mail message attachment or program embedded in Web page Verifies sender or Web site Contains a means to send encrypted message Signed message or code Provides proof of holder identified by the certificate Used for online transactions Electronic commerce, electronic mail, and electronic funds transfers Cengage Learning 2015 33

Digital Certificates (contd.) Digital certificate for software Assurance software was created by specific company Does not attest to quality of software Certification authority (CA) Issues digital certificates to organizations, individuals Digital certificates cannot be forged easily Six main elements: owners identifying information, owners public key, dates certificate is valid, serial number, issuer name, issuer digital signature Cengage Learning 2015

34 Digital Certificates (contd.) Key Number: usually long binary number Used with encryption algorithm Lock message characters being protected Longer keys provide better protection Identification requirements vary Drivers license, notarized form, fingerprints Companies offering CA services Thawte, VeriSign, Comodo, DigiCert, Entrust, and GeoTrust

Cengage Learning 2015 35 Digital Certificates (contd.) Secure Sockets Layer-Extended Validation (SSL-EV) digital certificate Issued after more extensive verification confirmed Annual fees $100 to more than $1000 Digital certificates expire after period of time Provides protection (users and businesses) Must submit credentials for re-evaluation periodically

Cengage Learning 2015 36 Steganography Steganography Hiding information within another piece of information Can be used for malicious purposes Hiding encrypted file within another file Casual observer cannot detect anything of importance in container file Two-step process Encrypting file protects it from being read Steganography makes it invisible

Al Qaeda used steganography to hide attack orders Cengage Learning 2015 37 Physical Security for Client Devices Client computers Control important business functions Same physical security as early systems New physical security technologies Fingerprint readers (less than $100) Stronger protection than password approaches Biometric security device Identification using part of persons biological makeup

Examples: signature recognition, eye scanners, palm scanners, reading back of hand vein pattern Cengage Learning 2015 38 Client Security for Mobile Devices Security measures Access password Remote wipe: clears all personal data Can be added as an app Capability through corporate e-mail synchronization Antivirus software Rogue apps: contain malware or collect information

and forward to perpetrators Apple App Store tests apps before authorizing sales Android market does less extensive testing Cengage Learning 2015 39 Communication Channel Security Internet Not designed to be secure Designed to provide redundancy Remains unchanged from original insecure state Message traveling on the Internet Subject to secrecy, integrity, and necessity threats

Cengage Learning 2015 40 Secrecy Threats Secrecy Prevention of unauthorized information disclosure Technical issue Requiring sophisticated physical and logical mechanisms Privacy Protection of individual rights to nondisclosure Legal matter Cengage Learning 2015

41 Secrecy Threats (contd.) E-mail message Secrecy violations protected using encryption Protects outgoing messages Privacy issues address whether supervisors are permitted to read employees messages randomly Electronic commerce threat Sensitive or personal information theft Sniffer programs Record information passing through computer or

router Cengage Learning 2015 42 Secrecy Threats (contd.) Backdoor: an electronic hole Left open accidentally or intentionally Content exposed to secrecy threats Example: Cart32 shopping cart program backdoor Stolen corporate information Eavesdropper example Web users continually reveal information Secrecy breach

Possible solution: anonymous Web services Cengage Learning 2015 43 Integrity Threats Also known as active wiretapping Unauthorized party alters message information stream Integrity violation examples Cybervandalism Electronic defacing of Web site Masquerading (spoofing)

Pretending to be someone else Fake Web site representing itself as original Cengage Learning 2015 44 Integrity Threats (contd.) Domain name servers (DNSs) Internet computers maintaining directories Linking domain names to IP addresses Perpetrators use software security hole Substitute their Web site address in place of real one Spoofs Web site visitors

Phishing expeditions Victim tricked into disclosing confidential information Common victims: online banking or payment system users Cengage Learning 2015 45 Necessity Threats Also known as delay, denial, and denial-of-service (DoS) attack Disrupt or deny normal computer processing Intolerably slow-speed computer processing Renders service unusable or unattractive Distributed denial-of-service (DDoS) attack

Launch simultaneous attack on a Web site via botnets DoS attacks Remove information altogether Delete transmission or file information Cengage Learning 2015 46 Necessity Threats (contd.) Denial attack examples Quicken accounting program diverted money to perpetrators bank account Company receives flood of data packets Overwhelms sites servers Chokes off legitimate customers access

Cengage Learning 2015 47 Threats to the Physical Security of Internet Communications Channels Internets packet-based network design Precludes it from being shut down by attack on single communications link Individual users Internet service can be interrupted Destruction of users Internet link Larger companies, organizations Use more than one link to main Internet backbone

