• Overview
• Users
• Notebooks, kernels and files
• Version control and sharing
• Sharing and live editing, fine grained privileges
• Security discussion around the notebook.
• Scenario: Attacker does not have kernel execution privileges
• Principal vector of attack: JS injection, cross-site-scripting.
• Principal type of attack
• Defenses:
• Scenario: Owner is malicious
• Additional security