system security overview
play

System Security Overview with an Emphasis on Security Issues for - PowerPoint PPT Presentation

Jul 11, 2023 •397 likes •1.47k views

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part 1) Byoungyoung Lee ( ) byoungyoung@snu.ac.kr Seoul National University 1 Speaker: Byoungyoung Lee ( ) Research areas:

  1. Fuzzing in the old days: Excel example Randomly Run Excel Generate/mutate an Excel file 24

  2. Fuzzing in the old days: Excel example Randomly Crash! Run Excel Generate/mutate an Excel file 24

  3. Fuzzing in the old days: Excel example Randomly Crash! Run Excel Generate/mutate an Excel file Finding a crashing input gets harder and harder  24

  4. Fuzzing: Desired Features • Fuzzing attempts to • Detect explicit violation • While exploring all different program states in a given implementation • Desired features • Good violation detection capability • Exploring all different program states 25

  5. Fuzzing: Good Violation Detection Capability • Memory bug • Violation conditions are clear • Per-pointer capability w.r.t. accessing memory space • Concurrency bug • Violation conditions are clear • If race occurs, it is undefined behavior • Challenges: False positive issues in concurrency bug detection • Undefined behavior can be implementation-defined behavior • Developers may intentionally introduce races • Difficult to differentiate benign VS harmful races • Semantic bug • Challenges: Violation conditions are unclear • We don’t even know violation conditions • Only assertions (manually inserted by developers) may help • Only a few research have been done 26

  6. Fuzzing: Exploring all different program states • State exploration and bug finding • More code coverage  More complete testing  More bugs • Most fuzzing techniques take coverage-oriented genetic algorithm (proposed by AFL) • Coverage-oriented genetic algorithm for fuzzing • Design an object function f to evaluate goodness of input’s coverage • Algorithm • Initialize a corpus C • Corpus: a set of inputs to be mutated • Generate an input i • Generation: Randomly generate i from scratch • Mutation: Pick c from C, and then mutate c • If f(i) >= f(c) for all c in C • Add input i to the corpus C 27

  7. Fuzzing: Exploring all different program states • Covering complete context sensitivity is challenging • Concurrency bugs are much more complex • Scheduler mechanisms can be seen as non-deterministic • For fuzzing, input definition is complicated • Should consider thread interleaving • Related to hardness of race bug reproduction 28

  8. Challenges in Fuzzing: Violation Detection input output 29

  9. Challenges in Fuzzing: Violation Detection input output This crash may not be observable in practice. It may simply overwrite some other variables, and it won't involve critically bad behaviors. 29

  10. Memory error bugs • Spatial safety violation • When accessing beyond allocated memory regions • e.g., stack overflow, heap overflow • Temporal safety violation • When accessing deallocated memory regions • e.g., use-after-free, double-free 30

  11. Memory Error: Detection Approaches • Pointer-based detection • Keep track of each pointer’s capability w.r.t. memory accesses • Software: SoftBound [PLDI 09], CETS [ISMM 10] • Hardware: Watch Dog [ISCA 12], Intel Memory Protection Extension (MPX) • Redzone-based detection • Keep track of global memory space accessibility • Software: AddressSanitizer [ATC 12] • Hardware: REST [ISCA 18] 31

  12. SoftBound [PLDI 09] • Maintain per-pointer metadata • (base, bound) per pointer • Runtime safety enforcement • All memory access should be within the range (base, base+bound) • Metadata propagation • Per-pointer metadata is propagated when performing pointer arithmetic operations • Disjoint metadata scheme • For better compatiblity , metadata space is isolated from original program’s memory space 32

  13. Intel MPX • Hardware-assisted version of SoftBound • Hardware-assisted metadata management • Metadata management: Bound registers + Bound table • Bound registers • (base, bound) information is now stored in CPU registers • Fast bound check: a dedicated instruction is supported by MPX • Bound table • Used if bound registers are not available • Limitations • Compatibility issues (arbitrary type casting, external libraries, multi-threading) • More details: Intel MPX Explained [SIGMETRICS 18] 33

