software security bank
TRANSCRIPT
-
8/13/2019 Software Security bank
1/28
USER GUIDE- SECURE BANKING
SYSTEM
Group 2 Sun Devil Bank of Arizona State
Group 2:
- Aniket Bharati
- Aniket Patil
- Clinton Dsouza
- MohanRaj Balamuri
- Pradyothan Adamala- Wonkyu Han
-
8/13/2019 Software Security bank
2/28
User-guide: Sun Devil Bank ofArizona State
1 | P a g e
Contents
1. Overview ............................................................................................................................................... 3
1.1 Purpose of User guide .................................................................................................................. 3
1.2 How to use this user guide? ......................................................................................................... 3
1.3 Convention in this user guide ...................................................................................................... 4
1.4 Recommended reading. ............................................................................................................... 4
2. Overview of the system ................................................................................................................... 4
2.1 Why use the system? ................................................................................................................... 4
2.2 Introduction to the system .......................................................................................................... 5
2.3 Terminology used in the system .................................................................................................. 6
3. Sub-system : Login functionality.......................................................................................................... 6
3.1 Introduction .................................................................................................................................. 6
3.2 Introduction to System ................................................................................................................ 6
3.3 System GUI ................................................................................................................................... 6
4 Sub-system: Create Account for External Users.................................................................................. 7
4.3 Introduction .................................................................................................................................. 7
4.4 System functionality..................................................................................................................... 8
4.5 System GUI ................................................................................................................................... 9
5 Sub-system: Create Account for Internal Users .............................................................................. 9
5.3 Introduction .................................................................................................................................. 9
5.4 System functionality................................................................................................................... 10
5.5 System GUI ................................................................................................................................. 10
6 Sub-system: Corporate Level Management official.......................................................................... 11
6.3 Introduction ................................................................................................................................ 11
6.4 System functionality................................................................................................................... 11
6.5 System GUI ................................................................................................................................. 12
7 Sub-system: Department manager.................................................................................................... 12
7.3 Introduction ................................................................................................................................ 127.4 System functionality................................................................................................................... 13
7.5 System GUI ................................................................................................................................. 13
8 Sub-system: Sales employee.............................................................................................................. 14
8.3 Introduction ................................................................................................................................ 14
8.4 System functionality................................................................................................................... 14
-
8/13/2019 Software Security bank
3/28
User-guide: Sun Devil Bank ofArizona State
2 | P a g e
8.5 System GUI ................................................................................................................................. 15
9 Sub-system: IT regular employee ...................................................................................................... 16
9.3 Introduction ................................................................................................................................ 16
9.4 System functionality................................................................................................................... 16
9.5 System GUI ................................................................................................................................. 16
10 Sub-system: Transaction monitoring Employee ........................................................................... 17
10.3 Introduction ................................................................................................................................ 17
10.4 System functionality................................................................................................................... 17
10.5 System GUI ................................................................................................................................. 18
11 Sub-system: Company Management Employee ........................................................................... 18
11.3 Introduction ................................................................................................................................ 18
11.4 System functionality................................................................................................................... 18
11.5 System GUI ................................................................................................................................. 19
12 Sub-system: System Administrator ............................................................................................... 19
12.3 Introduction ................................................................................................................................ 19
12.4 System functionality................................................................................................................... 19
12.5 System GUI ................................................................................................................................. 20
13 Sub-system: Individual User .......................................................................................................... 21
13.3 Introduction ................................................................................................................................ 21
13.4 System functionality................................................................................................................... 21
14.3 Introduction ................................................................................................................................ 23
14.4 System functionality................................................................................................................... 23
14.5 System GUI ................................................................................................................................. 23
14 Appendix
14.1 Instllation25
14.2 Starting The Application.26
14.3 Credentials for Testers27
-
8/13/2019 Software Security bank
4/28
-
8/13/2019 Software Security bank
5/28
User-guide: Sun Devil Bank ofArizona State
4 | P a g e
By first reading and understanding the system overview and then proceeding towards
understanding each sub-system the user will be able to obtain a well-rounded understanding of
the SBS.
1.3Convention in this user guideThe formatting and convention used in this guide is hierarchically set up to the reader a high
lever overview of the system and then drill down to the finer details of each sub-system
architecture, user interface and use case scenarios for each functionality.
