Reference to articles in this issue should be made as follows:
name of author(s). title, European Journal of Higher Education IT 2016/2
European Journal of Higher Education IT – EJHEIT
This issue of the European Journal of Higher Education IT (2016/2) consists of the full papers from the TNC16 congress. TNC is hosted by GEANT and this is the first publication by GEANT through EJHEIT. The theme of the conference was Building the Internet of People
TNC16, its 32nd edition, was hosted by the Czech National Research and Education Network (CESNET) and held in Prague in Czechia between 12-16 June 2016. The conference provided an opportunity for researchers, operators and suppliers of research and education networks in Europe and beyond to meet, present and discuss their latest results and requirements in an ideal environment for promoting collaboration
nine papers presented in parallel sessions were selected for this publication. These papers cover both research and practical approaches to some of the challenges faced by today’s research and education networks. In keeping with the conference theme, one thing they have in common looking at the people connecting with monitoring, management, analysis and use of the network and human factor on top of those services.
European Journal of Higher Education IT is a journal created to support and disseminate International research, case studies, interviews and more within the field of higher education IT. Editorial Committee
ISSN 2519-1764
Editorial Introduction
Johan Bergström, Gyöngyi Hórvath, Brook Schofield
Abstract
TNC16 – Building the Internet of People
TNC16, its 32nd edition, was hosted by the Czech National Research and Education Network (CESNET) and held in Prague in Czechia between 12-16 June 2016. The conference provided an opportunity for researchers, operators and suppliers of research and education networks in Europe and beyond to meet, present and discuss their latest results and requirements in an ideal environment for promoting collaboration This year’s conference theme was “Building the Internet of People”. Without the relationships between research teams, individual researchers at higher education institutions there would be no succesful research done. At the center of this collaboration and as an enabler stands the NRENS. From the start NRENs have been in the business of connecting, not only campuses to each other and to the rest of the Internet but also people belonging to many different communities.
Monitoring and management
Research paper
Simplifying multi-layer network management with RINA: Analysis of a multi-tenant data center network
Eduard Grasa, Bernat Gastón, Sven van der Meer, Michael Crotty, Miguel Angel Puente
Abstract
Simplifying multi-layer network management with RINA: Analysis of a multi-tenant data center network
Computer networks are made of multiple co-operating layers that perform different functions implemented by a diverse set of protocols. The current approach of one function per layer implemented via one or more protocols contributes to increasing the complexity of multi-layer network management systems, causing them to be more expensive, error-prone and less automated that they could be. RINA is a network architecture featuring a single type of layer that recurses as many times as needed by the network designer. This layer, called a DIF, provides Inter Process Communication (IPC) services over a certain scope and ranges of bandwidth, QoS and scale. This paper performs a comparative analysis in the complexity of managing an IP-based and a RINA-based large-scale multi-tenant data centre networks. Configuration management is the main target of the analysis although some hints on performance and security management are also provided. The analysis shows that the commonality built into the RINA architecture and the single type of recursive layer with a uniform API greatly reduces the complexity of the models the Network Management System (NMS) uses to understand the state of the managed network. RINA opens the door not to an unprecedented degree of automation in Network Management, enabling the NMS to perform sophisticated configuration changes in multiple layers of the network at once while minimizing the risk of causing service downtime.
Technical paper
6MoNPlus:Geographically distributed Dual Stack network monitoring
Filippo Lauria, Claudio Porta, Andrea De Vita, Abraham Gebrehiwot, Alessandro Mancini
Abstract
Geographically distributed Dual Stack network monitoring
Monitoring and controlling geographically distributed Dual Stack networks on the present Internet architecture is a complex task. The diffused use of Network Address Translation (NAT) and issues caused by border firewalls make remote network monitoring difficult. It is also necessary to physically be connected to the remote networks to sniff packets. There are several situations in which it is convenient to have an easy to use tool, accessible from every location, for monitoring and managing various networks, distributed in different locations, using a single management interface. This article is proposing a geographically distributed, scalable and extensible open tool for monitoring and controlling geographically distributed Dual Stack (IPv4/Ipv6) networks using a single management interface by solving the NAT traversal and firewall issues.
