Towards an Environment for doing Data Science that runs in Browsers

International audience—This article proposes a path for doing Data Science using browsers as computing and data nodes. This novel idea is motivated by the cross-fertilized fields of desktop grid computing, data management in grids and clouds, Web technologies such as Nosql tools, models of interactions and programming models in grids, cloud and Web technologies. We propose a methodology for the modeling, analyzing, implemention and simulation of a prototype able to run a MapReduce job in browsers. This work allows to better understand how to envision the big picture of Data Science in the context of the Javascript language for programming the middleware, the interactions between components and browsers as the operating system. We explain what types of applications may be impacted by this novel approach and, from a general point of view how a formal modeling of the interactions serves as a general guidelines for the implementation. Formal modeling in our methodology is a necessary condition but it is not sufficient. We also make round-trips between the modeling and the Javascript or used tools to enrich the interaction model that is the key point, or to put more details into the implementation. It is the first time to the best of our knowledge that Data Science is operating in the context of browsers that exchange codes and data for solving computational and data intensive programs. Computational and data intensive terms should be understand according to the context of applications that we think to be suitable for our system

Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet

Pando: Personal Volunteer Computing in Browsers

The large penetration and continued growth in ownership of personal electronic devices represents a freely available and largely untapped source of computing power. To leverage those, we present Pando, a new volunteer computing tool based on a declarative concurrent programming model and implemented using JavaScript, WebRTC, and WebSockets. This tool enables a dynamically varying number of failure-prone personal devices contributed by volunteers to parallelize the application of a function on a stream of values, by using the devices' browsers. We show that Pando can provide throughput improvements compared to a single personal device, on a variety of compute-bound applications including animation rendering and image processing. We also show the flexibility of our approach by deploying Pando on personal devices connected over a local network, on Grid5000, a French-wide computing grid in a virtual private network, and seven PlanetLab nodes distributed in a wide area network over Europe.Comment: 14 pages, 12 figures, 2 table

Virtual Institutes: Between Immersion and Communication

In the two expressions "virtual reality" and "virtual community", the term "virtual" has different meanings. A virtual reality is a depiction or, more generally speaking, a sensuous representation of reality that allows - mainly by means of interactivity - to experience various features of reality without actually being in contact with the reality depicted. Therefore, any interactive depiction that is able to imitate reality to such an extent that a high degree of sensory-motor immersion becomes possible is called a virtual reality (Heim 1998, 6f). Since reality is always much more complex than its depiction and full of unpredictable surprises, hardly ever a user has doubts about the difference between the depiction and the thing depicted. Nevertheless, there are good reasons for preferring the imitation to the reality: at least, the imitation is usually not as dangerous as reality sometimes turns out to be. Accordingly, quite different platforms for virtual institutes may be used emphasizing either the immersion aspect or the communication aspect. The decision for a platform depends on the goals pursued with the institute: text-based chat systems allow virtual communities to flourish, single-user VRML scenes convey a highly immersive 3D impression to its users. This is particularly true for virtual institutes realized as a 3D environment, as well as for corresponding virtual communities since 3D environments are adequate for certain tasks only. As an overall framework for the evaluation it is helpful to distinguish three major application areas: research, presentation, and communicative work. The Virtual Institute for Image Science (VIB), which we would like to describe in the following (3) as a case study, is almost exclusively designed for the third task: communicative working. It intends to provide a working space persons can share for joint projects despite being physically separated. Before describing the VIB in more detail we would like to give an overview of virtual institutes between the poles of realistic immersion and of communication in a community (2). The discussion of the case study leads to some more general considerations about the balance virtual institutes must find along that bi-polar dimension (4). In the concluding remarks we focus on the technical tools for virtual communities in 3D presently available

ADsafety: Type-Based Verification of JavaScript Sandboxing

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source. We use a novel type system for JavaScript to encode and verify sandboxing properties. The resulting verifier is lightweight and efficient, and operates on actual source. We demonstrate the effectiveness of our technique by applying it to ADsafe, which revealed several bugs and other weaknesses.Comment: in Proceedings of the USENIX Security Symposium (2011

A Methodology for Information Flow Experiments

Information flow analysis has largely ignored the setting where the analyst has neither control over nor a complete model of the analyzed system. We formalize such limited information flow analyses and study an instance of it: detecting the usage of data by websites. We prove that these problems are ones of causal inference. Leveraging this connection, we push beyond traditional information flow analysis to provide a systematic methodology based on experimental science and statistical analysis. Our methodology allows us to systematize prior works in the area viewing them as instances of a general approach. Our systematic study leads to practical advice for improving work on detecting data usage, a previously unformalized area. We illustrate these concepts with a series of experiments collecting data on the use of information by websites, which we statistically analyze