  14. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Check before access Shadow memory Accessible 34

  15. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Check before Redzone: access inaccessible region between objects Shadow memory Accessible Inaccessible (redzone) 34

  16. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Redzone: Error! inaccessible region between objects Shadow memory Accessible Inaccessible (redzone) 34

  17. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX objX Accessible Inaccessible Shadow memory 35

  18. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrX Quarant- free(ptrX) objX Region is invalidated ined and quarantined, but not deallocated Accessible Inaccessible Shadow memory 35

  19. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrX Hold the Quarant- free(ptrX) objX region until ined quarantine zone is full (FIFO) Accessible Inaccessible Shadow memory 35

  20. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrY ptrX ptrY = Quarant- malloc() free(ptrX) objX objY The region is actually ined deallocated, and can be allocated for a new object Accessible Inaccessible Shadow memory 35

  21. REST [ISCA 18] • Hardware-assisted version of AddressSanitizer • A fixed token value in redzone • A pre-determined random value (in 64-byte space) is reserved for representing an invalid memory region • No need to maintain shadow memory • Validity checks on memory read/write can be very efficient • Simply check if the token bit (in cache) is set 36

  22. Race condition • Race conditions • If following three conditions meet • Two instructions access the same memory location • At least one of two is a write instruction • These two are executed concurrently • If a race condition occurs, the computational results may vary depending on the execution order. 37

  23. Race condition: A simple example a = 1; a = 0; If (a) { b = 0; } else { b = 1; } Thread 1 Thread 2 38

  24. Race condition: A simple example a = 1; a = 0; If (a) { b = 0; } else { b = 1; } Thread 1 Thread 2 b will be 1 38

  25. Race condition: A simple example a = 0; a = 1; a = 1; a = 0; If (a) { If (a) { b = 0; b = 0; } else { } else { b = 1; b = 1; } } Thread 1 Thread 2 Thread 1 Thread 2 b will be 1 38

  26. Race condition: A simple example a = 0; a = 1; a = 1; a = 0; If (a) { If (a) { b = 0; b = 0; } else { } else { b = 1; b = 1; } } Thread 1 Thread 2 Thread 1 Thread 2 b will be 1 b will be 0 38

  27. Real-world int fd = open(”/dev/ ptmx ”); race example: write(fd , “……”); ioctl(fd, TCFLSH); User CVE-2017-2636 ioctl(fd, TCXONC); User thread A User thread B close(fd); (Linux Kernel) 431: if (n_hdlc->tbuf) { 432: push_back(free_list, n_hdlc->tbuf); 216: tbuf = n_hdlc->tbuf; 440: n_hdlc->tbuf = NULL; 217: if (tbuf) Kernel 441: } 218: push_back(free_list, tbuf); Kernel thread B Kernel thread A 266: if (n_hdlc->flag & TCXONC) 267: while (list_empty(free_list)) { 268: buf = pop_front(free_list); 269: kfree(buf); 270: } 39

  28. Real-world int fd = open(”/dev/ ptmx ”); race example: write(fd , “……”); ioctl(fd, TCFLSH); User CVE-2017-2636 ioctl(fd, TCXONC); User thread A User thread B close(fd); (Linux Kernel) 431: if (n_hdlc->tbuf) { 432: push_back(free_list, n_hdlc->tbuf); 216: tbuf = n_hdlc->tbuf; 440: n_hdlc->tbuf = NULL; 217: if (tbuf) Kernel 441: } 218: push_back(free_list, tbuf); Kernel thread B Kernel thread A 266: if (n_hdlc->flag & TCXONC) This will turn into “double - free”, 267: while (list_empty(free_list)) { 268: buf = pop_front(free_list); which in turn allows a privilege escalation 269: kfree(buf); 270: } 39

