Stéphane Frénot

MySIM: a spontaneous service integration middleware for pervasive environments

A computing infrastructure where everything is a service offers many new system and application possibilities. Among the main challenges, however, is the issue of service integration for the application development in such heterogeneous environments. Service integration has been considered by major middleware as a user centric approach as it responds to user requests and needs. In this article, we propose a novel way to integrate services considering only their availability, the functionalities they propose and their non functional QoS properties rather than the users direct requests. We define MySIM, a spontaneous service integration middleware. MySIM integrates services spontaneously on an event based mechanism and transparently for users and applications, extending by that the environment with functionalities. We developed a prototype as a proof of concept and evaluated its efficiency over a real use case.

Various Extensions for the Ambient OSGi Framework

OSGi is a wrapper above the Java Virtual Machine that embraces two concepts: component approach and service-oriented programming. The component approach enables a Java run-time to host several concurrent applications, while the service-oriented programming paradigm allows the decomposition of applications into independent units that are dynamically bound at runtime. Combining component and service-oriented programming greatly simplifies the implementation of highly adaptive, constantly evolving applications. This, in turn, is an ideal match to the requirements and constraints of ambient intelligence computing, such as adaptation to changes associated with context evolution. OSGi particularly fits ambient requirements and constraints by absorbing and adapting to changes associated with context evolution. However, OSGi needs to be finely tuned in order to integrate ambient specific issues. This paper focuses on Zero-configuration architecture, Multi-provider framework, and Limited resource requirements. The authors studied many OSGi improvements that should be taken into account when building OSGi-based gateways. This paper summarizes the INRIA Amazones teamwork (http://amazones.gforge.inria.fr/) on extending OSGi specifications and implementations to cope with ambient concerns. This paper references three main concerns: management, isolation, and security.

Toward automatic update from callbacks to promises

Javascript is the prevalent scripting language for the web. It lets web pages register callbacks to react to user events. A callback is a function to be invoked later with a result currently unavailable. This pattern also proved to respond efficiently to remote requests. Javascript is currently used to implement complete web applications. However, callbacks are ill-suited to arrange a large asynchronous execution flow. Promises are a more adapted alternative. They provide a unified control over both the synchronous and asynchronous execution flows. The next version of Javascript proposes to replace callbacks with Promises. This paper brings the first step toward a compiler to help developers prepare this shift. We present an equivalence between callbacks and Dues. The latter are a simpler specification of Promises developed for the purpose of this demonstration. From this equivalence, we implement a compiler to transform an imbrication of callbacks into a chain of Dues. This equivalence is limited to Node.js-style asynchronous callbacks declared in situ. We evaluate our compiler over 64 npm packages, 9 of them present compatible callbacks and compile successfully. We consider this shift to be a first step toward the merge of concepts from the data-flow programming model into the imperative programming model.

An in-browser microblog ranking engine

Microblogs, although extremely peculiar pieces of data, constitute a very rich source of information, which has been widely exploited recently, thanks to the liberal access Twitter offers through its API. Nevertheless, computing relevant answers to general queries is still a very challenging task. We propose a new engine, the Twittering Machine, which evaluates SQL like queries on streams of tweets, using ranking techniques computed at query time. Our algorithm is real time, it produces streams of results which are refined progressively, adaptive, the queries continuously adapt to new trends, invasive, it interacts with Twitter by suggesting relevant users to follow, and query results to publish as tweets. Moreover it works in a decentralized environment, directly in the browser on the client side, making it easy to use, and server independent.

ROCS: a remotely provisioned OSGi framework for ambient systems

One of the challenges of ambient systems lies in providing all the available services of the environment to the ambient devices, even if they do not physically host those services. Although this challenge has come to find a solution through cloud computing, there are still few devices and operating systems that enable applications execution by only uploading the required components into the runtime environment. The ROCS (Remote OSGi Caching Service) framework is a novel proposal which relies on a heavy-weighted standard Java/OSGi stack. It is distributed between class servers and ambient devices to provide full functionalities to resource-constrained environments. The ROCS framework provides improvements in two areas. First, it defines a minimal bootstrap environment that runs a standard Java/OSGi stack. Secondly, it provides an architecture for loading any necessary missing class from remote servers into memory at runtime. Our first results show similar performances when classes are either remotely downloaded into the main memory from a local network or from a flash drive. These results suggest a way to design minimalistic middleware that dynamically obtain their applications from the network as a first step towards cloud-aware operating systems.

