don’t wait, register now!
Lightning Talks
This presentation is about an application running in the public cloud that had high costs, that is, above its planned budget. We had exhausted our technical solutions to refactor it and lower costs. As it didn't lock-in with any cloud technology and therefore could run on any provider, we invited all of them to a “battle for the workload”. Thus, each one of them had the task of proposing a migration and operation model for the application to stay with it for a predetermined period. All joined in and fought with their best resources to conquer this workload. Our presentation describes this success story and its results, showing that the organization does not always need to make an effort when it comes to reducing costs.
‘…sleep never fell upon his eyes; but he kept sure watch always.’
The giant Argus in Greek mythology is just like Argus developed by Sikt. Argus is an alarm aggregator designed for managing alarms from different monitoring systems in one single dashboard. In this lightning talk we will show how Argus allows you to replace the clutter of many screens with one Argus screen to rule them all. Argus effortlessly facilitates easy alarm management and customizable alarm notifications.
Argus is an open-source software developed by Sikt, co-funded by GÉANT and in use with other NRENs. We will showcase why you need Argus and share our experiences after 3 years of depending on Argus to ensure our network and services are up and running well.
GDPR has been part of our everyday lives for about five years now. Most related issues are currently solved either on a technical or administrative process level. Nevertheless, it is still a pain point for research infrastructures when they add a new service to their portfolio. GDPR and other policies are important topics for Life Science research infrastructures. Our goal here is to follow the necessary regulations but also do our best to lower barriers for services that want to be a part of the infrastructure. That leads us to an idea where we can use Life Science AAI not only to externalize authentication and authorization for services but also to provide a solution centralized at the infrastructure level for GDPR and other policy compliance. This talk describes how Life Science AAI can handle GDPR and other policies on behalf of other services. That significantly lowers barriers to integrating new services into the research infrastructure environment and the EOSC services space through EOSC AAI.
Since GDPR, followed by the Schrems Rulings, which led to Safe Harbour and the Privacy Shield being invalidated, institutions have become more and more aware that they are responsible for how vendors deal with their data and that they need the right agreements with their vendors to reduce privacy and security risks. If they do not have this in place it will lead to non-compliance, risk of fines, reputational damage and liability claims and ultimately raises the question if you are still allowed to work with the products. How do you negotiate with vendors? How do you get them to work with you on risk assessments as DPIA’s and DTIA’s? And how do you get them to adjust their software – not just for you, but for whole Europe? Sandy will address in this 5-minute lightning talks the ins and outs, what it takes for debating on the cutting edge with (big) tech parties, against tide deadlines and with the Data Protection Authority as a watch dog on your neck, and still get it done.
Browsers gotta preserve privacy, they be crackin' down on cookies, we get it, now let us use our cookie across several domains - deal? A tale of FedCM.
When you picture an architect at work, how do you see him? Holding a pencil over a drawing board, maybe? How about the architects that designed the Morpheus Hotel in Macau, the Gherkin in London, or the Louvre in Abu Dhabi? Still imagining pencils? Architecture, like many other art forms, frequently mirrors the technological advancements of its time, and these are just some examples of the multitude of projects that have been reflecting the increasing integration of computer science in the architectural domain. Architects, today, have at their disposal tools that allow them to design and manage large-scale and non-conventional design solutions that would have been nearly impossible to conceive using traditional design methods. However, designing with algorithms requires programming, a concept with which practitioners often struggle. For architecture to benefit from computation at large, we still need to close the existing comprehension gap between algorithmic design programs and their behavior, making this representation method more akin to the traditional architectural practice. The *Algorithmic Design Sketchbook* proposal addresses this problem by coupling algorithmic design with complementary representation methods that are adequate for designing complex architectural projects and by supporting their synchronization with a design tool that architects feel comfortable using.
APK Falcon is a tool to assist users in assessing the impact of mobile apps on privacy, improving their knowledge and empowering their decision-making in accordance with the values of the EU Next Generation Internet. APK Falcon will help users understand the permission system, leading to a better permission management, such as revoking highly intrusive permissions or being more careful and aware when being asked to grant a permission. This tool will be made in a user-centric way, so the impact on privacy can be understood by everyone.
