The next frontier in climate modelling: Inclusion of interactive humans in climate models

Since the beginning of the industrial revolution it has become increasingly evident that human activities can profoundly affect, and be affected by, the Earth’s climate. Global and regional climate models have reached high levels of complexity, with issues impacting a whole range of climate components such as the atmosphere, oceans, cryosphere, biosphere and chemosphere. Yet the human component, what can be called “anthroposphere”, is not always included in climate modelling.
The rapid increase in computing facilities now allows us to look at the two-way interactions between humans and the environment in increasingly realistic ways. Filippo Giorgi will explain why he believes that the inclusion of interactive humans in comprehensive climate models can be considered the next main frontier in Earth System modelling, based on this ability to manage and study huge datasets. The development of “populated climate models” will likely require the development of entirely innovative and interdisciplinary data gathering technologies and approaches, bringing together the physical Earth System science, human science and data science communities.

Microdep reveals sub-optimal routing

Tool development efforts at Sikt (Uninett) over the years have resulted in a very promising monitoring system named Microdep. The last few years Microdep has revealed a significant number of routing related outages which have cause notable down-times for academic internet users, both in Norway, NorduNet and Geant.
The TNC22 lightning talk will motivate and present the system briefy, including its roadmap towards integration with perfSONAR, followed by a live demonstration of its routing event detection abilities.

Share a single GPU to multiple VMs through GPU virtualization

Nowadays, the number of scientific applications which require the use of GPUs is on the rise, so we configured the GARR Cloud using the GPU virtualization, which allows multiple virtual machines to use the same physical GPU at the same time and allows allocating almost transparently the resources as needed in the Kubernetes clusters deployed on top of Openstack.

eduroam in Brazil: strategies and results

This presentation aims to share the results of some eduroam expansion strategies in Brazil, implemented by RNP. In addition to promoting the service in the Brazilian NREN institutions, the strategies include the creation of partnerships with ministries and with private companies that already have public access Wi-Fi networks, in addition to specific actions related to the development of software.

Challenges in common AAI for collaborating Research Infrastructures

This lighting talk describes challenges for Authentication and Authorisation Infrastructures we discovered in the area of integrated Research Infrastructures, and it presents our current approach for addressing them.

Why we need a collaborative DDoS protection architecture in Europe

Distributed Denial of Service (DDoS) attacks have the potential to disrupt access to critical infrastructure for population groups across the world – yet their mitigation capabilities lie largely in the hands of private tech companies based in the US. This lightning talk explores the opportunities and benefits of an open, federated DDoS protection architecture in Europe.

Fake News Detection Models — Introducing GAN Generated Synthetic Samples to Improve Performance

News datasets are extremely imbalanced, with the fake news not being as well represented as the real news. Thus, machine learning models for fake news detection do not perform as good as expected. Hence, Generative Adversarial Networks can be used to produce high-quality synthetic samples to better represent the fake news data, improving the models’ performances.

AI for Heritage ─ SOS digital collections: classifying and characterizing

A presentation that focuses on finding solutions that use AI to catalogue and categorize archival collections. Firstly, the difficulties that archivists have in the transition to digital followed by the various problems when one tries to implement AI. Finally, the necessary steps to carry out a project in partnership with a heritage space and a potential workflow.

Traffic analysis of communication and collaboration apps bloomed with Covid-19 via advanced Deep Learning approaches

The COVID-19 pandemic and the resulting increase in interactions via digital tools has deeply changed network traffic. To manage these changes, network operators need advanced tools for classification and the prediction of internet traffic. To face these tasks, the idea is to design advanced deep-learning based techniques with a special focus on traffic generated by social communication and collaboration apps.

Cyber Threat Intelligence for Research and Education

This lightning talk aims to stimulate the discussion on creating, disseminating and sharing actionable cyber threat intelligence for the research and education community. Work done in this area together with current initiatives by GÉANT will be briefly introduced followed by a call to participate in TNC Security Day and collaborate on projects in this space.

A Dragon Has Destroyed the Data Centre: A Player's Handbook

DR/BCP testing is vital and the better the test, the better the outcome!
This LT will explain why engagement with the "players" is so important, how to get into the right mindset for an exercise, and ways to get the most out of the event.

A short talk about even shorter urls: the story of edu.nl

We've created a simple, yet popular service that is very usable, low on resources and provides our users with a viable alternative to big tech offerings: edu.nl. The talk describes what we did, why it was a success and calls for NRENs to make more simple but valuable services. See attachment.

Shouting across the chasm

Intended as a cautionary tale, this talk aims to highlight the growing divide between emerging NRENs and their more established counterparts. In particular, it will focus on two aspects: evolving baselines making the knowledge requirements (and thus barriers to entry) for newcomers significantly greater than they used to be, and the differing technology entry-levels that exist in different economies. Hopefully, it will serve to spark a greater awareness of an oft-overlooked side effect of the rapid evolution of technology in the NREN spaces.

The Computer Says No

I present a case of a research institution that got its social profiles “irrevocably” deleted for half a year, as a result of poor algorithm judgement. Resolving the conflict requires human communication.
I propose establishing a communication channel that would enable the NREN community to help our user institutions within a limited number of “emergency” cases related to selected platform(s).

Navigating the research data services landscape to best position GÉANT and the NRENs

The world is changing. Researchers are creating ever-increasing volumes of data and have complex needs for storing, processing and sharing this. Universities are providing a range of research data services as a result, utilizing both open-source technologies and commercial services. Many NREN are widening their service portfolios to offer such above-net services and opportunities exist for more coordinated service provision and support.

