http://www.computer.org/internet IEEE Internet Computing helps computer scientists and engineers use the ever-expanding resources of the Internet.IC and IC Online publish the latest developments in Internet-based applications and supporting technologies and address the Internet's widening impact on engineering practice and society. The magazine targets the designers and developers of Internet-based applications and leading edge technologies -- the early adopters who develop tools for the web and the high-end users who want to use tools that exist on the web. IC's content reaches over 11,000 subscribers internationally, comprising leading researchers, developers and engineers (76% industry, 24% government/academia). en-us Wed, 4 Jan 2012 11:00:01 GMT http://csdl.computer.org/common/images/logos/internet.gif List of recently published journal articles http://www.computer.org/internet http://doi.ieeecomputersociety.org/10.1109/MIC.2011.140 Distributed NoSQL systems have been designed to provide high availability for large volumes of data. Such systems inherently support only an efficient access to data objects via their primary key. In this article, we firstly outline how different implementations of NoSQL systems support complex queries like keyword-based searches. Common solutions based on inverted lists for single terms have shown to perform poorly in large scale distributed settings. Hence, we propose a multi-term indexing technique, storing additionally the inverted lists of combination of terms. To cope with the exponential growth of the index, we favor a query-driven mechanism (analogous to caching) where we adaptively store only popular term combinations derived from the recent query history. Our approach reduces the overall bandwidth consumption, a scarce resource in data-centers when under high workloads, by half, thus significantly improving the NoSQL system's capacity and response time without additional costs. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.140 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.128 Nowadays, reducing greenhouse gas (GHG) emissions is becoming one of the most challenging research topics in Information and Communication Technologies (ICT) because of the overwhelming utilization of electronic devices. Current solutions mainly focus on energy efficiency for saving power consumption at the micro level. Large-scale energy management strategies are still hardly taken into account. In this paper, we present a low-carbon nation-wide network built in Canada, and then expanded over the world. Based on an assumption that energy efficiency at the micro level will likely lead to an over consumption at the macro level, the proposed network is powered exclusively by renewable energy sources. Using network and server virtualization techniques, data centers services are migrated around network nodes according to renewable energy availabilities. A “follow the sun, follow the wind” optimization policy is deployed as a virtual infrastructure management technique. GHG reductions are evaluated as a result of our research. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.128 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.105 Today, a large fraction of Internet traffic is originated by Content Delivery Networks (CDNs). To cope with the increasing demand for content CDNs, deploy massively distributed infrastructures. Moreover, content delivery networks perform their own traffic optimization by assigning end-users to their servers. Such an assignment unaware of the network conditions and based on inaccurate information on the location of the end-user. Thus, users are not always assigned to the CDN servers that provide optimal end-user performance. To improve user assignment especially from a performance perspective we propose and deploy a Provider-aided Distance Information System (PaDIS). PaDIS is a novel system that allows ISPs to utilize their unique knowledge about the network conditions and user locations to better assign users to servers. Our field test results show that significant improvements in download time up to a factor of four for content offered by popular CDNs can be achieved when utilizing PaDIS. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.105 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.163 Recently cloud-based MapReduce services have appeared to process large data sets in the Cloud, significantly reducing users’ infrastructure requirements. Almost all these services are Cloud vendor-specific and thus internally designed within their own cloud infrastructure. This leads to two important limitations. Cloud vendors do not provide any clue about how they manage the MapReduce architecture internally hampering its evaluation and also users are not able to either build their own private cloud infrastructure based offering or to use different public cloud infrastructures for this purpose. Thus, this paper describes an architecture which enables the dynamic deployment of a MapReduce architecture in virtual infrastructures provided by either public or private cloud providers. This architecture has been implemented and validated as a proof of concept and released to the community. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.163 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.162 Moving from mainframe systems to Service-Oriented Architecture (SOA) using Web Services is an attractive but daunting task. The bottom-up or Direct Migration approach enables the effective modernization of legacy systems to Web Services. Conversely, bringing migration into fruition with the top-down or Indirect Migration approach is recognized as being comparatively harder but achieves better migration results. In practice, it is very uncommon to employ both approaches to the same large enterprise system, which leaves no room for comparison. This paper reports the outcomes of applying both migration approaches on a real COBOL system, presents the followed migration processes, their costs, and reports on the discoverability and reusability of target Web Services. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.162 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.143 The objective of research presented in this paper was to investigate if the Google App Engine cloud service may be used for free of charge execution of parameter study problems. Based on the provided Task Queue API, a simple and extensible framework implementing the master-worker model has been developed, which enables usage of the App Engine application servers as computational nodes as well as monitoring the task execution. The results of the feasibility study are presented and discussed, followed by the comparison with free cloud offering from Amazon EC2. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.143 http://opac.ieeecomputersociety.org/opac?year=2011&volume=15&issue=06&acronym=internet IEEE Internet Computing http://www.computer.org/portal/site/internet/ http://doi.ieeecomputersociety.org/10.1109/MIC.2011.142 Data management for stateful web applications is extremely challenging. Applications must scale as they grow in popularity, serve their content with low-latency on a global scale, and have high availability, even in the face of hardware failures. This need has given rise in recent years to a new class of internet-scale data management systems. At Yahoo! we have over 100 user-facing applications and numerous internal platforms. To meet our data management needs we built the PNUTS system, and have operated it in production for the last three years. We have published extensively on the PNUTS architecture, and now step back to discuss our experiences running it. We review PNUTS' growing adoption at Yahoo!, and point to specific applications. We detail several PNUTS features, including some previously unpublished, and focus on decisions we made when integrating this work into the production environment. Finally, we introduce some of our ongoing work. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.142 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.141 The growing number of datasets being published on the Web as Linked Data brings, together with its opportunities, the associated challenges of querying data in a semantically heterogeneous and distributed environment. Approaches used for querying siloed databases fail at Web-scale, where it is unfeasible for end-users to have an a priori understanding of available datasets. This article investigates the main challenges involved in the construction of a query and search solution for Linked Data, analyzing existing challenges, approaches and trends. