DOCSLIB.ORG

ASM: a Programmable Interface for Extending Android Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
ASM: a Programmable Interface for Extending Android Security ASM: A Programmable Interface for Extending Android Security Stephan Heuser, Intel CRI-SC at Technische Universität Darmstadt; Adwait Nadkarni and William Enck, North Carolina State University; Ahmad-Reza Sadeghi, Technische Universität Darmstadt and Center for Advanced Security Research Darmstadt (CASED) https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/heuser This paper is included in the Proceedings of the 23rd USENIX Security Symposium. August 20–22, 2014 • San Diego, CA ISBN 978-1-931971-15-7 Open access to the Proceedings of the 23rd USENIX Security Symposium is sponsored by USENIX ASM: A Programmable Interface for Extending Android Security * Stephan Heuser∗ Adwait Nadkarni [email protected] [email protected] Intel CRI-SC at TU Darmstadt North Carolina State University William Enck Ahmad-Reza Sadeghi [email protected] [email protected] North Carolina State University TU Darmstadt / CASED Abstract such as “get location,” “take picture,” and “search ad- dress book.” The availability of these semantically rich Android, iOS, and Windows 8 are changing the applica- OS APIs vastly simplifies application development, and tion architecture of consumer operating systems. These has led to an explosive growth in the number and diver- new architectures required OS designers to rethink secu- sity of available applications. rity and access control. While the new security archi- These functional changes caused OS designers to re- tectures improve on traditional desktop and server OS think security. The new application abstractions both en- designs, they lack sufficient protection semantics for dif- able and necessitate assigning each user application to a ferent classes of OS customers (e.g., consumer, enter- unique protection domain, rather than executing all user prise, and government). The Android OS in particular applications with the user’s ambient authority (the norm has seen over a dozen research proposals for security in traditional OSes such as Windows and UNIX). By de- enhancements. This paper seeks to promote OS secu- fault, each application’s protection domain is small, often rity extensibility in the Android OS. We propose the An- containing only the OS APIs deemed not to be security droid Security Modules (ASM) framework, which pro- sensitive and the files it creates. The application must be vides a programmable interface for defining new refer- granted capabilities to access the full set of semantically ence monitors for Android. We drive the ASM design by rich OS APIs. This security model provides a better ap- studying the authorization hook requirements of recent proximation of least privilege, which limits both the im- security enhancement proposals and identify that new pact of an exploited application, as well as the authority OSes such as Android require new types of authorization granted to a Trojan. However, how and when to grant hooks (e.g., replacing data). We describe the design and these privileges has been the topic of much debate [16]. implementation of ASM and demonstrate its utility by For the last several years, the security research com- developing reference monitors called ASM apps. Finally, munity has contributed significant discourse on the right ASM is not only beneficial for security researchers. If security architecture for these new operating systems. adopted by Google, we envision ASM enabling in-the- Android has been the focus of this discourse, mostly due field security enhancement of Android devices without to its open source foundation, widespread popularity for requiring root access, a significant limitation of existing mobile devices, and the emergence of malware targeting bring-your-own-device solutions. it. In the relatively short period of time since the An- droid platform’s initial release in 2008, there have been 1 Introduction more than a dozen proposals for new Android security architectures [15, 24, 14, 23, 10, 7, 8, 37, 6, 19, 18, 12, Consumer operating systems are changing. Android, 9, 22, 29]. As we discuss in this paper, while these secu- iOS, and Windows 8 place a high priority on the user- rity architecture proposals have very diverse motivations, application experience. They provide new abstractions their implementations often share hook placements and for developing user-applications: applications fill the enforcement mechanisms. screen; they have complex lifecycles that respond to The primary goal of this paper is to promote OS secu- user and system events; and they use semantically rich rity extensibility [33] in the Android platform. History OS provided application programming interfaces (APIs) has shown that simply providing type enforcement, in- formation flow control, or capabilities does not meet the ∗These authors contributed equally to this work. demands of all potential OS customers (e.g., consumers, USENIX Association 23rd USENIX Security Symposium 1005 enterprise, government). Therefore, an extensible OS se- need to change, eliminating the need to port each re- curity interface must be programmable [33]. In short, we search project to new versions. ASM can provide even seek to accomplish for Android what the LSM [34] and greater benefit if it is adopted into the Android Open TrustedBSD [32] frameworks have provided for Linux Source Project (AOSP): ASM apps can be added without and BSD, respectively. What makes this task interesting source code modification. Ultimately, we envision an in- and meaningful to the research community is the pro- terface