This short lightning talk will unpack some of the challenges and opportunities that exist in the research data services landscape and propose ways in which GÉANT can work with NRENs to explore how to take advantage of these.

OpenUEBA - An open source framework for User and Entity Behaviour Analytics

With the rise of cybersecurity attacks and the increase of impact of ransomware towards education and research entities, the requirement to increase the prevention capabilities is at an all time high. This talk is an opportunity for TNC participants interested in identifying and preventing risks in their network. To this end, we present OpenUEBA, an open source framework, for User and Entity Behaviour Analytics (UEBA) allowing SOCs to identify risks and take preventive actions.

Race against time – leveraging anomaly threat detection

The AARNet Security Operations Centre (SOC) went live in September 2021 and monitors a number of diverse university environments for potential cyber threats by categorising thousands of behaviours of interest in near real time that on their own may not be malicious but could contribute or be part of a larger attack.

The SOC utilises user entity behaviour analytics to correlate the relationship and behaviour between users/accounts and entities/assets using a cumulative risk-based approach in order to get the team to cut through the noise and focus on the things that matter most. This is in contrast to traditional and historical security technologies and defined rules that have relied on ‘known bad’ data to detect malicious activity.

Intrusion Detection System as a Service

Cybera, the Canadian NREN partner for the province of Alberta, has been investigating ways to leverage our key position within our members' network paths to provide better insight and protection. One solution we have developed is an IDS as a Service, or IDSaaS, which sends mirrored traffic of participating members to an IDS for analysis. Results can then be reviewed by the member using a web-based portal. This presentation will cover the architecture and operations of the service.

How to stay negative when everybody tests positive?

We take you on our journey that started with a cry for help from the Ministry of Education and the members of SURF during the COVID-19 pandemic. The project has demonstrated that as an NREN we were the only party that had all the building blocks in place to make it happen. Federated authentication, procurement and legal experience and good personal relations were essential to deliver this new service. We developed a portal and logistic environment that allow students and staff to order the delivery of COVID-19 self-tests. Early 2022 more than 10,000,000 tests have been delivered to 600,000 individuals.

ERTL - A COVID-19 intervention for 46 Colleges of Education in Ghana

The COVID19 pandemic disrupted every system globally. Education delivery in emerging economies was hardest hit due to underdeveloped support systems and infrastructural deficits. The Government of Ghana innovated several interventions to implement emergency remote teaching and learning (ERTL). The presentation focuses on specific interventions rolled out by the Ghana Tertiary Education Commission in Colleges of Education. This intervention relied on the provision of new and improvement of existing Wi-Fi Connectivity in the colleges. This was also augmented with the distribution of smart mobile handsets. The intervention was aimed at leaving no student behind and dubbed “Emergency Remote Teaching and Learning”.

Together through the storm: international research and education networks supporting performing arts during the pandemic

The last two years have seen an unprecedented crisis for all of us facing a major disruption of everyday life on a global scale. Internet2 and GÉANT have been partnering on delivering services to enable remote performances and the adoption of advanced networking for years. The co-organised and co-hosted Network Performing Arts Production Workshops (NPAPWs) is the flagship crossroad where an international community comes together. This presentation is an account of how the collaboration between two continents, facilitated by research and education networks, rapidly adapted during the COVID-19 crisis to provide support to students and academics in the field of music, dance, theatre.

GÉANT Network Evolution

This presentation will aim to provide an up-to-date and high-level summary of major changes in the GÉANT network. As the GÉANT network is going through a major transition and significant improvements are being made, this topic will be of interest to the TNC participants from R&E networks and to the R&E users involved in data-intensive science.

Navigating the Future of Intercontinental Connectivity

To address GÉANT’s strategic goal of meeting user communities’ ever-growing international data transfer demands, GÉANT’s international connectivity will need to grow, adapt and remain highly resilient to disruptions. For this, GÉANT aims to harness new funding streams (e.g. GN5-IC1) and explore new infrastructure opportunities (e.g. European Digital Gateways). Planning will require close collaboration with the European and Global REN community to inform where GÉANT investment is most needed, and maximise opportunities for mutual back-up collaborations (e.g. ANA and AER). This presentation will describe GÉANT’s approach and how we intend to play our part in the future of global R&E connectivity.

Internet2 Next Generation Infrastructure: Leveraging New Software and Hardware to Deliver Terabit Services

In 2021 Internet2 completed the deployment of its Next Generation Infrastructure (NGI), which included a refresh of its fiber, hardware, software, and the underlying architectures.

NGI also strives to fundamentally change the way the entire community can interact with the entire Internet2 platform - namely providing extensible access to the full stack of services; by combining these services in new and innovative ways the community can collaboratively work to meet the emerging demands.

This presentation will focus on the lessons learned from the NGI deployment and resulting impact for future delivery of cloud and research services. We will highlight the change in methodologies for delivering services at Layer 1, Layer 2, and Layer 3 including the key role in automation and orchestration.

REFEDS Profiles In Action: Lessons Learned

What does it take to produce widespread adoption of interoperability standards to enable trustworthy and frictionless research collaboration? This session examines InCommon Federation’s journey to rally participants to adopt several REFEDS standards to meet the National Institute of Health’s (NIH) call to standardize secure access to NIH online resources. We will share lessons learned and suggest actions to stimulate wider adoption of REFEDS standards.