Cengage Learning 2015 48 Threats to Wireless Networks Wireless Encryption Protocol (WEP) Rule set for encrypting transmissions from the wireless devices to the wireless access points (WAPs) Wardrivers Attackers drive around in cars Search for accessible networks Warchalking Place chalk mark on building

Identifies easily entered wireless network nearby Web sites include wireless access locations maps Cengage Learning 2015 49 Threats to Wireless Networks (contd.) Preventing attacks by wardrivers Turn on WEP Change default login and password settings Example Best Buy wireless point-of-sale (POS) Failed to enable WEP Customer launched sniffer program

Intercepted data from POS terminals Cengage Learning 2015 50 Encryption Solutions Encryption: coding information using mathematically based program, secret key Cryptography: science studying encryption Science of creating messages only sender and receiver can read Steganography Makes text undetectable to naked eye

Cryptography converts text to other visible text With no apparent meaning Cengage Learning 2015 51 Encryption Algorithms Encryption program Transforms normal text (plain text) into cipher text (unintelligible characters string) Encryption algorithm Logic behind encryption program Includes mathematics to do transformation

Decryption program Encryption-reversing procedure Message is decoded or decrypted Cengage Learning 2015 52 Encryption Algorithms (contd.) National Security Agency controls dissemination U.S. government banned publication of details Illegal for U.S. companies to export Encryption algorithm property May know algorithm details Unable to decipher encrypted message without

knowing key encrypting the message Key type subdivides encryption into three functions Hash coding, asymmetric encryption, symmetric encryption Cengage Learning 2015 53 Hash Coding Process uses hash algorithm Calculates number (hash value) from any length message Unique message fingerprint Can be used to determine if message has been altered during transit

Mismatch between original hash value and receiver computed value Cengage Learning 2015 54 Asymmetric Encryption Also called public-key encryption Encodes messages using two mathematically related numeric keys Public key: one key freely distributed to public Encrypt messages using encryption algorithm Private key: second key belongs to key owner Kept secret

Decrypt all messages received Cengage Learning 2015 55 Asymmetric Encryption (contd.) Pretty Good Privacy (PGP) Popular public-key encryption technology Can use different encryption algorithms Individuals download free version from PGP International site Symantec sells business site licenses Cengage Learning 2015

56 Symmetric Encryption Also called private-key encryption Encodes message with one of several available algorithms Single numeric key to encode and decode data Message receiver must know the key Very fast and efficient encoding and decoding Key must be guarded Cengage Learning 2015 57

Symmetric Encryption (contd.) Symmetric encryption problems Difficult to distribute new keys to authorized parties while maintaining security, control over keys Private keys do not work well in large environments Data Encryption Standard (DES) Encryption algorithms adopted by U.S. government Most widely used private-key encryption system Fast computers break messages encoded with smaller keys Cengage Learning 2015 58

Symmetric Encryption (contd.) Triple Data Encryption Standard (Triple DES, 3DES) Stronger version of Data Encryption Standard Advanced Encryption Standard (AES) Alternative encryption standard Most government agencies use today Longer bit lengths increase difficulty of cracking keys Cengage Learning 2015 59 Comparing Asymmetric and Symmetric

Encryption Systems Advantages of public-key (asymmetric) systems Small combination of keys required No problem in key distribution Implementation of digital signatures possible Disadvantages of public-key systems Significantly slower than private-key systems Public-key systems complement rather than replace private-key systems Cengage Learning 2015 60

FIGURE 10-5 Comparison of (a) hash coding, (b) private-key, and (c) public-key encryption Cengage Learning 2015 Cengage Learning 2015 61 Encryption in Web Browsers Two approaches used to establish secure connections between Web servers and clients Secure Sockets Layer (SSL) Goal: secures connections between two computers Secure Hypertext Transfer Protocol (S-HTTP)

Goal: send individual messages securely Cengage Learning 2015 62 Secure Sockets Layer (SSL) Protocol Provides security handshake Client and server exchange brief burst of messages All communication encrypted Eavesdropper receives unintelligible information Secures many different communication types HTTP, FTP, Telnet HTTPS: protocol implementing SSL

Precede URL with protocol name HTTPS Cengage Learning 2015 63 SSL Protocol (contd.) Encrypted transaction generates private session key Bit lengths vary (examples: 128-bit, 256-bit) Session key Creates cipher text from plain text during single secure session Secrecy implemented using combination of publickey and private-key encryption

Cengage Learning 2015 64 FIGURE 10-6 Establishing an SSL session Cengage Learning 2015 Cengage Learning 2015 65 SSL Protocol (contd.) After secure session established: Public-key encryption no longer used Message transmission protected by private-key encryption