that allows enterprise IT and researchers to load cess of determining the correct semantics of authoriza- ASM apps on production phones without root access. tion hooks for this new OS architecture. The remainder of this paper proceeds as follows. Sec- In this paper, we propose the Android Security Mod- tion 2 provides a short background on Android. Section 3 ules (ASM) framework, which provides a set of autho- defines high level goals that underlie the ASM design. rization hooks to build reference monitors for Android Section 4 surveys recent work enhancing Android secu- security. We survey over a dozen recent Android secu- rity and identifies a common set of authorization hook se- rity architecture proposals to identify the hook seman- mantics. Section 5 describes the ASM design. Section 6 tics required of ASM. Of particular note, we identify the evaluates the utility and performance of ASM. Section 7 need to (1) replace data values in OS APIs, and (2) allow highlights related work on OS security extensibility. Sec- third-party applications to define new ASM hooks. We tion 8 concludes. design and implement an open source version of ASM within Android version 4.4 and empirically demonstrate negligible overhead when no security module is loaded. 2 Background ASM fulfills a strong need in the research community. It The Android OS is based on a Linux kernel, but pro- provides researchers a standardized interface for security vides a substantially different application abstraction architectures and will potentially lead to field enhance- than found in traditional Linux desktop and server dis- ment of devices without modifying the system firmware tributions. Android applications are written in Java and (e.g., BYOD), if adopted by Google. compiled into a special DEX bytecode that executes in This paper makes the following contributions: Android’s Dalvik virtual machine. Applications may op- We identify the authorization hook semantics re- tionally contain native code components. Application • quired for new operating systems such as Android. functionality is divided into components. Android de- The Android OS is responsible for enforcing more fines four types of components: activity, service, broad- than just UNIX system calls. Android includes se- cast receiver, and content provider. The application’s mantically rich OS APIs and new application lifecy- user interface is composed of a set of activity compo- cle abstractions that must be included in OS access nents. Service components act as daemons, providing control. We also identify the need for authorization background processing. Broadcast receiver components hooks to replace data values and for third-party ap- handle asynchronous messages. Content provider com- plications to introduce new authorization hooks. ponents are per-application data servers that are queried by other applications. We design and implement the extensible Android Se- • Application components communicate with one an- curity Modules (ASM) framework. ASM brings OS other using Binder interprocess communication (IPC). security extensibility to Android. It allows mul- Binder provides message passing (called parcels) and tiple simultaneous ASM apps to enforce security thread management. In addition to data values, parcels requirements while minimizing performance over- can pass references to other binder objects as well as file head based on the required authorization hooks. descriptors. When an application holds a reference to a service component binder object, it can execute remote We implement two example ASM apps to demon- • procedure calls (RPCs) for any methods defined by that strate the utility of the ASM framework. ASM al- service. Most of Android’s semantically rich OS APIs lowed the fast development of useful example ASM are implemented as RPCs to OS defined service com- apps with functionalities similar to MockDroid [6] ponents. The OS also defines several content provider and password protected apps. components (e.g., address book) that are queried using
Load more

Recommended publications
  • The Jungle Through Javascript Frameworks
    The jungle through Javascript frameworks. Jonatan Karlsson Henrik Ölund Web Programming Web Programming 2013, BTH, Blekinge institute of 2013, BTH, Blekinge institute of technology technology Advanced topic in Web development, PA1426 Advanced topic in Web development, PA1426 HT15 HT15 Karlskrona, Sweden Karlskrona, Sweden [email protected] [email protected] PA1426 Revision C, Advanced topic in Web development 2015-11-05 Abstract In this article we have planned to dive into Javascripts world where new framework comes out “every day”. We will take the reader into a world where nothing are for granted and everything is a non-standard. In the current situation, there is a [3] tremendous amount of Javascript frameworks ​ and that makes it difficult for a ​ layman to choose the right framework, for the right task and this is something we will try figure out and explain to the reader. Keywords: Javascript, Framework, MV*, Client-side, React, Mithril, Backbone.js, ​ Ember.js 1 PA1426 Revision C, Advanced topic in Web development 2015-11-05 Abstract 1. Introduction 1.1 Background 1.2 Intention 1.3 Method First part Does the framework follow the MV*-pattern? Is the framework popular on google? Have the framework risen in popularity since 2013? Does the framework have any corporation that backs them? Second part 2. Result 2.1 Which frameworks did we select? 2.2 Not included 2.3 React What philosophies have pushed this framework forward? What kind of problem does this framework solve? Which famous products has been created with this framework?
