...
David Groep, DG (Nikhef)
Peter Schober, PSc (ACONETACOnet)
Yannis Mitsos, YM (GRNET)
...
- No objections were raised toward the greenhouse project. Plans are to continue this project in Due to lack of resources, the only option to establish a Greenhouse framework would be via a partnership with an existing company that can provide the necessary infrastructure to maintain sustain open-source productproducts.
- Afrodite’s talk about the lightweight adaption of operations / business support systems (OSS/BSS) architecture developed at GRNET provided some interesting inputs for discussion. There was some interest although no concrete follow up.
...
The general feeling was that side meetings are very valuable to TTC members and to many community members. TNC format could be changed to accommodate this need better.ACTION
Recommendation: The TTC recommends TNC to consider a format where more side meetings are possible. Options could be to close the formal conference one day earlier and use the Thursday for WG meetings only.
Michael Enrico reporter reported about his conversation with Florence Hudson, the new I2 Chief Innovation Officer, and the innovation package she is working on. I2 seems to be more interested in the Internet of Things (IoT) compared to the GÉANT community. ME noted that the EC has also allocated significant funding to develop IoT; several EU cities have benefited from that and have become ‘internet ready’.
...
YM noted that there is a lot of interest in SDN; it is up to GÉANT to implement the recommendations in this place.
RE noted that there is a sufficient interest for next generation network discussion that could justify a SIG-NGN. In light of the new H2020 a SIG could also be useful to spin off discussions on the preparation of open calls proposal (which are expected to become much more cross e-Infrastructures than what happened in the past) or other community projects.
ACTION: RE to start the preparation for the SIG-NGN
3. Updates on GEANT (the association) work
TFs/SIGs updates
- TF-MNM - NH noted that the Task Force is running out of enthusiasm ; and suggested that when this its charter expires we should think of moving tf-mnm to a SIG which would fit more the way the current group operates. The current charter is still the reference under which the group operates, although there is no real concrete output.
The TF is working closer to eduroam global governance committee and this has provided useful feedback to both groups; it brings the GeGC closer to more concrete aspects of the operations of eduroam as a global service.
There are less face-to-face meeting lately and more topic-based videoconference, for which there is a lot of enthusiasm. - TF-CSIRT/TI - NH noted that TF-CSIRT is a different type of task force, in fact the name task force is probably not really fitting this group . The trusted introducer service and transit report to this TFas the Trusted Introducer service and TRANSITS training are part of the TF-CSIRT service umbrella.
There is a review ongoing of Trusted introducerIntroducer, to evaluate if it is still offering the right services to the community as well as the way in which the service is procured.
NH reported on the feeling (only shared by some of the TF-CSIRT participants) that TF-CSIRT can operate independently from the GÉANT. This seems to reflect more the be based on some underestimation on what GÉANT offers and the support provided offer in terms of support and coordination not only in organising the meetings (which are mini-conferences) but also in preparing minutes and handling administrative work. - TF-MSP - JD reported on the work of TF-MSP. One of the main area of work is the aggregate procurement approach that is gaining significant consensus; there is already collaboration with the service activity in the GÉANT project that procures clouds services. Plans are to expand the framework beyond clouds.
Another aspect of interest is NRENs Acceptable Use Policy, which is covered for the network services, but it should be expanded to encompass all other services.
The task-force is healthy and there is still significant attendance and participation during the meetings. There is a lot of interest in the output but not a lot of engagement from the whole group to work towards these outputs. Most of the work seems to fall on a few people. This seems to be a trend in many other activities. - TF-WebRTC - PSZ reported that one of the main area of work is the aggregate procurement approach that is gaining significant consensus; there is already collaboration with the service activity in the GÉANT project that procures clouds services. Plans are to expand the framework beyond clouds.The TF work is linked to the counterpart Service Activity in the GÉANT project (Real-Time Applications and Multimedia Management), in fact the TFs can be considered the outreach of the GÉANT-funded WebRTC work.
There is interest in some NRENs in open source solutions 1 (JITSI). Work to this extend is being carried out as a joint effort in the task force and the service activity in GÉANT with the aim to implement an open source platform. The idea is to create a trust an API on top of the secure and trusted WebRTC platform operated by GÉANT. Plans are also to use the task force to create and hackathon to reach out more developers.
PSz said we should focused on the GN3plus EC review recommendation “the network is not so interesting but the applications on top of that are”.
- TF-STORAGE - PZs reported that the
Another aspect of interest is NRENs Acceptable Use Policy, which is covered for the network services, but it should be expanded to encompass all other services.
The task-force is healthy and there is still significant attendance and participation during the meetings. There is a lot of interest in the output but not a lot of engagement from the whole group to work towards these outputs. Most of the work seems to fall on a few people. This seems to be a trend in many other activities.