Users will be able to access a web service where they can search for the name of an application and obtain a privacy score, as well as information to understand this score. APK Falcon can assist users in making more informed decisions about granting permissions and managing their privacy. By shedding light on the permission system, APK Falcon can empower users to take control of their privacy in a simple, open and transparent fashion.
During the covid crisis, I followed my course using Teams. In many cases the video/audio quality was really bad, and yet none of the speedtests I ran showed any abnormality. What happened ? At that time, all speedtest websides only measure throughput. They measure latency as well, but as idle latency (without load on it). However, when you attend a class/meeting there are always other apps/people using your network.
Therefore we need a way to measure working latency. The IETF has started to develop a new measurement technique called RPM to measure latency under working conditions. So our goal is to implement it in a browser such that every user can know why his connection is bad. Moreover, all current tests work with TCP connections. With TCP, it is possible to send a large amout of data, but it's very hard to accurately measure latency or packet losses. Meanwhile, many cloud providers are moving towards HTTP/3 with the QUIC protocol. Therefore, we are developing our measurement tool with QUIC.
Research shows that Artificial Intelligence (AI) can be an effective tool for automated cyber threat hunting; however, the lack of explainability still prevents its mass deployment into commercial-grade tools. Due to the AI complexity, it is hard to get reasons behind its output, which are crucial for cybersecurity incident handling and response. We thus bring new design principles of AI by dividing complex monolithic models into small components with defined functionality. By observing the outputs and interaction of these components, we can then get an insight into their internal behavior and provide explanations and reasoning behind their output. The lack of explainability originates from AI's enormous complexity, which people cannot comprehend. We thus divide the complex AI into a component-based system, each component designed separately, like in the actual brain. In our brain, there are parts responsible for vision and other parts ensuring hearing. We know which part is responsible for what, which dramatically increases our understanding of such a complex system.
Component-based models are solutions for AI model deployment in cybersecurity and other high-stakes areas where explanations are necessary. The division into components provides better control over the predictions and explains them. The improved explainability also reduces the chance of design errors, can improve model quality control, and increases the overall trust of its users. Moreover, we can use reasoning to filter out obvious mistakes and increase AI reliability.
Incident communication is the process of alerting users that a service is experiencing some kind of unavailability or degraded performance. It is expected that most companies provide 24/7 availability. Poor and slow communication can lead to frustration, a longer time to resolve issues, and unhappy customers.
Incident communication is more complex than just sending an email. There are different audiences to consider and different response expectations. AI can help us solve this problem.
Technologies like ChatGPT can go a long way building an intelligible communication. Beyond clarifying language and cultural differences, its mission to create human-like responses can also help refine technical communications with non-technical stakeholders. IA can also automate messages to multiple channels like web status pages, email, SMS, instant communicators, and social media. This can be essential to bringing value and quick responses. More than that, automation can also help solve the incident by bringing the team together in an IM group chat. Using the correct input, ChatGPT can provide content in seconds, keeping the response team focused on the main problem while the AI is making the updates on behalf of everyone involved.
The Ethiopian Education and Research Network (EthERNet) was initiated in 2001 as a part of a national capacity-building program that included projects to provide connectivity and support the public higher education institutes in the way their data, research outputs are organized, preserved, discovered and disseminated to the audiences. HEMIS is one of the successful projects that is hosted at EthERNet.
HEMIS is a technology-aided system that enables data collection, reporting, and analysis. It analyses data and produces information that helps to guide evidence-based decision making in the education and training sectors. HEMIS is not only a system for collecting, analyzing, and managing data, it monitors performance (BSC and Ranking). It is designed to provide future projections by making trend analyses based on the current data.
As widespread use of the internet continues to grow, the prevalence of security threats it faces follows suit. Quantum Key Distribution (QKD) aims to make the internet a more secure system by providing the possibility to generate perfectly secure keys that can be applied to secure communication soundly. This lightning talk highlights the state of the art in standardisation of QKD equipment, which goes hand in hand with a set of experiments on the performance of QKD hardware that is commercially available. Two possible services GÉANT could offer are presented, and their feasibility is evaluated. It is found that the equipment is able to perform adequately in a test environment, however required hardware, software, and standardisation for management and operation of a QKD Network are lacking maturity for a production environment as of right now.