    [Show full text]
  • Enough Documentation Release 2.1.22
    Enough Documentation Release 2.1.22 Enough Community Sep 11, 2021 Infrastructure guide 1 Introduction 3 1.1 Requirements...............................................3 1.2 Quick start................................................4 2 Using Enough 5 2.1 Knowledge................................................5 2.2 Using the cloud or physical machines..................................5 2.3 Installation of the Enough CLI......................................5 2.4 Upgrade.................................................6 2.5 OpenStack Enough instance.......................................6 2.6 libvirt Enough instance..........................................7 2.7 Connecting libvirt and OpenStack Enough instances..........................8 2.8 Create or update a service........................................9 2.9 Restore a service............................................. 10 2.10 OpenStack infrastructure services and access.............................. 10 2.11 Certificates................................................ 11 2.12 OpenStack Attached volumes...................................... 12 2.13 Background tasks............................................. 13 2.14 Access.................................................. 13 2.15 OpenStack backups........................................... 13 2.16 Low level commands........................................... 15 3 Services 17 3.1 Nextcloud................................................ 17 3.2 Forum.................................................. 17 3.3 Mattermost...............................................
    [Show full text]
  • Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development
    J Bus Ethics DOI 10.1007/s10551-017-3504-8 ORIGINAL PAPER Linking Platforms, Practices, and Developer Ethics: Levers for Privacy Discourse in Mobile Application Development 1 2 Katie Shilton • Daniel Greene Received: 10 August 2016 / Accepted: 7 March 2017 Ó The Author(s) 2017. This article is an open access publication Abstract Privacy is a critical challenge for corporate managers who wish to promote ethical practices in mobile social responsibility in the mobile device ecosystem. development. Mobile application firms can collect granular and largely unregulated data about their consumers, and must make Keywords Corporate social responsibility Á Occupational ethical decisions about how and whether to collect, store, ethics Á Privacy Á Qualitative analysis Á Technology ethics and share these data. This paper conducts a discourse analysis of mobile application developer forums to dis- cover when and how privacy conversations, as a repre- Introduction: Investigating Work Dynamics sentative of larger ethical debates, arise during that Impact Privacy Reflection development. It finds that online forums can be useful spaces for ethical deliberations, as developers use these Mobile technologies enable new forms of access to infor- spaces to define, discuss, and justify their values. It also mation and communication. But even as the capabilities of discovers that ethical discussions in mobile development mobile technologies advance, many fail to reflect and are prompted by work practices which vary considerably support the values of their users. Studies demonstrate a between iOS and Android, today’s two major mobile striking discord between user values such as privacy and platforms. For educators, regulators, and managers inter- implementation of these values in mobile technologies ested in encouraging more ethical discussion and deliber- (Martin and Shilton 2015).
    [Show full text]
  • Gradual Write-Barrier Insertion Into a Ruby Interpreter
    Gradual Write-Barrier Insertion into a Ruby Interpreter Koichi Sasada Cookpad Inc. Japan [email protected] Abstract older generation objects (old objects) to younger generation Ruby is a popular object-oriented programming language, objects (young objects) [2, 6]. If we forget to insert even one and the performance of the Ruby garbage collector (GC) di- WB, the young objects may be wrongly collected. Of course, rectly affects the execution time of Ruby programs. Ruby2.0 this would be a critical GC bug. and earlier versions employed an inefficient non-generational If you need to implement a generational GC on an inter- conservative mark-and-sweep GC. To improve this and make preter which does not have WBs yet, how can you implement it a generational collector, it is necessary to introduce write it? One straightforward approach is to completely introduce barriers (WBs), but this requires huge modification to exist- all WBs at once. However, if you cannot modify parts of the ing source code, including third-party C-extensions. To avoid source code writing to objects (e.g., in C-extensions), it is the need for adding WBs around legacy code, we invented a not possible to add all required WBs. new concept called “WB-unprotected objects”, which indi- This was the case for the Ruby interpreter in 2013 and cates to the GC to treat such objects more conservatively. By before. leveraging this design, we were able to improve the perfor- The Ruby object-oriented programming language [4] is mance of Ruby 2.1 with a generational GC and of Ruby 2.2 used worldwide, especially for web application development with an incremental GC while preserving compatibility with with the Ruby on Rails framework [11].