Technical paper
NetSage: Open privacy-aware network measurement, analysis and visualisation service
Alberto Gonzalez, Jason Leigh, Sean Peisert, Brian Tierney, Andrew Lee, Jennifer M. Schopf
Abstract
NetSage: Open privacy-aware network measurement, analysis and visualisation service
NetSage is a project to develop a unified open, privacy-aware network measurement, and visualization service to address the needs of today’s international networks. Modern science is increasingly data-driven and collaborative in nature, producing petabytes of data that can be shared by tens to thousands of scientists all over the world. The National Science, Foundation-supported International Research Network Connections (IRNC) links, have been essential to performing these science experiments. Recent deployment of Science DMZs [Dart, E. et al., 2013], both in the US and other countries, is starting to raise expectations for data throughput performance for wide-area data transfers. New capabilities to measure and analyze the capacity of international wide-area networks are essential to ensure end-users are able to take full advantage of such infrastructure.
NetSage will provide the network engineering community, both US domestic and international, with a suite of tools and services to more deeply understand: 1) the current traffic patterns across IRNC links, and anticipate growth trends for capacity-planning purposes;2) the main sources and sinks of large, elephant flows to know where to focus outreach and training opportunities; and3) the cause of packet losses in the links and how they impact end-to-end performance.
SDN data plane
Research paper
Distributed cloud services based on programmable agile networks
Sonja Filiposka, Yuri Demchenko, Tasos Karaliotas, Migiel de Vos, Damir Regvart
Abstract
Distributed cloud services based on programmable agile networks
In order to allow researchers to focus on their work, all newly designed applications and services must not only offer features needed to tackle Big Data problems, but need to work seamlessly and intuitively, while efficiently hiding all non-necessary technical and networking details from the end user. Thus, today’s requirements of the research and education community demand a holistic converged approach in the design of new generation intelligent cloud aware networks that need to work in concert with the distributed application components. The goal of this paper is to contribute toward setting up the building blocks of an open multi-cloud ecosystem based on a programmable cloud service delivery infrastructure. For these purposes we examine the possibility of introducing a third-party multi-cloud marketplace placed on top of a cloud aware agile network that can be reconfigured based on the defined multi-cloud application workflow. We discuss the overall architecture of the ecosystem and define the requirements for the underlying network infrastructure. The described proof of concept demonstrates the benefits of the proposed solution providing an example of how the concepts of network function virtualization and software defined networks can be leveraged in order to obtain an agile programmable network that will respond to the changes in the application traffic flow. With self-provisioning being acknowledged as a crucial component among service providers, we discuss all steps needed in order to translate user requests in a fully automated end-to-end service delivery and monitoring especially in a multi-domain environment.
Ludo – Kids playing Distributed Denial of Service
Research paper
“LUDO” – Kids playing distributed denial of service
Jessica Steinberger, José Jair Santanna, Evangelos Spatharas, Hendrik Amler, Niklas Breuer, Kristian Graul, Benjamin Kuhnert, Ulrike Piontek, Anna Sperotto, Harald Baier, Aiko Pras
Abstract
“LUDO” – Kids playing distributed denial of service
Distributed denial of service attacks pose a serious threat to the availability of the network infrastructures and services. GÉANT, the pan-European network with terabit capacities witnesses close to hundreds of DDoS attacks on a daily basis. The reason is that DDoS attacks are getting larger, more sophisticated and frequent. At the same time, it has never been easier to execute DDoS attacks, e.g., Booter services offer paying customers without any technical knowledge the possibility to perform DDoS attacks as a service. Given the increasing size, frequency and complexity of DDoS attacks, there is a need to perform a collaborative mitigation. Therefore, we developed (i) a DDoSDB to share real attack data and allow collaborators to query, compare, and download attacks, (ii) the Security attack experimentation framework to test mitigation and response capabilities and (iii) a collaborative mitigation and response process among trusted partners to disseminate security event information. In addition to these developments, we present and would like to discuss our latest research results with experienced networking operators and bridging the gap between academic research and operational business
Security: hardening the attack surface
Research paper
State-of-the-Art in Biometrics for Multi-Factor Authentication in a Federative Context
Martijn Oostdijk, Arnout van Velzen, Joost van Dijk, Arnout Terpstra
Abstract
State-of-the-Art in Biometrics for Multi-Factor Authentication in a Federative Context
Despite having been a promising technology for authentication for quite a long time, biometric authentication has not seen large scale adoption in federations for higher education and research. Lately, however, in the consumer domain there appears to be increased interest in stronger forms of authentication (e.g., one-time-password apps for smartphones) and biometric applications (e.g., embedded finger print readers in smartphones). It may be the right time for the higher education and research community to evaluate the current state-of-the-art in biometric authentication. This paper investigates the state-of-the-art in biometric technology (anno 2016), establishes a set of evaluation criteria and compares the different biometric modes according to these criteria.