Session key (private key) discarded when session ends Each new connection between client and secure server requires entire process: Beginning with handshake Cengage Learning 2015 66 Secure HTTP (S-HTTP) Extension to HTTP providing security features Client and server authentication, spontaneous encryption, request/response nonrepudiation

Symmetric encryption for secret communications Public-key encryption to establish client-server authentication Session negotiation Occurs between client and server Proposing and accepting (or rejecting) various transmission conditions Cengage Learning 2015 67 S-HTTP (contd.) Establishing secure session Client-server handshake exchange Special packet headers exchanged in S-HTTP Headers define security technique type

Secure envelope (complete package) Encapsulates message Provides secrecy, integrity, and client-server authentication SSL more generally accepted standard over SHTTP Cengage Learning 2015 68 Hash Functions, Message Digests, and Digital Signatures Integrity violation Message altered while in transit

Apply two algorithms to eliminate fraud and abuse Hash algorithm Message digest Number summarizing encrypted information Hash functions: potential for fraud Solution: sender encrypts message digest using private key Cengage Learning 2015 69 Hash Functions, Message Digests, and Digital Signatures (contd.) Digital signature

Encrypted message digest created using a private key Digital signature provides: Nonrepudiation Positive identification of the sender Secrecy when used with an encrypted message Same legal status as traditional written signature Cengage Learning 2015

70 FIGURE 10-7 Sending and receiving a digitally signed message Cengage Learning 2015 Cengage Learning 2015 71 Security for Server Computers Server: third link in client-Internet-server electronic commerce path Web server administrator Ensures security policies documented and implemented

Cengage Learning 2015 72 Password Attack Threats Sensitive file on Web server Holds Web server username-password pairs Solution: store authentication information in encrypted form Passwords threats Dictionary attack programs cycle through electronic dictionary, trying every word as password Solutions User password requirements Use password assignment software to check user

password against dictionary Cengage Learning 2015 73 Web Server Threats (contd.) Help creating very strong passwords Gibson Research Corporations Ultra High Security Password Generator Cengage Learning 2015 74 FIGURE 10-8 Examples of passwords, from very weak to very strong Cengage Learning 2015

Cengage Learning 2015 75 Database Threats Usernames and passwords Stored in unencrypted table in some databases Database fails to enforce security Relies on Web server to enforce security Unauthorized users Masquerade as legitimate database users Trojan horse programs hide within database system Reveal information Remove all access controls within database

Cengage Learning 2015 76 Other Software-Based Threats Java or C++ programs executed by server Passed to Web servers by client or reside on server Use a buffer Memory area set aside holding data read from file or database Buffer overrun (buffer overflow) error Programs overfill buffer Cause: error in program or intentional

Excess data spills outside designated buffer memory 1998 Internet worm Cengage Learning 2015 77 Other Software-Based Threats (contd.) Insidious version of buffer overflow attack Writes instructions into critical memory locations Web server resumes execution by loading internal registers with address of attacking programs code Reducing potential buffer overflow damage Good programming practices Some hardware functionality

Mail bomb attack Hundreds or thousands of people send message to particular address Cengage Learning 2015 78 Threats to the Physical Security of Web Servers Protecting Web servers Put computers in commerce service provider (CSP) facility Very high-level physical security on CSP Maintain server contents backup copies at remote location

Rely on service providers Offer managed services including Web server security Hire smaller, specialized security service providers Cengage Learning 2015 79 Access Control and Authentication Controlling who and what has access to Web server Authentication Identity verification of entity requesting computer access Server user authentication

Server must successfully decrypt users digital signature-contained certificate Server checks certificate timestamp Server uses callback system Cengage Learning 2015 80 Access Control and Authentication (contd.) Usernames and passwords Provide some protection element Maintain usernames in plain text Encrypt passwords with one-way encryption algorithm

Problem Site visitor may save username and password as a cookie Might be stored in plain text Access control list (ACL) Restrict file access to selected users Cengage Learning 2015 81 Firewalls Firewall Software, hardware-software combination Installed in a network to control packet traffic

Placed at Internet entry point of network Defense between network and the Internet Between network and any other network Principles All traffic must pass through it Only authorized traffic allowed to pass Immune to penetration Cengage Learning 2015 82 Firewalls (contd.)