REFEDS Data protection Code of Conduct for enabling attribute release

This presentation introduces the REFEDS Data protection Code of Conduct ver 2.0. It covers the following aspects:
- The contents of the Code of Conduct i.e. who can commit to it and what kind of obligations the code creates to the service provider that flags conformance to it.
- What is the role of the identity federation operator in the Code of Conduct.
- The experiences from the process of creating the Code of Conduct with the NREN identity federation experts and legal professionals, the interaction with the data protection authorities and the outcome of the process.

Discover the Italian OIDC Federation

Defining the standard for a federation is one thing, but implementing it proves its viability. In this session, the Agency for Digital Italy (AgID), Polygraphic Institute and State Mint (IPZS) and the Department for Digital Transformation of the Italian Presidency of the Council of Ministers will share their experiences as the first production implementors of OIDC Federation 1.0 specification, sharing the successes and challenges of their work and describing their plans for this new style of federation going forward.

A “Community Cloud” for the Italian Research community... And more!

In our presentation we will describe the reference architecture and its key principle, with special reference to automation recipes, present the federated model and its benefits, and propose our view for a European collaboration in this field.

FAIR access to news media and social media data and the iCANDID infrastructure

In social sciences and many other domains, news media and social media big data are increasingly used to monitor, analyse and research cultural trends and societal changes in longitudinal studies. For many researchers, access to these type of resources remains a challenge due to technical and legal barriers. This presentation focusses on the challenges researchers face in collecting big (social) media data and presents the iCANDID infrastructure which offers researchers with different (technical) backgrounds integrated access to this type of data in a FAIR way, taking into consideration the provider’s terms of service in combination with the users’ needs.

A certified platform for advanced telemedicine: apps, services and secure management of data and information for the experimentation of a digital ecosystem for the health of women and children

In an increasingly "smart" healthcare, in addition to the continuous improvement of the quality, safety and appropriateness of healthcare interventions, the use of ICT systems that allow an advanced and engaging use by users becomes essential. The safe and online secure exchanges of clinical-diagnostic data and information; the technical and mandatory regulations concerning devices and all the stakeholders; the collection of critical information for management control as the monitoring of the paths and the evaluation of the results as well as the carrying out of research activities are important and decisive aspects for a new strategy in health and health services. In all this, digital natives who use IT tools and who self-manage health information / education, using internet research and sharing information on social media, are making increasing use of apps with "health" content, without any guarantee of quality and privacy in relation to the content presented. The objective of the project that the IRCCS "Burlo Garofolo" and Area Science Park both in Trieste are carrying out with the development of an integrated platform for telemedicine, is to activate systems and services dedicated to medical and clinical-diagnostic functions in maternal-infant and perioperative in the pediatric field, promoting the creation of an interactive and customizable information platform.

Intent-Driven Optical Networking between NRENs

Ideally, NRENs should be able to interwork with each other at the optical level to support efficient exchange of high-bandwidth information, which is vital to their collective mission. The presentation contrasts two approaches to achieve this.
One approach uses two flavours of spectrum sharing – spectral pipes and spectrum slicing – that allow a guest-NREN to control use of spectrum from a host-NREN, in effect creating a shared optical infrastructure.
Another approach relies on disaggregated ROADMs, where a guest-NREN exercises granular control over a host-NREN’s ROADMs, down to the level of the underlying WSS, as well as over other optical networking resources.

Lighting up NREN Spectrum

Recent advances in optical networks led to redefine interconnections as slices of optical spectrum. To allow the research networking community to make use of these new technologies, the spectrum service team in GN4-3-WP7T2 have completed a Spectrum Service definition, created a reference model and evaluated optical modelling tools. In 2021 GÉANT ran pilots on several links. In 2022 the team plans to run a multi-provider spectrum service which aims to carry real big-science traffic between data-centers. This presentation will give an insight in to how the GÉANT community is building a common and open optical network landscape in Europe.

Strategy and innovation for clock services over optical-fibre networks

This presentation will discuss the current state of time and frequency networks in different European countries and present the need for European time and frequency dissemination networks. In this presentation we will discuss our current understanding of the needs of European science and society for accurate time and frequency broadcasting over fibre, the currently existing infrastructures as well as different scenarios for the implementation of a service using the existing fibre infrastructure.

Preparing the IT workforce for the unknown future

After a year of studying the Brazilian market, interviewing ESR’s customers and designing the new strategy using an agile approach like design thinking, lean startup and agile upscale, ESR launched the new strategy, called ESR 3.0, which focused on three pillars: Partnership, distance learning, and educational consultancy.

In this presentation, the pillar is the educational consultancy, designed to help customers identify the best path to training their technical staff. When the educational consultancy was developed, there was a conflict regarding how to measure the results of training? How do help organisations forecast the training investment? Is this possible to think of a different KPI than the number of people trained?

Ahoy Communities! - Building trust for research and collaboration

When navigating the (sometimes) intimidating waters of Federated Identity, research communities can reap considerable benefit from using common best practices and adopting interoperable ways of working.

EnCo, the Enabling Communities task of the GÉANT 4-3 Trust and Identity Work Package, provides the link between those seeking to deploy Federated Identity Management and the significant body of knowledge accumulated within the wider community, within projects (e.g. AARC) and groups (e.g. WISE, FIM4R, IGTF, REFEDS).