Finally, the guide also gives detailed instructions on the configurations of the system, what
components are required for a successful installation and what procedures need to be followed
to completely install the web application on a server with a functioning secure database.Additionally, as will all systems there are bound to be errors and problems with initial
installation if all steps are not followed and correct dependency modules not installed, thus the
final section of this user guide focuses on trouble shooting error and problems if they were to
occur when installing and starting the system.
1.4Recommended reading.The sources will provide a base foundation into understanding the considerations and thoughts
that went into implementing the system. Additionally, these sources also give detailed
information on the framework and system configuration upon which the web application is
hosted.
2. Overview of the system2.1Why use the system?
The Secure Banking System, is a one stop online banking system for personal bankers providing
them the ability to credit, debit and transfer money from their checking and savings account. In
addition to basic functionalities, this application also provides users with the ability to authorize
payments to merchants or organizations that a user has availed services from, thus allowing for
secure and easy of payment to third party merchants.
Additionally, the system design accommodates for secure banking functionalities, such as the
SSL/TLS implementations on the web server, One Time Password implementation for first time
logins to authenticate the use, secure digital certificates to authenticate the identity of users
-
8/13/2019 Software Security bank
6/28
User-guide: Sun Devil Bank ofArizona State
5 | P a g e
making payment and also stringent access control policies to protect use accounts from not only
external access but also internal access by unauthorized employees.
In addition to providing secure banking functionalities to external users / clients, the banking
application also provides internal users namely employees with a platform to perform daily
functions of their job as well as provide support services to customers using the online banking
system. The support services could range from creating an account to deleting an unauthorized
transaction in the event of an identity theft incident.
Given the multi-functional aspect of this system coupled with the secure functionalities
implemented to protect user identity and maintain data integrity , this system provides a better
solution and secure foundation for users to trust and perform their online banking daily tasks.
2.2 Introduction to the systemThe system has been designed for use by three different users:(i) External Client ( Personal online banking users)(ii) Merchants / Organizations ( third party companies)(iii) Internal employees(corporate users hired by the Bank)Each user has a set of functionalities that have been determined by the team and incorporated
into the system. System is designed to be highly robust, and to have a high uptime capability.
Each subsystem described in this guide has a set of unique functionalities with its own user
interface to allow for ease of use.
All users intending to use the SBS application will need to create a user account and will be
assigned a role based on their credentials. For example, employees will be assigned an
employee id with which they will be identified and access level authorization will be determined
based on their role by the system administrator. Once the user has been authorize as a valid
customer by the system, they will be able to access their account and the associated modules or
functionalities with their role.
Based on the users system accessibility, external clients will be able to perform transactionssuch as credit, debit and transfer of money from, to and within their account. Merchants will be
able to submit user authorized payments for services provided to a user of the bank. Finally,
internal employees based in different departments will be able to perform functionalities based
on their role and department in the Bank including providing technical and transaction support
to the bank customers. The number of concurrent logins of a single user from different systems
-
8/13/2019 Software Security bank
7/28
User-guide: Sun Devil Bank ofArizona State
6 | P a g e
is set to a maximum of 2.This is to prevent conflict of user queries, requests and makes it more
secure.
2.3Terminology used in the systemThe guide is written with the purpose to explain a complex system to novice users. However,
certain terminologies which would be helpful to know are:
- One Time Password: Refers to a one time generated password used for various purposes butmainly to securely authenticate users.
- Denial of Service is a type of attack on systems which technically overloads the server withrequests such that it is not able to cope and ultimately denies service to authorized users.
- Encryption: The process of encoding messages such that they cannot be broken into.- Digital certificates: electronically signed documents which establishes the authenticity of the
credentials, requests of the users or business making a transaction online.
3. Sub-system : Login functionality3.1 IntroductionThe purpose of the login page is to authenticate and validate authorized users and direct them to
their respective home page. If u enter the wrong password for a certain number of times, the
system locks the user and he needs to request for a new password.
3.2 Introduction to System There is one table with the pass keys stored for the internal and the external users each
uniquely identified.
The idea is the users already go to the bank and get a onetime pass key and use it to create anonline account.
The passkey table has a column which identifies whether the user is an internal user or externaluser.
When a user tries to register an account for the first time. He enters the pass key. The first taskis the pass key being validated in the database. If a valid pass key is found then the system
allows to navigate to the account creation page.