    [Show full text]
  • Discord Music Bot Bad Request
    Discord Music Bot Bad Request MishnaicGuido consult Gabriel creditably. denounces Marc gnostically remains cultured and purblindly. after Tony autolyze well or rotes any riempie. Tremain usually infuriate eighth or revalidated groggily when This comes into discord music bot Botisimo Chatbot & Streamer Tools for Twitch YouTube. We never went through an odd idea but exercise, Built for Developers. To discord bot will mean for gamers and then attempt to malformed syntax. Keep your discord music bots that add localized video that. They were capable of sending stickers videos music locations documents and. 10 Best Discord Music Bots You business Use 2020 Beebom. Show you generate a bot in nature or swaying trees. Skype is deserve of salt high-definition video calls HD calls have clear video quality the audio is in sync and the experience is void as with you're bean in front bench the other person for full-HD Skype calls have some technical requirements. How to record better audio on only phone Popular Science. An automated processes, discord bots is arguably one request? It even when people on discord bot is bad video could not request has a way. But became really shouldn't cause that is one kiss Sends a gif of a fresh for mentioned. How discord bot user requests that have any comments cannot be patience for discord bot! Hydra lets you with critical reviews and not make the discord bot that monitor will code looks like top music, atom a token for membership and make the discord. Block this does not support the requester.
    [Show full text]
  • The E-Government Development Discourse
    The e-Government Development Discourse Analysing Contemporary and Future Growth Prospects in Developing and Emerging Economies Kelvin J. Bwalya The e-Government Development Discourse Analysing Contemporary and Future Growth Prospects in Developing and Emerging Economies Published by AOSIS (Pty) Ltd, 15 Oxford Street, Durbanville 7550, Cape Town, South Africa Postnet Suite #110, Private Bag X19, Durbanville 7551, South Africa Tel: +27 21 975 2602 Fax: +27 21 975 4635 Email: [email protected] Website: https://www.aosis.co.za Copyright © Kelvin J. Bwalya. Licensee: AOSIS (Pty) Ltd The moral right of the author has been asserted. Cover: Original design created with the use of images released under the CCO Creative Commons license. The images are https://pixabay.com/en/analytics-information- innovation-3088958/ and https://pixabay.com/en/cape-town-south-africa-historically-997524/. ISBN: 978-1-928396-55-0 (print) ISBN: 978-1-928396-56-7 (epub) ISBN: 978-1-928396-57-4 (pdf) DOI: https://doi.org/10.4102/aosis.2018.BK71 How to cite this work: Bwalya, K.J., 2018, The e-Government Development Discourse: Analysing Contemporary and Future Growth Prospects in Developing and Emerging Economies, pp. i–296, AOSIS, Cape Town. Printed and bound in South Africa. Listed in OAPEN (http://www.oapen.org), DOAB (http://www.doabooks.org/) and indexed by Google Scholar. Some rights reserved. This is an open access publication. Except where otherwise noted, this work is distributed under the terms of a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International license (CC BY-NC-SA 4.0), a copy of which is available at https:// creativecommons.org/licenses/by-nc-sa/4.0/.