In our presentation, aimed at the research communities and the infrastructures providing their services, we give an overview on the linkages we provide and the work we contribute to.

Culture hacking the Norwegian NREN - creating an organisation which can navigate the future

With continuous change in the key characteristics of our time, any organization needs to adapt continuously and gracefully. This is no different for an NREN. Four years ago, Uninett started a journey to systematically improve our capability to deal with continuous change. I will share how we took the best elements of start-up culture to a new service innovation process, the consequences of implementing a 48-hour decision-making process and how to manage without management meetings.

I will show how culture hacking can bring about a positive change in organisational culture through small iterative changes, resulting in an NREN well positioned to navigate the unexplored challenges of the future

Making the Case: New Generation

There is not a day that goes by where we read about data breaches that involve our data. The data governance model is missing; and we acknowledge that there is a trust deficit. Self Sovereign Identity or SSI puts the data owner into the center of our data universe and therein allows for self-disclosure and control of his/her data. There are technologies like ZeroKnowledge Proofs [ZKPS] and verifiable approver/claims mechanisms that foster SSI adoption.
We are witnessing the creation of a Self-Sovereign Identity Internet where the business opportunity can be articulated in responsible and fair treatment of data between data owners and enterprises. Addressing the trust deficit is a call to action via the implementation of Self- Sovereign Identity – you and only you can choose to participate in this exciting journey. The speaker will present use cases on how SSI present a new opportunity to create Next Generation Identity as a Service.

How the world’s biggest student exchange programme is going digital

The Erasmus+ programme connects more than 5000 higher education institutions across Europe and for its 35th anniversary it’s getting itself a very special birthday present: a digital rebirth. This talk will explore how such large-scale change is being accomplished, also with regards to secure identification and authentication of students.

Roman Emperors and Facial Recognition

Facial recognition and Roman emperors: a unique application that will allow for the preservation of culture for generations to come.

20 years of perfSONAR to bring you 5.0

With this lightning talk, we want to recap 20 years of the perfSONAR project, a major open-source software development effort that provides a network performance monitoring framework and infrastructure used by R&E communities and networks throughout the world.

The perfSONAR project is nearing 20 years of existence. Since the first ideas were developed at the beginning of the new millennium, the project has gone through many different stages and iterations, with many different organisations and people participating in it. perfSONAR has many faces: it is a performance monitoring toolkit, it is a free, open-source software suite, it is a performance verification infrastructure, it is an international global R&E collaboration. All of that, and more.

Wi-Fi Performance Monitoring with WiFiMon: Simplified Installation via Ansible/NMaaS

WiFiMon is a GÉANT service and an open-source toolset that provides methods for evaluating the performance of Wi-Fi networks. Its purpose is to assist network administrators to identify underperforming areas within their networks and act accordingly, such as installing additional access points.

CARPi - Using Raspberry Pis for remote eduroam support

To describe how we have been using Raspberry Pi devices for remote eduroam support engagements to provide a remote-engineer controlled wifi enabled device in the proximity of customer's Wireless LAN. Such support is hard to do well remotely as testing becomes a significant hurdle. CARPi (Consultancy Assistance Raspberry Pi) solves this neatly, cheaply, and securely.

This was even more important during the Sars-Cov-2 pandemic and various lockdowns were imposed as the devices allowed our engineers to assist multiple member organisations quickly and easily and, most of all, safely and without the need to travel.

Enabling e-signatures (during the pandemic)

Signing contracts and other documents during the pandemic became complicated when most people had to work from home. Due to these challenges, Sunet launched an e-signature service early in the pandemic that we had been working on. This open source service has since become a great success and made signing documents much easier.

Self-Sovereign Identity (SSI) for Future-Proof Digital Wallets

When the Internet was introduced at the end of the last century, it was not clear what use it would have. Today, we are at a similar crossroads with SSI, which consists of a set of principles for digital identities that users directly control. While it is not certain that SSI will change our society as groundbreakingly as the Internet did, it seems to be establishing itself as a paradigm that will endure for some time. From the user's perspective, it is important to understand the power of digital wallets, which is why this presentation will go through the main principles of SSI and convince everyone that a digital wallet is just as vulnerable as a physical one.

Multi-factor authentication support between eduGAIN federations

Lightning Talk proposal featuring the results of a 1 month research project conducted as part of the University of Amsterdam's Security and Network engineering Master Program. The results are a start for improving support for (standardized) multi-factor authentication methods between eduGAIN federations.

Guessing PINs, One Partial PIN at a Time.

We created different methods of guessing a person's PIN, by attempting to guess their partial PIN incrementally in an in-the-wild scenario. We look at the different patterns that result, as well as lengths of guessing time. We wanted to see how secure, in comparison, a full PIN is compared to using partial PINs as means of authentication.

Challenges in processing and knowledge discovery in specifications of scientific resources

The talk will focus on major challenges present in both processing and further utilization of the data, such as specifications of certain scientific resources: articles, computational resources or datasets. Our goal is to create a recommender system for the aforementioned data
utilizing linguistic and natural language processing techniques, with a special focus on deep learning.

Effective vulnerability management

Actively monitoring environments for vulnerabilities can be a daunting task. What methods and tools have been made available for NRENs? What can we collaborate on going forward in a risk-based approach? Future work on automating vulnerability assessments.

We Demand a Video!