Static vulnerability detection in Java service-oriented components

Extensible component-based platforms allow dynamic discovery, installation and execution of components. Such platforms are service-oriented, as components may directly interact with each other via the services they provide. Even robust languages such as Java were not designed to handle safe code interaction between trusted and untrusted parties. Dynamic installation of code provided by different third parties leads to several security issues. The different security layers adopted by Java or component-based platforms cannot fully address the problem of untrusted components trying to tamper with other components via legitimate interactions. A malicious component might even use vulnerable ones to compromise the whole component-based platform. Our approach identifies vulnerable components in order to prevent them from threatening services security. We use static analysis to remain as exhaustive as possible and to avoid the need for non-standard or intrusive environments. We show that a static analysis through tainted object propagation is well suited to detect vulnerabilities in Java service-oriented components. We present STOP, a Service-oriented Tainted Object Propagation tool, which applies this technique to statically detect those security flaws. Finally, the audit of several trusted Apache Felix bundles shows that nowadays component-based platforms are not prepared for malicious Java interactions.

C3PO: A Network and Application Framework for Spontaneous and Ephemeral Social Networks

The C3PO project promotes the development of new kind of social networks called Spontaneous and Ephemeral Social Networks (SESNs) dedicated to happenings such as cultural or sport events. SESNs rely on both opportunistic networks formed dynamically by the mobile devices of event attendees, and on an event-based communication model. Therefore, user can exchange digital contents with the other members of their SESNs, even without Internet access. This paper presents the framework developed in the C3PO project to provide network and application supports in such challenged networks. This framework exploits the different wireless interfaces of the mobile devices to interconnect them and to disseminate content through the resulting opportunistic network. At the application layer, this framework is composed of plugins that process locally the data stream to offer generic features, or to easily build applications dedicated to specific happenings.

Extending dataflow programs with throughput properties

In the context of multi-core processors and the trend toward many-core, dataflow programming can be used as a solution to the parallelization problem. By decoupling computation from communication, this paradigm naturally exposes parallelism in several ways. In this work we propose language extensions for expressing throughput properties over dataflow programs together with a run-time mechanism for the observation of events meaningful to compute the effective throughput. We show the limited impact of such mechanisms on the application overall performances. We also review existing run-time adaptation mechanisms that may be used in a dataflow context to satisfy throughput requirements.

Dossier médical semi-structuré pour des interfaces de saisie multimodales

L’informatisation du dossier medical dans son integralite n’a pas encore atteint tous les objectifs fixes : la diversite des acteurs qui y participent implique une diversite des informations a y joindre, ainsi qu’une diversite des formes de saisie et de presentation de l’information. Le paradigme documentaire semble une bonne technique pour l’interface utilisateur, mais il reste indispensable de lier cette interface a des outils de recherche et de traitement de l’information. Seuls les systemes de gestion de bases de donnees savent aujourd’hui rendre ces services de facon efficace. Dans cet article, nous presentons une architecture qui fournit a l’utilisateur une interface de saisie de l’information tres souple, a l’aide de documents orientes paragraphes, et qui lie cette interface a un analyseur de documents pour alimenter une base de donnees relationnelle. Les documents orientes paragraphes peuvent etre saisis sous forme de textes frappes au clavier ou dictes au micro.

Chasing Data in the Intermediation Era: Economy and Security at Stake

Online intermediation platforms play an increasing role in the economy and carry a growing responsibility for ensuring the global security of society. This article aims to better define algorithmic intermediation by establishing a hierarchy of intermediation actors based on their degree of abstraction from specific services. This hierarchy helps to show that the more platforms offer abstract services, the more power they have.