Trusted: networks inside firewall Untrusted: networks outside firewall Filter permits selected messages though network Separate corporate networks from one another Coarse need-to-know filter Firewalls segment corporate network into secure zones Large organizations with multiple sites Install firewall at each location All locations follow same security policy Cengage Learning 2015

83 Firewalls (contd.) Should be stripped of unnecessary software Packet-filter firewalls Examine all data flowing back and forth between trusted network (within firewall) and the Internet Gateway servers Filter traffic based on requested application Limit access to specific applications Telnet, FTP, HTTP Proxy server firewalls Communicate with the Internet on private networks behalf

Cengage Learning 2015 84 Firewalls (contd.) Perimeter expansion problem Computers outside traditional physical site boundary Intrusion detection systems Monitor server login attempts Analyze for patterns indicating cracker attack Block further attempts originating from same IP address Cloud computing: firewall products lagging behind Personal firewalls

Software-only firewalls on individual client computers Cengage Learning 2015 85 Organizations that Promote Computer Security Following the Internet Worm of 1988 Organizations formed to share information About threats to computer systems Principle followed Sharing information about attacks and defenses for attacks Helps everyone create better computer security

Cengage Learning 2015 86 CERT Computer Emergency Response Team Housed at Carnegie Mellon University Software Engineering Institute Maintains effective, quick communications infrastructure among security experts Security incidents avoided, handled quickly Provides security risk information Posts security event alerts Primary authoritative source for viruses, worms, and

other types of attack information Cengage Learning 2015 87 Other Organizations 1989: System Administrator, Audit, Network and Security (SANS) Institute Education and research efforts Research reports, security alerts, and white papers SANS Internet Storm Center Web site Current information on location, intensity of computer attacks worldwide CERIAS (Center for Education and Research in

Information Assurance and Security) Multidisciplinary information security research and education Cengage Learning 2015 88 Other Organizations (contd.) Center for Internet Security Not-for-profit cooperative organization Helps electronic commerce companies CSO Online Articles from CSO Magazine Computer security-related news items

Infosecurity Articles about all types of online security issues Cengage Learning 2015 89 Computer Forensics and Ethical Hacking Computer forensics experts (ethical hackers) Computer sleuths hired to probe PCs Locate information usable in legal proceedings Job of breaking into client computers Computer forensics field Responsible for collection, preservation, and

computer-related evidence analysis Companies hire ethical hackers to test computer security safeguards Cengage Learning 2015 90

Recently Viewed Presentations

  • Simultaneous Round Table - Bay City Public Schools ...

    Simultaneous Round Table - Bay City Public Schools ...

    Simultaneous Round Table. Teams of four. Teacher chooses problems. All four students respond simultaneously. When students are done with the problem, they place their pencils on the desk. Students pass papers clockwise. Students check answer, initial, and coach if necessary....
  • The Good Samaritan

    The Good Samaritan

    The Good Shepherd "At night shepherds would bring their sheep to a corral called a sheepfold. High walls surrounded the sheepfold, and thorns were placed on top of these walls to prevent wild animals and thieves from climbing over….
  • Direct Marketing - valdner.com

    Direct Marketing - valdner.com

    SERVUCTION MODEL dopady Produkty, ktoré obsahujú službu sa nedajú skladovať. Produkty, ktoré obsahujú službu môžu byť poskytnuté iba v čase zákazníkovho záujmu. Produkty, ktoré obsahujú službu môžu byť poskytnuté iba na mieste zákazníkovho záujmu.
  • First Grade Unit 1  SPL2 Environment: Literary and

    First Grade Unit 1 SPL2 Environment: Literary and

    One little pig built a house of straw.. A big bad wolf . saw. the two little pigs. The big bad wolf went to the first house and . huffed and puffed . and blew the house down. The third...
  • Grid Modernization and Utility business Model Overview

    Grid Modernization and Utility business Model Overview

    Ashley Brown, Harvard Electricity Policy Group . Paula Carmody, Maryland Office of People's Counsel. Ralph Cavanagh, Natural Resources Defense Council. ... Quantifying the Financial Impacts of EE, DR, and DERs on Utility Shareholders and Customers.
  • Symbolism and Motif - Ms. Davis's Webpage!

    Symbolism and Motif - Ms. Davis's Webpage!

    Motif Example. The central idea of the co-existence of good and evil in Harper Lee's To Kill a Mockingbird is supported by several motifs. Lee strengthens the atmosphere by a motif of Gothic details i.e. recurrent images of gloomy and...
  • Human Relations Supervision

    Human Relations Supervision

    relevant monitor & adjust elicit overt behavior check for understanding interpret the behavior act on interpretation signal sample choral response proceed practice reteach quit belief theory standard all children can larry lezotte teach to objective learn effective schools john carroll...
  • Diapositive 1 - SSTFP

    Diapositive 1 - SSTFP

    pour les SDIS. Etude de faisabilité faite par l'INVS prévoyant la centralisation des données du régime général, de la MSA et de la CNRACL en vue de la création d'un entrepôt inter-régimes