Since the beginning of the last century, films and videos have in one way or another been present in our day-to-day lives. At first, people were watching them on movie screens. Later, on our home TVs and more recently on computers, on demand via the internet, and finally everywhere.

At ARNES, we’ve offered Video on Demand (VOD) since the early 2000s, and at the end of 2011, we enabled uploading and sharing of videos for our users. For the next 10 years or so, we enjoyed relatively relaxed progress of our video portal. We implemented additional functions, listened to our users and tried to improve our service. The portal was welcomed in research and educational fields, but it was also used just as much as by people needing to share work-related videos.

REDI+: Toward an Ecuadorian Research Repository based in CRIS.

REDI+ is the Ecuadorian project of CEDIA for setting up and operating the national information of Science, Technology, and Innovation. It is an open standards-based platform, specifically as a central aggregator of open access repositories of Ecuador. The main goal of this project is to develop an open, interoperable, and integrated national platform that provides information of publications, researchers, patents, events, services, and general results of science and technology, and innovation. Besides, the platform allows providing value-added services for access to enriched data and aggregated information to improve decision-making at different institutional levels.

Navigating the GREN

The explorers of old setting sail from Trieste were well aware of the benefits of proper navigation. And no navigation tool is more useful than a map!

Previous maps of the global R&E network helped visualize its reach in a one-time snapshot, but until now, showing the real-time, global reach of the GREN — at the level of individual institutions — was unfeasible. Enter the GREN Mapping Working Group, a global collaboration that’s building a dynamic, real-time visualization of the value and reach of the network.

How FinOps concepts are improving RNP's business vision.

How the application of cost visibility, in an open way, is helping RNP to reduce costs in the cloud.

Propelling Australia’s Digital Life Science Research with Collaborative Research Infrastructure

The Australian BioCommons and the Australian Access Federation (AAF) are building a trust and identity infrastructure for an Australian genomics research federation that can interface with international initiatives like ELIXIR and the NIH. The project has become a catalyst for introducing advanced federation solutions like the AARC Blueprint Architecture to support the needs of 33,000 Australian life science researchers.

The presentation discusses:
- how using CILogon to create demonstrator environments has helped explain enigmatic authentication and authorisation concepts and generated buy-in from stakeholders;
- steps toward an operational sustainability model for an Australian deployment of this trust and identity infrastructure.

GEANT last resort solution to enables NRENs to support the digital transformation of Erasmus+

This talk reports on the work GÉANT and the NRENs undertook to scale out the MyAcademicID Service, one of the most used service in eduGAIN, the challenges faced in rolling-out a new attribute (ESI) to identify students at the European scale, the Erasmus+ IdP of last resort launched in just a few months to ensure that all students can take advantage of the digitized processes and the publication of the ESI Entity Category.
MyAcademicID Service enables students to use their federated accounts to authenticate themselves to the Erasmus+ services. MyAcademicID also enables students to use their national eIDs, through eIDAS, and link them with their academic accounts. In the first year of operation, ~100K students from ~2000 HEIs from 32 countries, used MyAcademicID.

Cross-border service allocation and access with MyAccessID, Fenix and LUMI/Puhuri

The Fenix collaboration, the LUMI EuroHPC collaboration, the Nordic e-Infrastructure Collaboration (NeIC) Puhuri project and GÉANT eduTEAMS have been working on the cross-border challenge of user identification, authentication, authorisation and resource allocation. This is a general solution for seamless access to the service providers’ HPC and cloud resources. In this presentation we describe the use-case, overall architecture as well as the implementation of the new authentication and authorisation infrastructure based on MyAccessID services.

GÉANT P4 Lab (GP4L) service

GP4L stands for GÉANT P4 Lab. As its name implies, it is a lab infrastructure that encompasses vanilla P4 switch hardware interconnected by path provided by GÉANT network. GP4L has 2 objectives:
- It is primarily used to validate the software code inherently part of RARE/freeRtr open source routing stack
- It is a service that is under development with the aim to provide experimental dataplane programming facilities where researchers can elaborate and test representative and geographically distributed network experiment.

GÉANT Network Management as a Service in GARRLab

The cost and complexity of buying or developing and integrating in-house network management solutions may be too high for many organizations. GÉANT Network Management as a Service (NMaaS, https://nmaas.eu) aims to support smaller NRENs, campuses, organisations or distributed research projects by providing an effective, efficient, and secure cloud-based network and service management platform. In addition to a general update on the NMaaS service, presentation focuses on NMaaS deployment at GARRLab. Tools running on NMaaS are monitoring GARRLab's VMs, containers and application services. This use-case demonstrates how NMaaS can be successfully adopted by anyone interested in cloud-based NMS solutions.

Diving in Data Plane Programming, silicon and oceans of data

The talk plans to report the outcome of our more systematic evaluation of INT-based UDP flow monitoring on NRENs networks. A summary of the overall experience in data plane programming and challenges will be reported.

Setting course towards digital sovereignty. How ‘public values’ can steer us towards a better world

Digital technologies are not neutral, they have the power to significantly change the way research and education institutes work. The only way in which we can meaningfully gain control over digital sovereignty is by standing strong together. NRENs can have an important role doing things differently. In this session we will sketch the urgency of the matter and present SURF’s ‘public values’ approach towards digital and academic sovereignty within the Netherlands. Let’s set course towards a better (digital) world!