3.3System GUIThe UI for Register is as follows. The user will enter a onetime pass key provided for registration.
-
8/13/2019 Software Security bank
8/28
-
8/13/2019 Software Security bank
9/28
User-guide: Sun Devil Bank ofArizona State
8 | P a g e
The External users will get a pass key from the sales department of the bank to create their user
account. Once they enter their passkey and hit register button on login page, they will be redirected
to the registration page. Here the user enters his details along with the security questions and
submits the form. The passkey has the corresponding bank account number of the user. So all these
details will be saved corresponding bank account number of the user and pass key will be deleted
for security reasons. The same applies to the internal users as-well except that they have to verify
the pre-populated employee id, department and designation at the end of the form. Once
submitted, the external users should be able to login after entering OTP for their first login. But for
the internal users, once the form is submitted, a request will be populated in system administrators
queue for approval. Once he approves the request, the internal user can also login to the system.
4.4System functionality4.4.1 Both internal and external users will be given a passkey to create their user accounts4.4.2 The passkey is used to get them to the registration page where they have to complete
the form and submit it to be registered successfully.
4.4.3 The internal users have to verify that their employee id, department and designation(pre-populated) are correct, before submitting the form.
4.4.4 As the passkey is stored along with the users account number, these details are pushedinto the users table along with their account number.
4.4.5 Once the registration is completed successfully, the passkey will be deleted.4.4.6 The External users can now login with their credentials whereas the internal users have
to wait till the System Administrator approves their request.
4.4.7 The following are the class diagrams associated with this functionality:
-
8/13/2019 Software Security bank
10/28
User-guide: Sun Devil Bank ofArizona State
9 | P a g e
4.5System GUI
5 Sub-system: Create Account for Internal Users5.3 IntroductionThe Internal users will get a pass key from the HR department of the bank to create their user
account. Once they enter their passkey and hit register button on login page, they will be redirected
to the registration page. Here the user enters his details along with the security questions and
submits the form. The passkey has the corresponding bank account number of the user. So all these
details will be saved corresponding bank account number of the user and pass key will be deleted
for security reasons and an OTP will be generated. Once submitted, the internal users should be able
to login after entering OTP for their first login. But for the internal users, once the form is submitted,
-
8/13/2019 Software Security bank
11/28
User-guide: Sun Devil Bank ofArizona State
10 | P a g e
a request will be populated in system administrators queue for approval. Once he approves the
request, the internal user can also login to the system.
5.4System functionality5.4.1 Both internal and external users will be given a passkey to create their user accounts5.4.2 The passkey is used to get them to the registration page where they have to complete
the form and submit it to be registered successfully.
5.4.3 The internal users have to verify that their employee id, department and designation(pre-populated) are correct, before submitting the form.
5.4.4 As the passkey is stored along with the users account number, these details are pushedinto the users table along with their account number.
5.4.5 Once the registration is completed successfully, the passkey will be deleted.5.5The External users can now login with their credentials whereas the internal users have to wait
till the System Administrator approves their request.
5.6System GUIFollowing is the UI screen for a corporate level employee.
-
8/13/2019 Software Security bank
12/28
User-guide: Sun Devil Bank ofArizona State
11 | P a g e
6 Sub-system: Corporate Level Management official6.3 Introduction
A corporate level official is a high authority official is responsible for all the departments.
A corporate level management can perform functions of adding an internal employee, deleting
an internal employee, searching an internal employee and transferring an internal employee.
The corporate level official is responsible for the following five departments in the Sun Devil
Bank of Arizona State:
1. Sales2. IT and Technical Support3. Transactions Monitoring4. Human Resources5. Company Management
6.4System functionalityThe corporate level official will perform the following functionalities:
a. A corporate level official will be able to log into his account and see tabs for the entiredepartment.
b. The corporate level official will be able to view all critical requests made by managersassociated with all the departments. The corporate level official will have the authority toapprove or deny these requests.
c. The corporate level official can also submit a critical request of deleting an employee whichwill need approval from other corporate level employees.
d. The corporate level employee can add an internal employee, delete an internal employee,search from an internal employee and transfer an internal employee.
-
8/13/2019 Software Security bank
13/28
User-guide: Sun Devil Bank ofArizona State
12 | P a g e
e.) Vice president & president can request for PII authorizationwhich is the details of
external user along with SSN.CEO can authorize this request.
