Today we continue reading Jigsaw : Efficient, low effort mashup isolation by James Mickens and Matthew Finifter. Mashups are web applications that contain code from different principals. These principals often have a lop sided trust relationships with each other. For example, a page that shows local news may receive data from a news feed component and a map component. The integrating page may want to isolate both components from each other and present them with an extremely narrow interface to the integrators state. We read that Jigsaw is a framework that extends Javascript and facilitates securing the data sources with simple keywords like public and private.
There have been previous approaches as well but the frameworks were overly complex and presented an unwieldy tool. Many of these approaches force developers to use asynchronous, pass-by value channels for cross principal communication channel.The difficulty with pass-by-value asynchronous calls besides introducing subtle data races is that it introduces high serialization overheads Previous work that involves object views were too general often requiring policy code for each property access on a shared object. The same goes for ConScript policy files where the policy consists of arbitrary Javascript code. They are not only expensive, unnecessary but also too cumbersome for large graphs of objects. The mashups only need to be secured with a yes-no mechanism to define whether they are externally shareable and a simple grammar that restricts access to persistent storage and visual display. These two policy primitives are sufficient for mashups. Consequently they require only simple constructs.
Jigsaw does this and better. It not only lets mashups be isolated with its framework but also it lets them selectively expose private state with the following four goals:
Isolation by default: The integrator has access to browser resources and the guest may be provided some access. However by default a guest cannot access these resources. Most principal's JavaScript namespace is hidden from external code by default .
Efficient, synchronous sharing: Jigsaw enables synchronous, pass-by-reference sharing. If an object is to be shared outside its local domain, a proxy or 'surrogate' automatically wraps and unwraps the object.
Simplicity: Using the above two, Jigsaw can secure mashups with a few lines of policy code
Fail-safe legacy code: If legacy code has not been adapted for Jigsaw, it will work within a single domain and unmodified legacy code will fail safely when accessed by external domains.
#codejam problem
Why does two datapoints suffice in the deer hike problem we saw earlier
Because there are limited number of positions that can be taken on the trail. For example there are 0 to 360 both ends included and a single hiker can occupy all these positions at some point of time. Therefore we are only looking for a safe spot between two hikers which can give an intermediate position for the deer. Since one position is enough, either that position will have encounter or not. Therefore we get our answer.
There have been previous approaches as well but the frameworks were overly complex and presented an unwieldy tool. Many of these approaches force developers to use asynchronous, pass-by value channels for cross principal communication channel.The difficulty with pass-by-value asynchronous calls besides introducing subtle data races is that it introduces high serialization overheads Previous work that involves object views were too general often requiring policy code for each property access on a shared object. The same goes for ConScript policy files where the policy consists of arbitrary Javascript code. They are not only expensive, unnecessary but also too cumbersome for large graphs of objects. The mashups only need to be secured with a yes-no mechanism to define whether they are externally shareable and a simple grammar that restricts access to persistent storage and visual display. These two policy primitives are sufficient for mashups. Consequently they require only simple constructs.
Jigsaw does this and better. It not only lets mashups be isolated with its framework but also it lets them selectively expose private state with the following four goals:
Isolation by default: The integrator has access to browser resources and the guest may be provided some access. However by default a guest cannot access these resources. Most principal's JavaScript namespace is hidden from external code by default .
Efficient, synchronous sharing: Jigsaw enables synchronous, pass-by-reference sharing. If an object is to be shared outside its local domain, a proxy or 'surrogate' automatically wraps and unwraps the object.
Simplicity: Using the above two, Jigsaw can secure mashups with a few lines of policy code
Fail-safe legacy code: If legacy code has not been adapted for Jigsaw, it will work within a single domain and unmodified legacy code will fail safely when accessed by external domains.
#codejam problem
Why does two datapoints suffice in the deer hike problem we saw earlier
Because there are limited number of positions that can be taken on the trail. For example there are 0 to 360 both ends included and a single hiker can occupy all these positions at some point of time. Therefore we are only looking for a safe spot between two hikers which can give an intermediate position for the deer. Since one position is enough, either that position will have encounter or not. Therefore we get our answer.
No comments:
Post a Comment