Leveling the field and access – the future of Internet2

Internet2 is working in collaboration with several Minority Serving Institutions through the Minority Serving – Cyberinfrastructure Consortium (MS-CC), striving to reduce the gap between their campus networks and the global R&E ecosystem. Internet2 and the MS-CC were recently awarded a federal grant aimed at providing historically Black colleges and universities, and tribal colleges and universities, with programs and services that address their cyberinfrastructure needs. Fostering these engagements and working alongside the MS-CC is driven by Internet2’s desire to ensure the equal participation of historically underserved institutions in both the U.S. and global R&E communities.

NRENs, GÉANT and the UN Sustainable Development Goals – where are we?

In this presentation, Hendrik Ike of GÉANT will provide context behind the global drive towards the UN SDG agenda, and an explanation of the goals from a policymaking perspective, including the European Commission’s commitment to the goals. The session will then link this to the work that the GÉANT community has already conducted in order to help realise the goals, yet also provide an insight into the problems (and opportunities) that have arisen in mapping and measuring such work to policy benchmarks. How far can RENs and NRENs claim to contribute directly and indirectly? This will be unearthed.

Governance of software projects – lessons from European collaborations

The GN programme brings together software engineers coming from various NRENs, who collaboratively produce software supporting the delivery of various services (such as trust & identity and network management services). From the earliest stages of planning, software governance was recognized as a key facet of the GN project. The GÉANT Software Governance and Support team in GN4-3 has undertaken secure code and quality code audits of services, software management support and delivered advanced training to software engineers.
The presentation will cover lessons learnt from over 3 years of supporting the software teams in GN4-3 project and previous projects in the GN programme.

How to survive a tender like OCRE?

The OCRE project ran a very large-scale framework tender for 40 countries / lots for IaaS+. This required managing a large European Tender process which resulted in 474 framework contracts for a large variety of Cloud Platforms across 40 NRENs. It is obvious that this was a complex process.

So how do you:
-survive a tender that receives almost 1100 bids...?
-manage to get the frameworks signed?
-work with these frameworks?
To find out you must attend TNC22 and join our session!

Zooming in on Compliance within Procurement and Contracting

The Compliance Team within team ICT purchasing of the Procurement and Contracting department of SURF negotiates not only good prices but also optimal purchasing and contracting agreements, compliant with national and EU regulations. This is not only paperwork but also involves looking into the nitty-gritty details of network traffic to verify the exchange of telemetry data as is done in the data processing impact assessments (DPIAs). In this presentation we would like to share our experiences on vendor compliance, how SURF has organized its procurement, contracting & compliance efforts and how the results benefit the SURF members. We will also zoom in on the vendors perspective. These insights are beneficial for other NRENs to apply in their efforts.

Encrypted DNS – The Answer? So Many Questions...

DNS is a fundamental aspect of the R&E community’s online life, and any resulting privacy concerns are an ongoing challenge for campus network operators. Without pre-judging the issue, this session will provide a solid foundation upon which to base critical decisions about whether and how to support encrypted DNS in your environment.

Towards a Federated Anycast Network

In this presentation, we propose the creation of a federated anycast network run by NRENs.

Anycast networks are widely used in the DNS infrastructure, NTP services, content delivery networks, certificate authorities, and distributed denial of service(DDoS) mitigation.

On the creation of any federated services, the biggest challenge is centered on political and laws issues. But, the technical feasibility and limitations are the first step.

Here we discuss the requirements needed to build such infrastructure focusing on safety, resilience, privacy, and domain isolation. We provide an overview of opportunities, risks, and challenges. We also briefly present some tools planned to meet such requirements to better demonstrate what can be done using such infrastructure.

Privacy-friendly logging for security

In this presentation we will show that it is possible to increase security while protecting our users’ privacy at the same time by discussing how we followed a privacy-by-design approach when designing a system to log security relevant data (DNS queries) at SURF.

We will present our design as well as the lessons learned along the way. Next to this, we will discuss some first results from the pilot we are running. The solution presented is not a one-size-fits-all system, but intended as an inspiration for the audience to apply similar principles in their own environments.

The talk will contain a technical part but is intended for everyone with an interest in privacy. No background in DNS or cryptography is assumed.

Building a Realistic Orchestration Validation Environment for netwoRks (ROVER)

Building software that controls network equipment has many similarities to traditional software engineering, however, testing this software introduces many complexities unique to the network orchestration world. Join this talk to learn how we approached these challenges by building a Realistic Orchestration Validation Environment for netwoRks (ROVER) at ESnet.

Automating GARR-T: exploring unknown seas of strategies, methodologies and tool

GARR-T, the upcoming next generation GARR backbone, is based on programmability and real-time observability for all its constituent parts: the optical transport, the packet network, the datacenters, and the software. Each subsystem is a multitude of interacting elements. Automation is the key to tame these complex stacks.
In GARR we observed that the usual ICT automation approach could bring us in dangerous waters, with arduous implementation challenges.
This contribution presents the GARR approach to the backbone automation problem: an uncommon strategy inspired by multi-agent, complex systems that is driving the design and the implementation of GARR-T orchestration stack.

Chip shortage? Network Function Virtualisation to the rescue!

NFV is hot and happening at SURF. In this talk, we will:
-Share SURFs experience in building and operating a distributed, scalable and programmable NFV-infrastructure,
-Talk about our use cases for Virtual Network Functions,
-Demonstrate our light-weight NFV-infrastructure,
-Discuss future work

Why we invite our community to play - Security Awareness and Game Design

User behaviour is essential for Information Security. As NRENs we can support our communities in raising the security awareness of all our users. In this talk, we would like to share our learnings of developing and implementing the SWITCH Security Awareness Adventures.