Advanced video applications
Technical paper
Multipresence: towards videoconference and collaboration in multi-use environments
Valter Roesler, Luiz Eduardo de Souza Coelho, Guilherme Longoni, André Marins, Leonardo Crauss Daronco, Leandro Ciuffo, Renato Duarte
Abstract
Multipresence: towards videoconference and collaboration in multi-use environments
The objective of this paper is to present an architectural and technological view of a new video conference and collaboration system called “Multipresence”, which adapts to various physical environment settings and enables the interoperability of various technologies.
The Multipresence system allow interoperation of many technologies to comply with a multitude of devices and communication standards, such as the following:
- Telepresence room in high definition (Full HD).
- Ultra-telepresence room in ultra-high definition (UHD 4K).
- Content sharing among the participants (simultaneous upload, rearrangement and visualization of images, texts and applications)
- Legacy videoconferencing systems.
- High definition videoconferencing through a personal computer application program.
- Web conferencing (web browser).
- Mobile devices and SIP phones.
There is a video demonstration of the Multipresence system with English subtitles at https://www.youtube.com/watch?v=lud2KwzstCM. This video was shot during an event called Forum RNP (RNP is the Brazilian NREN and one of the sponsors of the project), in august, 2015.
Networking History, Arts and Cosmos
Case study
Innovating Colosseo: A distr-active artistic performance
Edoardo Angelucci, Alex Barchiesi, Andrea De Tommasi, Bruno Nati, Mirella Serlorenzi, Sabrina Tomassini, Cristiano Valli, Giancarlo Viola, Carlo Volpe
Abstract
Innovating Colosseo: A distr-active artistic performance
For many years now the Italian Research and Education Network (GARR) has been supporting the cultural heritage community by providing advanced network infrastructure and tailored technical solutions that answer its specific requirements.
An example of this strategy is the digital architecture developed for the SITAR territorial system, an online geo-tagged archaeological repository of Rome metropolitan area, which was designed and implemented by the Special Superintendency of Rome.
In 2015, for the first time in history, several Roman monuments of high historical value were interconnected to GARR Network through fiber-optics. This achievement, a landmark in the support of this community, offered the occasion for a challenging endeavor: the setup of a geographically distributed performance leveraging on high-quality R&E network and highlighting the opportunities it can offer to performing arts.
The live performance, a theatrical play specifically designed by the internationally renowned director Giorgio Barberio Corsetti in collaboration with GARR, has leveraged the network to allow HD real-time interaction of actors and musicians located in different locations: three archaeological sites in Rome (Colosseum, the Baths of Diocletian, Crypta Balbi) and a research laboratory, the Frascati National Laboratories of the National Institute of Nuclear Physics (INFN).
Accomplishing what might be called a distr-active (distributed and interactive) performance required careful planning that included the setup of network connections, a very fine tuning of several full-HD streams and the preparation of two sites that used the LoLa software (especially built by GARR in collaboration with the Tartini Music School in Trieste) .
Global Network Architecture
Case study
Bridging the Digital Divide in Tropical South America
Eduardo Grizendi, Michael Stanton
Abstract
Bridging the Digital Divide in Tropical South America
We describe an alternative for bringing broadband telecommunications to regions with little or no fixed infrastructure, such as roads, railways or power lines, for the installation of fibre optic cables, but which possess river systems which permit the use of well-known submarine technologies. The paper describes the adoption of such an alternative in the Amazon region of Brazil, and proposes its more widespread application.
Differently from the oceans, river systems exhibit more variable behaviour due to dynamic alterations in courses, depth and flow. An example is the quantity of solid material being carried downstream, which might damage underwater cables.
In 2015, a proof of concept was demonstrated by building a 7 km stretch of cable in the Negro river near to Manaus in Brazilian Amazonia. At the time of writing a 220 km pilot project is being carried out on the Solimões (upper Amazon) river, west of Manaus. The cable-laying is complete, and some of the results of this project will be reported at TNC16.
Currently, there are regions in the world where geographical considerations have impeded or made impossible the conventional ways of building telecommunications infrastructure. We point out the benefits and difficulties of the alternative of subfluvial fibre optic cables.
Apart from describing the present-day use of long-distance subfluvial cables, we have also (re)discovered the same technology used in the same region for electrical telegraphy at the end of the 19th Century, showing there are still lessons to be learned from our forebears even in the Internet age.