The SDGs have become a benchmark to strive towards a better world. Therefore, showcasing that NRENs carry out SDG-tailored activities is key to persuading policy and decision makers of their inherent value to support them in terms of funding and resourcing.
This lightning talk aims to unpack some of the key results of the work done by the AfricaConnect3 communications team on gathering concrete evidence of the direct and indirect contributions of African NRENs to the UN SDGs.
Whilst there are established routes such as the European Horizon Programme for funding large multi-year projects such as GÉANT, EOSC, etc., sources of funding for small short-term projects can be difficult to find. The ability to fund small short-term projects is vital in an environment such as the Internet in order that new ideas, nascent technology & proof of concept can be explored quickly. The Vietsch Foundation has been operating a small short-term project funding scheme for several years, working with collaborative partners including GÉANT, EUNIS, NLnet and co-sponsors such as universities. The GÉANT Innovation Programme and the Vietsch Foundation grants scheme are complementary since the Vietsch Foundation objectives and eligibility criteria both overlap and differ. The presenter will mention projects including eduDNS, eduVPN that have been funded in this way.
In February 2023, the inaugural cohort of grant recipients of ORCID’s Global Participation Fund was recognized. This fund is designed to promote accuracy and integrity and further collaboration in scientific research and scholarship, particularly in low- and lower-middle-income economies as categorized by the World Bank. NRENs have always played an important role in enabling research and education; several have been awarded ORCID grants. During this lightning talk, you’ll learn about the program and how NRENS and other regional organizations might participate in the upcoming call for proposals.
For the past 2 years Jisc has been working with cellular technology providers to address important digital poverty issues across the UK, by providing eduroam via 4/5G to support learners without access to sufficient connectivity away from the University campus. This has led to the development of additional use cases such as disaster recovery, emergency provision, service resilience, and remote learning, all involving the provision of cellular connectivity rather than traditional fibre based services, with many of Jisc’s customers now benefitting from the services provided. As things stand the proof of concept has over 50 participants and will move to full service launch in June 2023. This lightning talk summarises the journey from initial concept, through technical design, proof of concept, and ultimately service launch, focusing on the wide variety of uses cases developed and the benefits delivered.
WiFiMon Hardware Probes (WHP's) are vital for WiFiMon operation as they facilitate baseline comparisons with crowdsourced measurements collected from end users roaming the network. Feedback gathered by organisations, i.e. NREN's and Universities, utilising WHP's indicated significant shortcomings in their functionality. Specifically, administrators were required to follow error-prone, time-consuming and/or costly approaches to control and configure these probes. Therefore, the WiFiMon team has developed novel, user-friendly features to enable remote control and (re)configuration of WHP's distributed across the monitored networks from a centralised point. This lightning talk will present our newly introduced feature.
Log messages represent automatically documented events in the form of chronological records that contain various IT system and network information. Managing log messages is important for every organization, including the Academic Network of the Republic of Serbia - AMRES, and enables efficient and high-quality analysis of work and utilization of both, the service and the network. Elastic Stack software is a comprehensive open-source tool that enables the collection and search of a large number of log messages of different types, the creation of reports, and graphical representation of the desired results. This work explains the process of collecting and analyzing log messages of the AMRES eduroam service and gives examples of usage of the Grafana open-source tool in visualizing statistics and behavior of AMRES end users.
Colombia has been undergoing a process of digital transformation which has generated the advancement and growth of new technologies that leverage education and research in HEIs within the country. One of the technologies that is growing day by day worldwide is the implementation of the IPv6 protocol, which, in Colombia, has positioned us as the fifth country with the highest traffic generated by IPv6 in Latin America. With the implementation of the IPv6 protocol, it has been possible to generate a high impact within the technological infrastructures of the entities, such as: 1. Generate good practices in the flow of information in both IPv4 and IPv6, 2. Easily publish new services without NAT techniques, 3. Independence in the publication of new services by having the wide availability of addressing within its own IPv6 network prefix, 4. Generating new security policies within entities aligned to current cybersecurity standards.
The force for change in favor of IPv6 has increased significantly since the exhaustion of IPv4 in the majority of the Regional Internet Registries in 2015. The need for IPv6 in academic networks is evident as the new IP address enables innovation and research through its support for new applications. While the global availability of IPv6 connectivity hovers around 40%, there is need to investigate the contribution of Universities and Academic Resource providers in enabling basic services on IPv6.