TF-STORAGE - PSz The task force is business as usual. There was a gathering at TNC targeted at both the industry and the GÉANT Community. OwnCloud and Zettabox (they work similarly to dropbox but they are EU-based) attended the meeting and presented as well. Aconet, University of Vienna and SWITCH seem to be interested in Zettabox . The plan is to offer that under the GÉANT cloud service catalogue: https://catalogue.clouds.GÉANT.net/#/cloudservices .The TF-Storage is moving more and more towards cost effective storage. Things like the OwnCloud Agreement and FileSender are out of the task force.
- SIG-ISM - AS reported that the SIG-ISM has accepted to reopen the group to all parties interested in ISM, which in principle makes the group to operate available for participation beyond the NRENs .community. The aim of this SIG is to create a community of security management professionals in the NRENs and to discuss security management and security standards at NRENs level.
In the last In the last months the SIG has been particularly active. On the 12th and 13th of May the 1st official workshop was held at the Imperial College in London which was both well attended and received.
Collaboration with REFEDS has been established and an ongoing one has also started with SCI ( Security for Collaborating Infrastructures)
The two groups are organizing a joint workshop about security for the 2nd half of October in Barcelona.
Alf Moens (SURFnet) gave a presentation of the SIG during the last REFEDS meeting with the aim to raise awareness on the group, which could provide support for federations and any identified security risks.
The SIG as part of their outreach has also established a communication with the Security for Collaboration Infrastructure group (SCI, https://www.eugridpma.org/sci/) a collaboration of security staff from several large-scale distributed computing infrastructures, including EGI, OSG, PRACE, wLCG, and XSEDE. The two groups are organizing a joint workshop to be held in the 2nd half of October in Barcelona.
- SIG-NOC - PZs presented the aim of SIG-NOC, that is to create a forum where experts from the community exchange information, knowledge, ideas and best practices SIG-NOC - PSz highlighted the SIG-NOC charter the TTC was asked to approve. The aim of SIG-NOC is to create a forum where experts from the community exchange information, knowledge, ideas and best practices about specific technical or other areas of business relevant to the research and education networking community. The group has been shaped following TF-CSIRT model and TRANSIT (train the training), but follows a more light-weighted approach.
There are a set of KPIs included in the charter to evaluate the performances of the group in one year time.
RE commented to break out the specific SIG content from the more general part of the SIG templatethe more general part of the SIG template. Staff commented that the specific ToR were indeed an instantiation of a generic template that would be reused in all similar cases. DG was pleased by the involvement of other networks together with the NRENs.The ACTION: PSz to inform the team the TTC approved unanimously the charter.the SIG-NOC unanimously
- TF-MNM - NH noted that the Task Force is running out of enthusiasm ; and suggested that when this its charter expires we should think of moving tf-mnm to a SIG which would fit more the way the current group operates. The current charter is still the reference under which the group operates, although there is no real concrete output.
Services updates
- Open Cloud mesh (PSz) - Owncloud is active in the Open Cloud mesh, the initiative to interconnect different owncloud instances. OwnCloud has promised to realise release the code very soon to the TF.
Q; Is anyone tracking installation for OwnCloud?A: In response to a question on whether the installion code cof OwnCloud is tracked, PSz answered that OwnCloud has an agreement with GÉANT but ; however they also have bigger customers that are handled independently. We do track the installation that are under the agreement. There is also a closed OwnCloud developer group, for those that are doing development on top of OwnCloud.
- Open Cloud mesh (PSz) - Owncloud is active in the Open Cloud mesh, the initiative to interconnect different owncloud instances. OwnCloud has promised to realise release the code very soon to the TF.
- TCS - TCSis since the July 1st in production.
AS noted that DigiCert collaboration is working smoothly. There a was a meeting during TNC to present the new system, which went well. Although the current DigiCert managed portals portal uses the same attributes that were released before to confusa, some people feel uncomfortable releasing attributes to DigiCert now.
AS, with the support of the PMT, is working to make it clear to federations and IdPs that the legal framework in place is legally sound for them to release attributes. The service work works very well, the support is very good.
- TCS - TCSis since the July 1st in production.
...
There area two deliverables due at the end of July: one on technical requirements that AARC should focus on to design the integrated architecture and the other on training.
SGA1 (GN4) – GN4 –GN4 is progressing well; lots of preparation is being spent on the phase two which is expected to start in may 2016. There is a new task that NH is leading that is 2016. PDOs are involved in the following activities:
- Coordination of the service activity Real Time Application and Multimedia management – PSz
- There is a new task (Harmonisation), led by NH, which is part of the service activity Trust and Identity Service Development (coordinated by Ann Harding). This task is about looking at some of the requirements and their implications on the IdPs. This offers also an opportunity to link the eduGAIN policy work, the enabling users work and other relevant GÉANT work to REFEDS.
- eduGAIN service coordination led by Brook.
REFEDS – REFEDS celebrated this year its 10th anniversary. The group is very healthy, there is a lot of discussion on the list and a lot of work to be supported. The work plan is available on the REFEDS wiki as the rest of the material. NH is working with Heather Flanagan to kick of some additional work in the area of virtual organisations and groups. For more information please refer to:
...