6.5System GUIFollowing is the UI screen for a corporate level employee.
7 Sub-system: Department manager7.3 Introduction
A department manager is a person working for the Bank, who is in-charge of a particular
department which performs a unique function and provided services to clients and employees.
Like a corporate level management a Department manager performs functions similar to them
which included authorizing user / employee account creation, deletion or transfer.
There are five departments in the Sun Devil Bank of Arizona State:
1. Sales2. IT and Technical Support3. Transactions Monitoring4. Human Resources5. Company Management
-
8/13/2019 Software Security bank
14/28
User-guide: Sun Devil Bank ofArizona State
13 | P a g e
A manager associated with any of these departments is responsible for authorizing critical
transactions which could include employee account creation, transfer and deletion. However a
Department Mangers authorization has to be approved by an associated corporate level
management. However the influence of managersaccess is limited to the assigned department.
They can also view all transactions internal and external associated with their department, void
any public Users/ Merchants personal identifiable information which will not be disclosed to
the manager unless proper authorization has been given.
7.4System functionalityThe system to support the department managers will perform the following functionalities:
e. A department manager for a specific department will be able to log into his account whichwill bring up an overview page associated with only his department.
f. The department manager will be able to view all critical requests made my employeesassociated with his department and other transactions which are associated with his
department. The manager will have the authority to approve or deny these requests.
g. The department manager will also have an interface search for users in his department andperform actions such as delete and transfer. However these actions need to be authorized
by corporate level management.
h. The department manager can also add internal users to his department by searching theirname and/or employee id.
7.5System GUIThe design of the GUI for the Department manager was kept simplistic, with the most important
features being displayed on the first page.
-
8/13/2019 Software Security bank
15/28
User-guide: Sun Devil Bank ofArizona State
14 | P a g e
Fig 7.1- Department Manager Overview Scree for Sales department
Figure 7.1 displays the overview screen for a department manager in the sales department. All
other department managers will have the same screen overview with the associated
department contents filled into the screen.
8 Sub-system: Sales employee8.3 Introduction
Sales Employee is a type of regular employee who belongs to the Sales Department and
responsible for making banking operations in his respective department. When a user requests
for a credit card, it is the sales employee who receives that request. It is his responsibility to
approve/reject the request upon his verifications. The table entries are populated from the
external users transaction tables with the filet of credit card on the transaction type column.
He can also raise requests to IT department for system maintenance issues.
8.4System functionalityThe Sales Employee will perform the following functionalities:
1. A Sales Employee will be able to log into his account.2. Once he logs in, he finds a queue which consists of the credit card requests from the users.
-
8/13/2019 Software Security bank
16/28
User-guide: Sun Devil Bank ofArizona State
15 | P a g e
3. Upon his verifications, he may approve/reject a request.4. He can see the UI where he can raise requests to IT department for system maintenance
issues.
8.5System GUI
-
8/13/2019 Software Security bank
17/28
User-guide: Sun Devil Bank ofArizona State
16 | P a g e
9 Sub-system: IT regular employee9.3 Introduction
IT regular Employee is a type of regular employee who belongs to the IT Department and
responsible for making System maintenance operations for all the internal users. When an
internal user requests for a system maintenance operation, it is the IT employee who receives
that request. It is his responsibility to approve the request once he completes the system
maintenance operation.
9.4System functionalityAn IT Employee will perform the following functionalities:
1. An IT Employee will be able to log into his account.2. Once he logs in, he finds a queue which consists of the system maintenance operation
request from the internal users.3. He approves the request once he completes the system maintenance operation.
9.5System GUI
-
8/13/2019 Software Security bank
18/28
User-guide: Sun Devil Bank ofArizona State
17 | P a g e
10 Sub-system: Transaction monitoring Employee10.3 Introduction
A Transaction monitoring Employee is a type of regular employee who belongs to the
Transaction monitoring Department and responsible for making banking operations in
his respective department. He can view, create, modify, delete and authorize
transactions upon having necessary authorization from the users and/or merchants. He
does not have access privilege to view or modify any user account unless he/she has
been authorized to do so. He can access transactions related to his/her department with
necessary authorization from users/merchants or respective department managers. He
can also raise requests to IT department for system maintenance issue.