  29. Race condition and fuzzing • Finding race conditions through fuzzing is challenging • How to execution racing pair instructions concurrently ? • All the execution interleaving (scheduling) is “randomly” determined • Case study: Previous techniques • Syzkaller: a system call fuzzer for the Linux kernel • SKI: an academic prototype to find a race [OSDI 14] 40

  30. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B 41

  31. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  32. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  33. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  34. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  35. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  36. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  37. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  38. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  39. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 ⑤ … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) ⑥ mov $0x2400,%esi ⑦ add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  40. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 ⑤ … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) ⑥ mov $0x2400,%esi ⑦ add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B Very unlikely to be executed concurrently ⬤ : Syzkaller  Very unlikely to trigger a race! ⃝ : SKI 41

  41. Finding Kernel Races through Fuzzing • Razzer [S&P 19] • #1. Static analysis to find potential race spots • Points-to analysis over an entire kernel • #2. For each potential race spots, setup per-core breakpoint • Run the kernel on modified hypervisor (QEMU/KVM) • #3. Check if a race truly occurs • Prioritize a truly racing pair to be further fuzzed later 42

  42. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  43. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  44. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B u Execute u Execute mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  45. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B u Execute u Execute mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) v v Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web Sites Fingerprinting OS FingerPrinting IP Stacks Share Scans Chapter 14 SNMP Vulnerabilities FingerPrinting TCP/IP Services

439 views • 8 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for

SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for

SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for Homeland Security/Homeland Defense that enables decisive Action to prevent, mitigate, respond and recover from all catastrophic incidents regardless

528 views • 27 slides
System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part 2) Byoungyoung Lee ( ) byoungyoung@snu.ac.kr Seoul National University 1 Outline Part1. Bugs in File Systems Semantic inconsistency

1.27k views • 115 slides
Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

474 views • 33 slides
GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

National Taiwan University Department of Computer Science and Information Engineering GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin Phone Lin Ph.D. Ph.D. Email: plin@csie.ntu.edu.tw Email:

686 views • 41 slides
OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System System Overview Purpose To provide a framework for security assessors to correlate and

438 views • 12 slides
System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn Department of Computer and Information Science Linkping University System Security 2 Security in computer systems Hardware (System)

838 views • 56 slides
Protection and Security Threat is potential security violation Attack is attempt to breach

Protection and Security Threat is potential security violation Attack is attempt to breach

CSC 4103 - Operating Systems The Security Problem Spring 2007 Security must consider external environment of the system, and protect the system resources Lecture - XX Intruders (crackers) attempt to breach security Protection and

195 views • 4 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Overview Security Maintenance Practices and Principles Securing Operating Systems Patches,

Overview Security Maintenance Practices and Principles Securing Operating Systems Patches,

Overview Security Maintenance Practices and Principles Securing Operating Systems Patches, Fixes, Revisions Antivirus Software Post-Install Security Checklist: Windows/UNIX File System Security Issues Chapter 10 User

361 views • 8 slides
System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa...

System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa...

System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa... Administrativa... About me Assistant professor at Eurecom since 2011 Doing security research Embedded systems (MCU, smart phones,...)

1.21k views • 100 slides
Module 20: Security The Security Problem Authentication Program Threats System

Module 20: Security The Security Problem Authentication Program Threats System

Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption Silberschatz and Galvin 1999 Operating System Concepts 20.1 The Security Problem Security must

155 views • 11 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and

Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and

Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and Pension Reform July 11, 2016 Patricia S. Bishop, VRS Director VRS Overview VRS Total Membership Plan 1 Plan 2 Hybrid* Total 89,979 37,571

597 views • 38 slides
Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Stuart