About the SWITCH Security Awareness Adventures
Solve puzzles in an analogue game environment in the escape room «Hack The Hacker», «Track The Hacker» in the outdoor mobile quest or prove your social engineering skills in the (virtual) tabletop role-playing game «Piece of Cake».
swit.ch/security-awareness-adventures

Creating Your Own Crisis Exercise

The GÉANT CLAW crisis management exercise happens once a year and places are limited - so what if you are thinking about running something yourself? Charlie will give an overview of some of the issues you might want to think about when planning an exercise and explain where you can go for help.

How regular exercise helps your organisation to PAWgress

Inspired by the CLAW series of workshops, GÉANT recently ran its first All Staff crisis management exercise. The challenge: managing 110 players and 15 coordinators through a paperbased exercise in a hotel in the middle of the English countryside. Casper Dreef will share some of the experiences from the exercise and why GÉANT is investing in this approach.

Global R&E Internet Routing Table Analysis Update

While analysis of the deaggregation and general state of the Global Internet Routing table has been carried for many years (CIDR Report, Routing Report), little attention has been paid to what is happening in the Research & Education portion of the Internet.

NSRC started a project in early 2021 to look at the R&E routing table. The goal is to assist with improving routability by exploring improved aggregation, deployment of RPKI, improved transit paths, and by highlighting non-routable
prefixes and autonomous system numbers that are appearing in the R&E routing table. This presentation shares the current data from this project.

MANRS Research and Education Networks Programme

Description: NREN’s are very different to the traditional Network Operators that the Mutually Agreed Norms for Routing Security has focused on up until today. With mutual backups, historical address space, a global community driven backbone separated from the global internet, research activities and data movement challenges, we need to find ways to uplift our routing security but also be leaders to rest of the world to show how it can be done.

This presentation will review the current problems NREN’s face and how the new Research and Educations programme plans to tackle them going forward and why we need your help!

Developing and deploying Campus Network as a Service

The presentation will focus on product development of a Campus Network as a Service proposition. What do customers expect? What do they worry about? Why is such a service delivered by an NREN viable? What does the business model and case look like? How can the solution scale over multiple institutes? What will be the short term benefits and the long term roadmap? We will discuss with the audience which roles the institute, the NREN and the market should have for the service and why. Furthermore, we will show the architecture and share any lessons learned during the Proof of Concept and start of the Pilot.

Collaboration opportunities

It is our duty to work together on solutions to enable student mobility within Europe. To support this flexibilization of education a seamless infrastructure is needed to support all kinds of processes. Corno will present the result of a pilot project on student mobility that is a part Dutch Acceleration Plan that will finish by the end of this year. The use case for this project is a student who wants to attend a course at another university. Next the talk will focus on the urge to think about digitalisation from a Public Value perspective, giving some examples of pilot projects and calls for collaboration on this theme.

Is your NREN ready for digital education?

The NREN landscape highlights key trends for developing new, long term strategies for education: identifying key objectives for long term vision for the digitalization of education and how NRENs can play a role. Identifying and describing what underlying infrastructure, policies and steps are needed. One key area is flexibilization of education: institutions will need to adapt to create standardized programmes to recognize each other's course achievements across institutions and countries. Mobility of the data for achievements of students would require safe and secure access to their data while ensuring the ownership of data is with the individual and our NREN community provides the underlying infrastructure and expertise to support it.

Developments in African Cyber-infrastructure to Support Open Science

Globally there is movement in developing a Global Open Science Cloud (GOSC) aimed at supporting research collaborations across continents to assist in addressing global challenges through science and joint action.
To this end, continents, regions, and countries are also actively developing Open Science platforms and investing in underlying cyberinfrastructures to advance their research science technology and innovation (RSTI) ecosystems, enhance collaboration and increase their competitiveness and critically, use RSTI as a driver for national and continental priorities.
This talk highlights the movement toward developing a Pan African cyberinfrastructure to support advancement of the continent's science enterprise through open science.

Q-Factor: enabling host tuning using In-band Network Telemetry

Exploring the BBRv2 Congestion Control Algorithm for use on Data Transfer Nodes

It is well known that loss-based TCP congestion control algorithms are problematic for high-speed, high-latency flows that are common in Big Science. In 2016 Google released a new congestion control algorithm called ‘BBR’ (Bottleneck Bandwidth and Round-trip time) that uses a model-based approach, and the design has since been refined in an alpha release of BBRv2. In this paper, we describe and perform a set of experiments that assess the suitability of BBRv2 for use on Data Transfer Nodes (DTNs).

Superfacility -A Blueprint for Supporting Large-Scale Scientific Workflows

Data-intensive workflows have been a mainstay of large scale collaborative scientific research for several decades. However, with the growing exponential rate of data that instruments can produce today, there needs to be a paradigm shift in how distributed resources are requested and utilized across the various facilities that contribute to these data-intensive workflows. A “Superfacility” model, which seamlessly integrates instrument, computing, storage, and networking facilities, is required to more effectively support these increasingly demanding workflows. This talk will present on the desired characteristics for a Superfacility, discuss specific use cases, and highlight some activities and initiatives in this area.

eduroam in the cloud: enabling the next 1000 subscribers

Internet2 spent 2021 moving our eduroam infrastructure to the public cloud (Amazon Web Services) to better support the scaling of our service to primary and secondary schools, as well as museums, libraries, and other public locations that might be available to students.