10.4 System functionalityA Transaction Monitoring Employee will perform the following functionalities:
1. A Transaction monitoring Employee will be able to log into his account.2. Once he logs in, he finds a queue which consists of the transaction requests from
the users.
3. Depending upon the request from the user, he can create a new transaction orview/modify/delete a transaction using the transaction id provided in the request.
4. As the user is submitting the request to view/create/modify/delete a transaction, itis by default authorized by the user to perform the operation by the Transaction
monitoring employee.
5. An employee can also receive a authorize a transaction request when a usertransfers an amount which is greater than the maximum amount per day.
6. There are few cases where the employee has to search and view a transaction. Insuch cases, the employee will send an authorization request to the user to view his
transaction.
7. He can see the UI where he can raise requests to IT department for systemmaintenance issues.
8. If a transaction monitoring employee deletes a transaction, the transaction is rolledback.
-
8/13/2019 Software Security bank
19/28
User-guide: Sun Devil Bank ofArizona State
18 | P a g e
10.5 System GUI
11 Sub-system: Company Management Employee11.3 Introduction
A Company Management Employee is a type of regular employee who belongs to the
Company Management Department and responsible for scheduling meetings. When a
user requests to schedule a meeting, it is the company management employee who
receives that request. It is his responsibility to approve/reject the request upon his
verifications so that no meeting time clashes with another. He can also raise requests to
IT department for system maintenance issues.
11.4 System functionalityA Company management employee can perform the following functionalities:
1. A company management Employee will be able to log into his account.2. Once he logs in, he finds a queue which consists of the schedule meeting requests
from the users.
3. Upon his verifications, he may approve/reject a request so that no meeting timeclashes with another.
-
8/13/2019 Software Security bank
20/28
User-guide: Sun Devil Bank ofArizona State
19 | P a g e
4. He can see the UI where he can raise requests to IT department for systemmaintenance issues.
11.5 System GUI
12 Sub-system: System Administrator12.3 IntroductionSystem Administrator is an Internal User which has kind of highest authority in the Banking System
as far as data creation and access is concerned. Any of the internal users of any designation when
they want to modify/create/delete any user account need to first send request to the system
administrator and if granted they will be able to do so.
The System administrator can add, modify or delete any user account with proper authorization.
Plus the system administrator can view the System log files, the passcodes which are required byany user to create account, as well as the RBAC files which consist of the roles/ privileges being to
different internal users.
12.4 System functionalityThe System Administrator will be provided with the following functionalities:
-
8/13/2019 Software Security bank
21/28
User-guide: Sun Devil Bank ofArizona State
20 | P a g e
1) Any Internal Users Request to add, modify, delete any new External User goesto the System Administrator for approval.
2) The System Administrator can view, grant or delete the above requestsinvolving internal or external user.
3) The System Administrator can request access to the Internal or External useraccounts and if granted permission can modify or delete the accounts.
4) System Administrator can themselves add a new internal or external user.5) Each activity of System Administrator will generate an entry in the log file.6) Only the System Administrator can view the log file as it is password protected
for System Administrator access.
7) The System Administrator can access the passcodes which are necessary for theaccount generation as well as they can view RBAC (Role Based access control)information which contains the access and privileges details for each of the
internal users.
12.5 System GUI
-
8/13/2019 Software Security bank
22/28
User-guide: Sun Devil Bank ofArizona State
21 | P a g e
13 Sub-system: Individual User13.3 Introduction
An Individual User is a customer of the bank. In general, Individuals having bank activities, each
of whom have a user account for performing personal banking transactions such as personal
fund transfer, debit card and credit from personal user account. He can also authorize bank
officials to review transactions on accounts he/she is responsible for. If the transaction is above
1000$, then a certificate is generated by the system private to the user and send to him via
email. In order for the transaction to be completed the user should upload the certificate in
banking website for validating that user has requested for such a transaction. The certificate is
secure as we will not run the file on the system, we will just compare its value.
13.4 System functionalityAn Individual user when logs on can see the Account number, Current Balance and list of
transactions. An Individual User can credit, debit, transfer funds from a account to other account
and he can request credit card.
13.5 System GUI
When the user loginshe can see the following information.
-
8/13/2019 Software Security bank
23/28
User-guide: Sun Devil Bank ofArizona State
22 | P a g e
He can transfer money from his account to others by specifying his account no and the money to be
transferred.