The EWTI event is totally organised by Identinetics GmbH, led by Rainer Horbe. GÉANT main contribution is in the promotion of the event to bring our community there; in return GÉANT community should benefit of some contacts with the government that Rainer has gained during his work as consultant. The MoU is for a one year support; an evolution A one year MoU has been signed between the Amsterdam Office and Identinetics GmbH, with the aim of supporting the EWTI and event and to co-locate relevant events . An evaluation will follow to decide on how to continue in the future.
Technology Exchange I2 – There will be a main REFEDS events event on Sunday before the Technology Exchange meeting starts. Furthermore LF has submitted a request for a WG session to discuss about Sirtfi and assurance. AS has also submit a request for a session to discuss about community requirements as input for the current AARC project as well as consultation for the preparation of the next one.
...
JD showed the service matrix (https://compendium.terena.org/reports/nrens_services) , developed as part of the Compendium. This was extremely well received by the TTC. Thanks for Christian Gijtenbeek (developed it) and Jessica Willis for this result.ACTION
Recommendation: The TTC recommends promoting service matrix widely and to make it easily accessible via the GÉANT website.
...
Recommendation: The TTC recommends
...
GÉANT management to expose any other relevant results coming from GÉANT activities at GA level to ensure
...
they are known (and hopefully supported) by the decision makers.
Davig Groep – DG noted the high expectation in AARC on what it can achieve. We should manage this expectation so that communities will not be disappointed. DG noted that AARC should look at a mechanism to address some general questions coming from the user communities. As an example he referred to a question asked on the RFEDS lists from CERN, which triggered long and convoluted answers, whereas a simple question could have been provided.
Valter Nordth– Supporting GÉANT in updating the terms of reference for the technical programme. Plans are to present a draft for the next GA in September. Some TTC members’ terms have expired; Valter proposed to prolong the expired mandate until the end of 2015. No objections were raised.
...
Peter Schober– IDM Issues in the R&E community
As part of the more in depth area presentation each TTC member offers, PSc gave an overview of the authentication and authorisation practices in the R&E community.
PSc, as part of the more in depth area presentation each TTC member offers, gave an overview of overview of the authentication and authorisation practices in the R&E community.
There is still a lot of phising and asking subjects phising despite users being asked to use more and more more complex passwords obviously won't help there. Mitigation for this are strong authentication, 2-factor authentication, multi-factor authentication, which in practice means a combination of independent authentication methods or technologiespractices.
Yubikey Ubikey and Google joined the FIDO alliance promoting have championed 2-factor authentication (U2F: "Universal 2nd Factor") specs that use established technologies (RSA public key cryptography) , that basically uses established technologies and protocols that are now being integrated into in the browser.
Most of the requirements for 2-factor authentication come from the users in the attempt to protect their passwords rather from the resources.
Despite what many believe, the second factor authentication is not really a way to increase the assurance that the credentials are used by the right good people. To elevate the insurance other means are needed, i.e. verified process etc. which normally bring up the authentication costs.
A problem institutions still face is the request for password reset, which is still a time consuming operation and affects identity assurance. To date there is no fully automated way to do that as the new passwords have to propagated into the different databases.
PSc touched upon authorisation, which usually presupposes the user has been previously authenticated.
...
- September 30th - a videoconference meeting to report on the revised technical programme- November 24th – Face-to-face meetingthe revised technical programme
- November 24th – Face-to-face meeting
ACTION: DG to report on operational aspect of service provisioning across e-Infrastructures during the next f-2-f TTC.
8. Summary of the ACTIONS and RECCOMENDATIONS
Ref. | Status | Who | Action | Comment | |||||
20150708-01 | OPEN | GÉANTRE | To consider a format for TNC where more side meetings are possible. | 20150708-02 | OPEN | GÉANT | To promote the service matrix widely and to make it easily accessible via the GÉANT website.start the preparation for the SIG-NGN |
| |
20150708-0302 | OPEN | VNPZs | To talk to the TIC to ensure that T&I recommendations are known and endorsed by the GA. More funding to support integration at campus level is neededinform the team the TTC approved the SIG-NOC unanimously |
| |||||
20150708-0403 | OPEN | PSc | to To review his slides and distil what is being worked on and what is not being worked on by the NRENsby the NRENs
|
| |||||
20150708-04 | OPEN | DG | To report on operational aspect of service provisioning across e-Infrastructures |
| |||||
20150210-2 | OPEN | LD | Follow up on the news item about the EGI pilot for the Connect magazine | LD was not at the meeting |
item about the EGI pilot for the Connect magazine | LD was not at the meeting |
The following reccomendations are noted:
Gyöngyi Horváth and the TNC team to consider a format for TNC where more side meetings are possible.
JD and GÉANT Management to promote the service matrix widely and to make it easily accessible via the GÉANT website.
GÉANT management to expose any other relevant results coming from GÉANT activities at GA level to ensure they are known (and hopefully supported) by the decision makers.
1 RENATER, NIIF, NORDUNET/SUNET, PSNC