In recent years, there has been a major development in the field of cluster computing. These solutions often require many dedicated resources to communicate with each other and bind their abilities in a collaborative manner. There is also a requirement to allow multiple users to use a single cluster without affecting each others' computations. Nowadays, the FPGAs provide an excellent scalability and programmability for this purpose with the advantage of parallelism and achieved throughput. This talk introduces the design of a generalized streaming library for the PCI Express interface called JetStream 2.0. It is an enhancement of the previous generation able to run at the data rates of PCI Express Gen3 x16, that means reaching the transfer speeds of up to 100 Gbps. The architecture also supports sending data between two FPGA cards using a zero-copy mechanism which bypasses the classical buffering of data in RAM and sends them directly to the addressed device. This solution is proposed as vendor independent, thus FPGA cards both from Intel and AMD/Xilinx can be used and also mixed on the host.
In the recent years, we came to realise that cybersecurity not only requires technical measures but also cooperation on the part of the users, in order to make organisations more resilient against cyber-attacks. But changing user-behaviour requires more than just a one-time training and demands a different skillset than most experts on cybersecurity have. That's why the field is undergoing a transformation inviting professionals from other disciplines to support security. In my Master’s thesis I studied the collaboration of security awareness specialists with internal communications. The results from the interviews provide insight into how practiced interdisciplinarity can support security professionals in their daily work and thus make organisations more secure.
The transition to renewable energy is critical to mitigate the effects of climate change and achieving a sustainable future. One promising approach to advance this transition is through the development of Renewable Energy Communities (RECs). These communities are formed by groups of people or organizations that come together to produce, consume and share renewable energy locally and they are designed to promote local ownership, collaboration, and innovation in the deployment of renewable energy technologies. To fully realize the potential of Renewable Energy Communities, assessing their value and impact is essential. This assessment will provide insights into the benefits and challenges associated with RECs and help identify best practices for their development and implementation. It will also evaluate the economic benefits of these communities, including the potential for job creation, increased economic activity, and cost savings for participants.
Secure computer networks rely on monitoring, threat detection, and security operators, who respond to automatically created alerts. Performance of current anomaly and threat detection methods is dependent on the network telemetry data they are developed on. However, network telemetry does not contain truthful information in some cases. An error can occur during transmission, or an attacker can spoof information, to confuse threat detectors. As a result, many attacks may remain undetected and false alerts might overwhelm security personnel. We are currently exploring an approach that utilizes a combination of several data sources to overcome their imperfections.
Many state-of-the-art detectors are based on Machine Learning (ML) technology, which can be easily confused. Attackers can alter traffic shape by sending additional data, which is unnecessary for communication. Malicious traffic can be completely hidden by this technique and missed by the ML — an outgoing attack might not be detected at all. Data incompleteness is another problem. For example, no blocklist can ever contain every malicious IP address. Moreover, these IP addresses can change over time. Therefore the output of some detectors might not reflect reality. Current techniques, when used separately, are suffering from many pitfalls.
This talk aims to highlight the problem of a widening gap between system specifications and actual behaviour in production in the tech industry, which can cause confusion for developers and users. The use of Open API is introduced as a solution to this issue. Open API provides a framework for collaboration that narrows the gap between documentation and code, allowing API consumers to trust that published APIs will not be modified. Additionally, there are automation tools available to generate artifacts and automate documentation. The benefits of Open API in collaboration with beta testers and partner NRENs are discussed, emphasizing the importance of testing and avoiding potential mistakes. A mock spec is suggested to validate the design and test endpoints, saving time and making data migration more manageable. Postman and Glitch are tools that can assist in this process by creating redirect scripts and validating input from users.
Several National Research and Education Networks (NRENs) are currently implementing new generations of optical networks based on partially disaggregated designs. These systems have the capability to transparently transport any optical signal, which opens up the possibility of deploying Spectrum Connection Services (SCS) that can provide ultra high-capacity connections. GARR and GEANT have recently built a pilot SCS between the High Energy Physics Data Centre at CERN in Switzerland and the Italian Tier 1 at CNAF in Bologna. The service has been tested over a distance of 1000km and supports two wavelengths of 400G capacity, this is the first time such a multi-domain spectrum service has been provided to a big-science user.