He can see a list of transactions which he has done upon request.
-
8/13/2019 Software Security bank
24/28
User-guide: Sun Devil Bank ofArizona State
23 | P a g e
14 Sub-system: Merchants/ External organizations14.3 Introduction
Merchants can initiate new transaction to sell their goods. In order to submit transaction
request, SDBAS demands customers digital signature to validate the transaction and then sends
it to corresponding internal user i.e., a employee of transaction monitoring department.
Through this public key infrastructure, SDBAS can verify users identity as well as validity of
digital certificate that is used to make digital signature.
System functionality
The system to support the merchants/external organizations will perform the following
functionalities:
a. A merchant is same as (external) individual user except one additional function which caninitiate payment transaction.
b. In order to validate customers identity who is willing to pay money for goods, customeruses his/her digital certificate to apply new transaction. To sign the transaction
electronically, transaction message is encrypted by customers private key.
c. The department manager who is in charge of transaction monitoring department will beable to view transaction requests by decrypting with customers public key.
d. If digital signature is not valid, SDBAC system notifies error message to the merchant andrecords it to log file.
e. The department manager is able to view transaction request which is made by merchantsand may send it back to make merchants review one more time.
f. If the transaction has no problem, the department manager will approve its transaction sothat corresponding amount of money will be transferred from customers account to
merchants account.
14.4 System GUI
-
8/13/2019 Software Security bank
25/28
-
8/13/2019 Software Security bank
26/28
User-guide: Sun Devil Bank ofArizona State
25 | P a g e
Obtain the WAR file attached in the source code submission anddeploy it into Tomcat by placing it in the web-apps folder of Tomcat.
Install Avast Internet Security which will handle the incomingconnections and provide heuristic and sandbox support to malicious
software or communication attempting to infiltrate the server.
Once the system is installed depending on the location enter theURL following by /SecureOnlineBanking.
This will bring you to the Welcome page of the application. You can then begin registering your account. As with every Banking application a passkey is required validate
user. A list of passkeys has been provided in this document for users
testing.
All accounts can be handled by the Admin. By default, the Adminaccount will already be created and the credentials are provided
below.
Appendix C will detail all the required initial user credentials tosuccessfully test the system.
B. Starting the application And Trouble-shooting. From the server-side, start the apache tomcat server which has the
deployed WAR file, now the application is started from the server side.
For the clients who are bank customers, we give the URL of ourapplication and he enters this URL in his browser and starts using the
various functionalities of the bank application.
To stop the bank application we just stop the apache tomcat from theserver side.
If we face any trouble in the application, we clean the apache tomcatserver and we restart the server.
Before starting the application we set the apache tomcat timeout starttime to 100sinstead of 45s and we enable security in server options.
-
8/13/2019 Software Security bank
27/28
User-guide: Sun Devil Bank ofArizona State
26 | P a g e
If the bank customers have a problem accessing the webpage then theymay try reloading it or try it on a new browser .If the problem persists
then inform the admin about the problem.
Make sure the Avast internet Security is turned on as it handles themalicious software or communication trying to infiltrate the system.
The machine hosting the server should be active after the application isdeployed and until it is removed.
C. Credentials For testers.Internal Users
1.)SysAdmin
UsernameTestAdmin
PasswordQwerty@2
Security Question - What is your favourite movie? Answer : MI.
2.)CEO
Username-CEOtest
PasswordQwerty@2
Security Question - What is your favourite movie? Answer : MI2.
3.)president
Username - president
PasswordQwerty@2
4.)vicepresident
Usernamevicepresident
PasswordQwerty@2.
External User
The link to the passkeys is given below:
-
8/13/2019 Software Security bank
28/28
User-guide: Sun Devil Bank ofArizona State
https://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-
4heWqiBKPNlMm1kPphuJWC4k/edit
https://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-4heWqiBKPNlMm1kPphuJWC4k/edithttps://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-4heWqiBKPNlMm1kPphuJWC4k/edithttps://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-4heWqiBKPNlMm1kPphuJWC4k/edithttps://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-4heWqiBKPNlMm1kPphuJWC4k/edithttps://docs.google.com/a/asu.edu/document/d/10ACiS5rdrrwt7XpQ5c-4heWqiBKPNlMm1kPphuJWC4k/edit