    [Show full text]
  • The Title of the Article
    OHDSI Cloud Architecture Lee D. Evans, LTS Computing LLC, West Chester PA Abstract The OHDSI cloud provides shared computing and collaboration tool services for the diverse global OHDSI community. It has been developed iteratively over a one year time frame based on expanding community needs. The OHDSI cloud has been operationally very stable and satisfies the performance and operational budget constraints. Declaration of Interests LTS Computing LLC delivers commercial IT projects/services for Life Sciences clients, including pharmaceutical companies. Introduction The OHDSI cloud supports five groups of services: OHDSI Community global collaboration tools Continuous integration build and automated deployment of OHDSI applications OHDSI applications sandbox/demonstration environments running the OHDSI WebAPI OHDSI LAERTES knowledge base ETL operational environment OHDSI research network data repository Infrastructure Ubuntu LTS 14.04 server images running on m3 medium EC2 servers in Amazon AWS. Windows 2012 server image running on an m3 medium server to support Windows based OHDSI tool continuous integration builds. PostgreSQL 9.3 databases running on Amazon EC2 and RDS. OHDSI Community global collaboration tools WordPress Web Site, Dokuwiki Wiki, Discourse Forums. Continuous integration build and automated deployment of OHDSI applications Linux builds are executed using Travis CI software as a service. Windows builds are executed on an AWS hosted Jenkins server. The builds and automated deployments are automatically triggered when new code is pushed to the OHDSI GitHub master repositories. OHDSI applications sandbox/demonstration environments running the OHDSI WebAPI The OHDSI web applications are automatically deployed to Tomcat and Apache servers running within Docker containers. Docker volumes are shared with the Amazon EC2 host servers for persistent storage.
    [Show full text]
  • Apple Report.Pdf
    Bachelor thesis, premaster New Media & Digital Culture, Utrecht University Author: Ryanne Turenhout (3555224) Date: January 28, 2011 Supervisor: Dr. I.O. de Vries Keywords: apple, google, open, closed, platforms, operating systems Android vs. iOS A critical analysis of the open vs. closed debate between Google and Apple Introduction On October 18th, 2010 Steve Jobs, CEO of Apple, made a rare appearance at the 4th quarter 2010 earning call of Apple. He publicly spoke out against Google Android and said, “Google loves to characterize Android as open, and iOS and iPhone as closed. We find this a bit disingenuous and clouding the real difference between our two approaches” (Snell, 2010). He went on to say that the real debate lies in ‘fragmented vs. integrated’. Android is very fragmented, has 100 different versions on 244 different handsets and the user is left to figure out how the Operating System (OS) works. This as opposed to the iPhone where every handset works the same and uses proprietary software with an integrated App Store (Snell, 2010). Briefly, the debate is between Android and iOS, both trying to dominate the mobile market. Android is open source and the iPhone uses the closed source iOS. The two different approaches, open and closed, are at the centre of the debate. The statement of Steve Jobs already implies the importance of this ongoing debate between open and closed mobile platforms. Tim Berners- Lee further shows the importance of this debate in a recent article, ‘Long Live the Web: A Call for Continued Open Standards and Neutrality’. In this article he said the following: [Not] using open standards creates closed worlds.
    [Show full text]
  • Sound, Heuristic Type Annotation Inference for Ruby
    Sound, Heuristic Type Annotation Inference for Ruby Milod Kazerounian Brianna M. Ren Jeffrey S. Foster University of Maryland University of Maryland Tufts University College Park, Maryland, USA College Park, Maryland, USA Medford, MA, USA [email protected] [email protected] [email protected] Abstract Keywords: type inference, dynamic languages, Ruby Many researchers have explored retrofitting static type sys- ACM Reference Format: tems to dynamic languages. This raises the question of how Milod Kazerounian, Brianna M. Ren, and Jeffrey S. Foster. 2020. to add type annotations to code that was previously untyped. Sound, Heuristic Type Annotation Inference for Ruby. In Proceed- One obvious solution is type inference. However, in com- ings of the 16th ACM SIGPLAN International Symposium on Dynamic plex type systems, in particular those with structural types, Languages (DLS ’20), November 17, 2020, Virtual, USA. ACM, New type inference typically produces most general types that York, NY, USA, 14 pages. https://doi.org/10.1145/3426422.3426985 are large, hard to understand, and unnatural for program- mers. To solve this problem, we introduce InferDL, a novel Ruby type inference system that infers sound and useful type 1 Introduction annotations by incorporating heuristics that guess types. Many researchers have explored ways to add static types to For example, we might heuristically guess that a parame- dynamic languages [3, 4, 15, 19, 29, 31, 36, 37], to help pro- ter whose name ends in count is an integer. InferDL works grammers find and prevent type errors. One key challenge by first running standard type inference and then applying in using such retrofitted type systems is finding type anno- heuristics to any positions for which standard type infer- tations for code that was previously untyped.