In this presentation, we will discuss the results of this pilot project and highlight its underlying benefits. We will also share our architectural considerations, tips, and tricks for deploying this type of service. Specifically, we will discuss the potential for cost saving when deploying an SCS. Additionally, we will explore the lower latency that can be achieved through router and transponder bypass.
The Submerse project has received substantial funding to utilize the GEANT community's submarine cables for seismology monitoring. The project aims to provide high-quality seismological data by leveraging existing submarine and terrestrial fibre-optic cables, which can act as sensors using a range of technologies, such as polarization monitoring and Distributed Acoustic Sensing (DAS). The objective is to deploy DAS technology on the same fibre-optic cables as Dense Wavelength Division Multiplexing (DWDM) traffic with the Internet traffic. As part of the SUMBERSE project, SIKT is conducting lab testing to evaluate the co-existence of DAS technology with DWDM equipment.
This is the story of a hyperconverged cluster based on Proxmox and Ceph. Our journey begins from the requirement of a new mail server, continues with a first 8 node cluster, ends with the current 16 nodes setup and a look in to the future. It will include: some initial pain, incomprehensible network bugs and a successfully running stable cluster.
eduGAIN is a globally active organization focusing on the interconnection of identity federations commonly rooted in national research and education networks. Many of those networks operate an Authentication and Authorisation Infrastructure (AAI) in order to facilitate the utilization of services provided by the separate participating institutions to users of other institutions within the federations. The eduGAIN Security Team acts as a central contact and support point for security incidents eduGAIN. In the lightning talk, a member of the team will describe some of the incidents handled by the team and explain its jurisdiction and essential stages of the investigations. Attempting to foster the response capabilities, the team is also looking into exercises simulating selected aspects of incident response. The exercises are motivated by actual incidents to mediate real experiences for the attendee. The talk will sketch the concepts of the exercise and present plans for the near future.
Scientific research in 21st century is radically different from what it used to be in the past. The great scientific breakthroughs of our age have happened thanks to the possibility of easily sharing ideas, information and knowledge, irrespective of geographic distances. This has contributed to make the network an integral and inseparable part of any large scientific endeavour. And not just for those collaborations that have a need for large-scale distributed computing. Access to online libraries and data repository, e-learning platforms, reliable videoconference systems, are all things that we, as NREN community, allow them to access and use seamlessly and securely. Thanks to our collective work, their ideas can become data, and data becomes knowledge. This LT will use evocative pictures and extracts from music pieces to elaborate on this concept.
NRENs were established and designed to connect people, to connect them among themselves and to connect them to the knowledge sources. Our purpose has always been to help aggregate knowledge. We always wanted to enhance the existing connections among research communities and to create new ones. We have been connecting educators, those who help create and spread knowledge. They are capable of sharing existing knowledge with younger generations and bringing gifted young people into knowledge-based communities.
NRENs were designed for an online world that was a world of knowledge. Today's Internet is something completely different. It requires special skills to find and verify authentic content, and avoid the many dangers and deceptions. It requires special skills to gain insight into the wider world as shown to us by algorithms.
At NRENs we still mainly limit ourselves to the functions which were established in the early days of the Internet. But as the Internet itself has changed, perhaps our role should evolve to also spread the knowledge that we have about the vast online world that is lurking outside our academic online bubbles?
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam vitae lacus vitae lorem consectetur auctor. Suspendisse porttitor vehicula lacus, eget faucibus augue venenatis eu. Fusce varius, nisl sed porta molestie, augue turpis eleifend neque, et mattis eros lorem ac nisl. Vivamus feugiat tristique commodo.
don’t wait, register now!
TNC, the largest and most prestigious research and education networking conference, attracts a diverse audience of over 800 participants from more than 70 countries and offers a unique collaborative experience.
Hoekenrode 3
1102 BR Amsterdam
The Netherlands
City House, 126-130 Hills Rd,
Cambridge CB2 1PQ
United Kingdom
url: geant.org
TNC23 is co-funded by Europe’s NRENs and the European Union (EU).