947 views • 49 slides
COMMUNITY PERFORMING ARTS CENTER JANUARY 22ND COLLABORATIVE PLANNING COMMITTEE MEETING UPPER

COMMUNITY PERFORMING ARTS CENTER JANUARY 22ND COLLABORATIVE PLANNING COMMITTEE MEETING UPPER

UPPER HARBOR TERMINAL COMMUNITY PERFORMING ARTS CENTER JANUARY 22ND COLLABORATIVE PLANNING COMMITTEE MEETING UPPER HARBOR TERMINAL | 1 1. Our Team 2. Overview of Venue 3. Community Benefjts 4. Next Steps 5. Q uestions for Discussion

193 views • 18 slides
Concepts and Strategies for Developing Effective Data Visualizations Becky Bates GCE Solutions

Concepts and Strategies for Developing Effective Data Visualizations Becky Bates GCE Solutions

Concepts and Strategies for Developing Effective Data Visualizations Becky Bates GCE Solutions 1 Outline Key Drivers for Effective Visuals Design Considerations Dos and Donts Putting it all together 2 Key Drivers of

392 views • 28 slides
JUXTA By Group K ool Brian | Ellen | Jiaying | Suri | Tim Juxta Design Design: Branding

JUXTA By Group K ool Brian | Ellen | Jiaying | Suri | Tim Juxta Design Design: Branding

JUXTA By Group K ool Brian | Ellen | Jiaying | Suri | Tim Juxta Design Design: Branding Adjectives PROFESSIONAL SLEEK INSIGHTFUL CENTRALIZED INSPIRING UNIFIED CURIOUS CALMING 3399CC 131313 333333 FFFFFF CC623C Typography

701 views • 32 slides
Gentry Health Specialty Pharmacy Services and Capabilities May 2019 2019 Asembia Specialty

Gentry Health Specialty Pharmacy Services and Capabilities May 2019 2019 Asembia Specialty

Together Creating a Path to Better Care Gentry Health Specialty Pharmacy Services and Capabilities May 2019 2019 Asembia Specialty Pharmacy Conference Agenda I. Company and Leadership Overview II. Strategic Approach III. Delivering

823 views • 49 slides
Unem ploym ent and Labourm arket Labourm arket Unem ploym ent and I nstitutions : reform s pay

Unem ploym ent and Labourm arket Labourm arket Unem ploym ent and I nstitutions : reform s pay

Unem ploym ent and Labourm arket Labourm arket Unem ploym ent and I nstitutions : reform s pay off . I nstitutions : reform s pay off . by Xavier Debrun Debrun in I MF W orld by Xavier in I MF W orld Econom ic Outlook , April 2 0 0 3

479 views • 9 slides
Richard Baer for Department of Nephrology Murty Mantha, John Paul Killen, Richard Baer Cairns

Richard Baer for Department of Nephrology Murty Mantha, John Paul Killen, Richard Baer Cairns

Richard Baer for Department of Nephrology Murty Mantha, John Paul Killen, Richard Baer Cairns Base Hospital Cairns , Australia Case history 47 yr female ESRF [Diabetic nephropathy+ stone disease] Haemodialysis 5 yr Underlying

310 views • 18 slides
Leicester, Leicestershire and Rutland Combined Fire Authority Towards 2020: A Proud and

Leicester, Leicestershire and Rutland Combined Fire Authority Towards 2020: A Proud and

ANNEX B Leicester, Leicestershire and Rutland Combined Fire Authority Towards 2020: A Proud and Inspirational Fire and Rescue Service 2016/20 Draft IRMP Proposals Myth Busting Firefighter and public safety will be put at risk Cuts

183 views • 15 slides
Teaching In Our Time in Our Time An Online Professional Development Seminar Sean McCann

Teaching In Our Time in Our Time An Online Professional Development Seminar Sean McCann

Teaching In Our Time in Our Time An Online Professional Development Seminar Sean McCann Professor of English Wesleyan University National Humanities Center Fellow 2001-02 We will begin promptly on the hour. The silence you hear is normal.

473 views • 44 slides

More recommend