    [Show full text]
  • Producing Open Source Software How to Run a Successful Free Software Project
    Producing Open Source Software How to Run a Successful Free Software Project Karl Fogel Producing Open Source Software: How to Run a Successful Free Software Project by Karl Fogel Copyright © 2005-2017 Karl Fogel, under the CreativeCommons Attribution-ShareAlike (4.0) license. Version: 2.3088 Home site: http://producingoss.com/ Dedication This book is dedicated to two dear friends without whom it would not have been possible: Karen Under- hill and Jim Blandy. i Table of Contents Preface ............................................................................................................................. vi Why Write This Book? ............................................................................................... vi Who Should Read This Book? .................................................................................... vii Sources ................................................................................................................... vii Acknowledgements ................................................................................................... viii For the first edition (2005) ................................................................................ viii For the second edition (2017) ............................................................................... x Disclaimer .............................................................................................................. xiii 1. Introduction ...................................................................................................................
    [Show full text]
  • Global Discourse and Local Practice: a Study of the Role of Open Source Software in Schoolnet Nambia Magnus Berquist Gothenburg University, [email protected]
    Association for Information Systems AIS Electronic Library (AISeL) Americas Conference on Information Systems AMCIS 2005 Proceedings (AMCIS) 2005 Global Discourse and Local Practice: A Study of the Role of Open Source Software in SchoolNet Nambia Magnus Berquist Gothenburg University, [email protected] Carolina Hafstroem Gothenburg University, [email protected] Jessica Hofbauer Gothenburg University, [email protected] Follow this and additional works at: http://aisel.aisnet.org/amcis2005 Recommended Citation Berquist, Magnus; Hafstroem, Carolina; and Hofbauer, Jessica, "Global Discourse and Local Practice: A Study of the Role of Open Source Software in SchoolNet Nambia" (2005). AMCIS 2005 Proceedings. 45. http://aisel.aisnet.org/amcis2005/45 This material is brought to you by the Americas Conference on Information Systems (AMCIS) at AIS Electronic Library (AISeL). It has been accepted for inclusion in AMCIS 2005 Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact [email protected]. Bergquist et al. Global Discourse and Local Practice Global Discourse and Local Practice: A Study of the Role of Open Source Software in SchoolNet Namibia Magnus Bergquist Carolina Hafström Department of Informatics, Gothenburg Department of Informatics, Gothenburg University, Sweden University, Sweden [email protected] [email protected] Jessica Hofbauer Department of Informatics, Gothenburg University, Sweden [email protected] ABSTRACT
    [Show full text]
  • Ember.Js Front-End Framework – SEO Challenges and Frameworks Comparison
    Ember.js front-end framework – SEO challenges and frameworks comparison Sunil Shrestha Bachelor’s Thesis Degree Program in BITe October 2015 Abstract Author Group Sunil Shrestha BITE10S Title of report Report pages Ember.js front-end framework – SEO challenges and frameworks 43+4 comparison Supervisor Juhani Välimäki IWA Labs Oy, a Finnish company with extensive experience in modern information technology provides professional service in Search Engine Optimization (SEO), online marketing as well as develop mobile and web applications for its clients. In order to provide smooth and better user experience with web applications, the company has adapted front-end dedicated frameworks such as AngularJS, Backbone.js, etc. Therefore, the company is interested in Ember.js– another emerging front-end framework that was first released in 2011. The paper aims to study over current development of Ember.js and compare it with alternative frameworks based on community popularity and their core features. Furthermore, it also addresses some of the most common SEO challenges from Ember.js standpoint. The comparison of frameworks is based on various metrics of each framework such as GitHub stars, commits history, available plugins, Stack Overflow questions, Google trend over time etc. Additionally, core features are also discussed in terms of Model- View-Controller (MVC) pattern. On the other hand, possible solutions for most common SEO challenges in Ember.js are studied and tested via a sample application. Based on the community popularity, AngularJS is clearly proven to be the most popular framework. Nonetheless, based on GitHub commits and other metrics, Ember.js can be taken equally an active and fast growing project.
    [Show full text]