9,650 research outputs found
Towards an Environment for doing Data Science that runs in Browsers
International audience—This article proposes a path for doing Data Science using browsers as computing and data nodes. This novel idea is motivated by the cross-fertilized fields of desktop grid computing, data management in grids and clouds, Web technologies such as Nosql tools, models of interactions and programming models in grids, cloud and Web technologies. We propose a methodology for the modeling, analyzing, implemention and simulation of a prototype able to run a MapReduce job in browsers. This work allows to better understand how to envision the big picture of Data Science in the context of the Javascript language for programming the middleware, the interactions between components and browsers as the operating system. We explain what types of applications may be impacted by this novel approach and, from a general point of view how a formal modeling of the interactions serves as a general guidelines for the implementation. Formal modeling in our methodology is a necessary condition but it is not sufficient. We also make round-trips between the modeling and the Javascript or used tools to enrich the interaction model that is the key point, or to put more details into the implementation. It is the first time to the best of our knowledge that Data Science is operating in the context of browsers that exchange codes and data for solving computational and data intensive programs. Computational and data intensive terms should be understand according to the context of applications that we think to be suitable for our system
Blocking Java Applets at the Firewall
This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet
Pando: Personal Volunteer Computing in Browsers
The large penetration and continued growth in ownership of personal
electronic devices represents a freely available and largely untapped source of
computing power. To leverage those, we present Pando, a new volunteer computing
tool based on a declarative concurrent programming model and implemented using
JavaScript, WebRTC, and WebSockets. This tool enables a dynamically varying
number of failure-prone personal devices contributed by volunteers to
parallelize the application of a function on a stream of values, by using the
devices' browsers. We show that Pando can provide throughput improvements
compared to a single personal device, on a variety of compute-bound
applications including animation rendering and image processing. We also show
the flexibility of our approach by deploying Pando on personal devices
connected over a local network, on Grid5000, a French-wide computing grid in a
virtual private network, and seven PlanetLab nodes distributed in a wide area
network over Europe.Comment: 14 pages, 12 figures, 2 table
Virtual Institutes: Between Immersion and Communication
In the two expressions "virtual reality" and "virtual community", the term "virtual" has different meanings. A virtual reality is a depiction or, more generally speaking, a sensuous representation of reality that allows - mainly by means of interactivity - to experience various features of reality without actually being in contact with the reality depicted. Therefore, any interactive depiction that is able to imitate reality to such an extent that a high degree of sensory-motor immersion becomes possible is called a virtual reality (Heim 1998, 6f). Since reality is always much more complex than its depiction and full of unpredictable surprises, hardly ever a user has doubts about the difference between the depiction and the thing depicted. Nevertheless, there are good reasons for preferring the imitation to the reality: at least, the imitation is usually not as dangerous as reality sometimes turns out to be. Accordingly, quite different platforms for virtual institutes may be used emphasizing either the immersion aspect or the communication aspect. The decision for a platform depends on the goals pursued with the institute: text-based chat systems allow virtual communities to flourish, single-user VRML scenes convey a highly immersive 3D impression to its users. This is particularly true for virtual institutes realized as a 3D environment, as well as for corresponding virtual communities since 3D environments are adequate for certain tasks only. As an overall framework for the evaluation it is helpful to distinguish three major application areas: research, presentation, and communicative work. The Virtual Institute for Image Science (VIB), which we would like to describe in the following (3) as a case study, is almost exclusively designed for the third task: communicative working. It intends to provide a working space persons can share for joint projects despite being physically separated. Before describing the VIB in more detail we would like to give an overview of virtual institutes between the poles of realistic immersion and of communication in a community (2). The discussion of the case study leads to some more general considerations about the balance virtual institutes must find along that bi-polar dimension (4). In the concluding remarks we focus on the technical tools for virtual communities in 3D presently available
ADsafety: Type-Based Verification of JavaScript Sandboxing
Web sites routinely incorporate JavaScript programs from several sources into
a single page. These sources must be protected from one another, which requires
robust sandboxing. The many entry-points of sandboxes and the subtleties of
JavaScript demand robust verification of the actual sandbox source. We use a
novel type system for JavaScript to encode and verify sandboxing properties.
The resulting verifier is lightweight and efficient, and operates on actual
source. We demonstrate the effectiveness of our technique by applying it to
ADsafe, which revealed several bugs and other weaknesses.Comment: in Proceedings of the USENIX Security Symposium (2011
A Methodology for Information Flow Experiments
Information flow analysis has largely ignored the setting where the analyst
has neither control over nor a complete model of the analyzed system. We
formalize such limited information flow analyses and study an instance of it:
detecting the usage of data by websites. We prove that these problems are ones
of causal inference. Leveraging this connection, we push beyond traditional
information flow analysis to provide a systematic methodology based on
experimental science and statistical analysis. Our methodology allows us to
systematize prior works in the area viewing them as instances of a general
approach. Our systematic study leads to practical advice for improving work on
detecting data usage, a previously unformalized area. We illustrate these
concepts with a series of experiments collecting data on the use of information
by websites, which we statistically analyze
- …