This presentation is structured to be of interest to other NRENs who want to understand our journey; how we made the decision to move to the public cloud and would like to learn from our stumbles and take tidbits of interest from our service back to their home eduroam deployments.

iotroam for connecting everything that can’t onboard to eduroam!

In both enterprise and education, the need for Wi-Fi is growing. Traditionally, users connect with their laptops or smartphones to the network, by using eduroam they can uniquely identify themselves at the edge of the network using their personal credentials. Some devices, in particular IoT devices do not support the WPA-Enterprise/802.1x standards that eduroam relies on. Many of these devices are designed for authentication only with a pre shared key. This presentation will give an overview of how iotroam can support the administrators and users in their quest of bringing this kind of devices online.

RENU metro-eduroam version 2.0 – “Tusimbudde”

The presentation will describe the deployment architectures used, the problems and challenges faced during and after the deployment of the service, the benefits of the rollout, and the observations in traffic patterns and authentication requests. Whereas the initial deployment of metro eduroam has been a success, it is important to note that the current coverage is limited to only the capital city and the surrounding metropolis and that a huge chunk of the country is not covered. The presentation also discusses the RENU plans to extend the eduroam service to other areas within the country, covering primary and secondary schools countrywide, all major cities, and other residential areas.

Quantum Communication and Quantum Key Distribution activities within the GÉANT community

The talk will present the latest experiences gained through the collaborative work in the GÉANT GN4-3 project on quantum key distribution (QKD). These activities such as evaluation of R&E use cases, the use of testbeds and simulators, and an upcoming long distance proof of concept to be run between two GEANT PoPs will be discussed. Activities were focused mainly on practical aspects and use cases implemented in real world scenarios and infrastructure. The GN4-3 project has been studying QKD technology, exploring testbeds, simulators, and facilitating discussion around R&E use cases that has led to several white papers and infoshares.

Securing optical transport in the post-quantum world

Cryptographic algorithms in secure encryption provide protection against present threats. In the face of emerging quantum computers, standards communities are defining replacement candidates. But networks need our attention now to avoid attack later when a practical quantum computer is available. Symmetrical key management and a high-quality key are paramount in keeping networks safe today and into the future. Grover’s algorithm shows that AES-256 and symmetrical key management provide excellent protection against quantum attack.
This presentation will describe the quantum threat, efforts to develop post-quantum ciphers and provide a view of practical protection options, ready for deployment now.

Exploring the Challenges and Opportunities In Quantum Communications and Networking

This presentation will provide an overview of recent activities in quantum communications and networking research using testbeds, including the potential for extending those testbeds to international sites. Quantum communications and network are particularly important research areas for a wide range of innovative applications. Recently, Northwestern University established an initiative, INQUIRE (Initiative at Northwestern for Quantum Information Research and Engineering), to conduct testbeds research to advance the future of quantum science. A major focus of this quantum networking research is creating interconnections among quantum computers, in part to address complex computational science problems through a distributed quantum environment.

Terabit to the Tundra: Networking for EISCAT_3D research infrastructure

The presentation give a brief introduction to the EISCAT_3D instrument and the research infrastructure and the multi-year collaboration between Research Infrastructure and national and regional e-Infrastructures, and will then dive into the realised, multi-terabit solution realised in the arctic. We will discuss the benefits of thinking about networking as an integral part of a scientific instrument, and the challenges of operating such resource demanding services jointly in multi-domain environments.

Towards advanced e-infrastructure for digital humanities and Arts

The DARIAH-PL project aims to build an advanced research infrastructure for the digital humanities and Arts community in Poland. The main goal of the project is to develop and deploy innovative tools and services for multi-context visualization, analysis and interpretation of heterogeneous datasets using linked data, machine learning and alike. In addition to the general objectives, we will present the services for high quality digitalization of a variety of physical objects, landscapes, archaeological data, and cultural heritage content using advanced equipment such as GPR, LIDAR, spectrometers, magnetometers 8K, 360° and plenoptic cameras, 360°, photography, motion capture and sound recording.

Exploring our planet through SMART cables

Are SMART cables part of our future? This presentation will help you navigate the unexplored depths of the oceans. A relatively new approach enables utilizing submarine fibre optic telecoms cables in a way that they were never originally designed for. This approach still allows for transmission of petabytes of data, but also to turn the cable into a sensor itself. SMART cables provide additional research data to monitor the climate, volcanoes, tectonic plate movement and marine life in new ways, without the need to build additional dedicated research infrastructure. Come and find out how members of our community have been involved in this new initiative and contribute to this emerging research field.

SESAME: the glory of science diplomacy

The Synchrotron-light for Experimental Science and Applications in the Middle East (SESAME) is the first light source in the Middle East and neighboring regions. It was established by those who believe in human rights and human capacities, regardless of any particular identity, making it such an exceptional scientific facility inspired and developed by scientists and diplomats through a substantial manifestation of international cooperation. SESAME seeks to establish Excellence of Science and technology in the region, besides, functioning as a bridge between its diverse culturally and politically conflicting societies, by building a stronger community that will be able to deal with scientific challenges and hopefully beyond. SESAME also opens doors to women scientists in the region to break stereotypes and misconceptions set against them. In this talk, a recipe of how the diplomacy can effectively work with one simple and basic ingredient – science - will be presented.