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.141 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.139 Cloud computing and ubiquitous network availability has brought the thin client concept again under the attention. Executing applications in virtual desktops on servers in the cloud enables accessing any application from any location with any device. To be a successful alternative for traditional offline applications, important challenges have to be overcome. First of all, the performance of the thin client protocol is essential: the audiovisual output has to be displayed fluently. Second, the desktop should be executed on a server with sufficient resources, ideally close to the user's current location to limit the impact of network delay on the interactivity. In addition to delivering excellent user experience, reducing costs is important for service providers. This paper discusses these challenges from both the user's and the service provider's point-of-view and roads to solutions enabling cloud-based desktop services for thin clients. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.139 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.138 Service Oriented Architectures (SOAs) and Web Services (WSs) are well established paradigms for developing distributed applications. WSs may offer a solution that can take advantage of resources offered by Grids and Clouds. However, WSs face problems when accessing, moving and processing large data. This is especially true for legacy scientific WSs which need to process large datasets in complex data-intensive applications. To address this problem we present a WS called ProxyWS that uses a multitude of protocols to transport large data. The ProxyWS undertakes data transfers, on behalf of legacy WSs. Moreover, the ProxyWS can be used as an interface for developing WSs able to stream data. To illustrate the benefits of the ProxyWS we present two data-intensive applications. The experimental results show how this approach facilitates scalable data transports for such applications. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.138 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.137 Recent reports reveal that majority of security violations are caused by weaknesses in code. Buffer overflow vulnerability is the most severe of security violations. Though wide range of solutions from static analysis techniques to hardware modifications were proposed to tackle the vulnerability they either fail to address the large scope of the problem or have limitations preventing their use and adoption. In this article, we discuss well-known buffer overflow vulnerability exploit mechanisms followed by comprehensive study of proposals for defending from such exploits along with review of tools used for supporting the process. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.137 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.129 The Semantic Web is an extension of the traditional Web in which meaning of information is well defined, thus allowing a better interaction between people and computers. To accomplish its goals, mechanisms are required to make explicit the semantics of Web resources, to be automatically processed by software agents (this semantics being described by means of online ontologies). Nevertheless, issues arise caused by the semantic heterogeneity that naturally happens on the Web, namely redundancy and ambiguity. For tackling these issues, we present an approach to discover and represent, in a non-redundant way, the intended meaning of words in Web applications, while taking into account the (often unstructured) context in which they appear. To that end, we have developed novel ontology matching, clustering, and disambiguation techniques. Our work is intended to help bridge the gap between syntax and semantics for the Semantic Web construction. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.129 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.109 Recent reports reveal that majority of security violations are caused by weaknesses in code. Buffer overflow vulnerability is the most severe of security violations. Though wide range of solutions from static analysis techniques to hardware modifications were proposed to tackle the vulnerability they either fail to address the large scope of the problem or have limitations preventing their use and adoption. In this article, we discuss well-known buffer overflow vulnerability exploit mechanisms followed by comprehensive study of proposals for defending from such exploits along with review of tools used for supporting the process. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.109 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.106 In the traditional, offline world, users naturally group their connections—the people they know—into social circles, assigning them different priorities. Social circles and priorities among connections facilitate intelligent collaboration by helping a user determine how to interact with whom. Social circles can be valuable in online applications. However, existing online approaches don’t readily support such grouping: they either require a user to manually tag connections or rely purely on broad-brush acquaintanceship between connections. Platys Social is a novel approach that learns a user’s social circles and prioritizes his connections by bringing together contextual information and user interactions. Platys Social runs incrementally and can execute on a resource-limited mobile device. It can potentially avoid moving a user’s private information to a socially remote site. We exercised Platys Social in a study of six users over ten weeks. We found that Platys Social effectively learned the users’ social circles. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.106 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.103 We study the anti-phishing problem and propose a method for automatically discovering the phishing target of any given suspicious webpage. The method first collects all associated webpages, which have either direct association relationship or indirect association relationship with the given webpage, and then finds the so-called “parasitic” community of the given webpage based on these associated webpages. Finally, the method discovers the phishing target of the given webpage from within the parasitic community as the one which has sufficiently strong parasitic relationship with the given webpage. If we can find such phishing target, we can also determine the given webpage as a phishing webpage. Any user can use our system at www.SiteWatcher.cn to verify any suspicious URL. Potential enterprise applications are also discussed. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.103 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.102 The use of colour in user interfaces is extensive. It is typically a usability issue, and has rarely caused any security failures. In this article, we show that the use of colours in the design of CAPTCHA, a standard security technology that has found widespread applications in commercial websites, can have impact on usability and interesting but critical implications on security. http://doi.ieeecomputersociety.org/10.1109/MIC.2011.102 http://doi.ieeecomputersociety.org/10.1109/MIC.2011.81 This article examines the feasibility of Browser Side Templating (BST) as valid alternative for Web development, even when it comes to building accessible applications. With BST, templates are processed in the browser using a JavaScript coded engine, thus providing significant performance improvements and making the model-view separation a reality. However BST also has significant drawbacks that constitute unavoidable obstacles for most Web applications. The BST dependence on JavaScript affects the accessibility and hides the content of the delivered pages to search engines, hampering Web visibility. Our paper confronts this dilemma and as its main contribution, proposes a technique that allows BST to be accessible supported and semantically crawlable, while preserving all its advantages http://doi.ieeecomputersociety.org/10.1109/MIC.2011.81