Funded Projects

Launched in February 2021, the GÉANT Innovation Programme funded twenty projects in the areas of multimedia, networks, trust & identity, education, cloud, security, privacy and eHealth. The table below shows an overview of the projects funded:

2022

eHealth

Artificial Intelligence-based contactless Devices for tele-Rehabilitation and Health
To deal with the increasing number of diseases connected to ageing, the Healthcare system has to change its paradigms in order to reduce costs and, more importantly, to offer elderly citizen the possibility to receive effective and continuous care. In the last years, assistive electromechanical devices have been introduced but they are complex, bulky, expensive, not reusable and limiting for natural free movements and posture.
The project aims at overcoming the above limitations by characterising a new generation of intelligent monitoring/tracking/evaluation systems for tele-rehabilitation, tele-monitoring and well aging and by providing new data interpretation and data sharing paradigms. By producing long streams of high temporally and spatially resolved data which have to be shared among specialists and researchers, the project also aims at providing new open-source paradigms for the analysis, interpretation and interoperable standards for data and results sharing from the above devices.

Submitter organisation: University of L'Aquila (UNIVAQ)

Multimedia

drawOnMeet - Common drawing on any video in eduMEET sessions
drawOnMeet is an extension for eduMEET, allowing all participants to draw on any video stream within a videoconference, to highlight important areas of videos and to focus the discussion. The uniqueness of this solution lies in the fact that participants can use any of the video streams, while in commercial tools the presenter can draw on own screen sharing video, but not on the main video. Furthermore, as eduMEET has the possibility of sending more than 1 video stream, drawing on any video would bring great benefit to teachers and presenters. Also, any participant could draw on any video, further enhancing the collaboration. drawOnMeet will be added to the eduMEET repository and made freely available.

Submitter organisation: PSNC

Cloud and Networks

eCLAT: eBPF Chains Language And Toolset
To answer the growing demand for more efficient and complex networking services, tech giants have moved to fully programmable solutions which are based on eXtensive Berkley Packet Filter (eBPF). eBPF offers unrivalled performance characteristics but unfortunately these programmes require experience in programming in a restricted (in‐kernel) environment. This is the reason why some frameworks for eBPF configuration such as Cilium and Polycube are emerging, to make eBPF applications easier to build. This project will provide a contribution in this field, specifically by supporting eBPF programmability, modularity and code reuse by a tool called eCLAT (eBPF Chains Language And Toolset).

Submitter organisation: University of Rome

PBSPro-Kubernetes Connector for Seamless HPC Submission
The overall objective is to develop a connector between PBSPro scheduling system (one of common scheduling systems in NRENs) and container-platform Kubernetes. The connector will enhance the possibilities of computational pipelines performed in Kubernetes without rewriting HPC-tailored code into containers and provide hybrid cloud with single entry point from user perspective. The connector will also provide ways of seamlessly integrating data from various storage points and a simple way of providing authentication. Connector’s performance and usability will be tested on real use-cases that use bioinformatics workflow manager such as Nextflow. Research groups that would like to use the best of HPC and container worlds will benefit from the solution.

Submitter organisation: Masaryk University

Borderless Data Spaces
Data is the key value of our modern society. However, often the actors in charge of data production and consumption are different, hence posing non-trivial challenges to control who can access what, and (even more important) the guarantee that data is not stolen / copied illegally, in particular when sensitive data is concerned. The BORDES project leverages the open-source Liqo.io framework to demonstrate a cloud-based technology that can dynamically create flexible data spaces upon request, potentially spanning across multiple administrative domains, enabling a data producer to offer its data to potential consumers, without giving up on security and data ownership/sovereignty rules, and without affecting the possibility of consumers to read and process arbitrary data. This technology will dramatically simplify the operations of data producers and consumers (which are often different actors), as well as processing multiple data sources, thanks to a data-gravity approach in which processing is (securely) moved close to data sources.

Submitter organisation: Politecnico di Torino

Networks

TCPLS Low-Lat
Future applications like remote health, industrial automation and cloud gaming require a low and stable latency while new mobile networks such as 5G and Low Earth Orbit Satellite (LEOS) Internet o/er more path diversity. But for decades, protocols have been optimised for single-path throughput rather than latency. Unfortunately, innovation in the transport layer is hard to deploy and use due to several factors.

Our approach, called TCPLS, demonstrates that by revising the way TCP and TLS are combined today, we can securely extend the transport services they o/er to include multiplexing, connection migration and multipath capabilities. To enable low-latency applications, our project proposes to extend the TCPLS library with a mechanism to probe and select a network path given a latency criterion, e.g., lowest, more stable.

Submitter organisation: The Université catholique de Louvain (UCLouvain)

Federated Learning-Driven Network
Traffic and services monitoring has always played a strategic role in understanding and managing computer networks. The rich information brought by network measurement data has germinated many machine learning models for network performance studies. Yet, meaningful sharing of data with researchers and professionals is limited mainly due to the privacy-sensitive nature of much of today's network data. Where dataset sharing is unavailable, a viable alternative is to share the learned models and their underlying learning algorithms. The proposed research aims to take a step towards a paradigm shift from data to model/algorithm sharing by developing a federated learning-driven network and services management approach. To this end, we aim to implement a software framework that provides a common platform for computer network traffic flow measurement and feature computation, and federated model learning, sharing, and deployment. The proposed approach can help fuel innovation in operations and management to improve the quality and reliability of future computer networks and services, eventually benefiting the GÉANT European Research community by having scientific and professional impacts.

Submitter organisation: Budapest University of Technology and Economics (BME)

Research and Education Network as a Service for Developing Nations
This project proposes a clean-slate approach for National research and education network (NREN) infrastructures and implements a showcase in a NREN-to-be in the west coast of Africa (Cape Verde). It is based on three vectors, namely, i) the advances of public infrastructures and services; ii) emerging paradigms such as overlay networking, network function virtualization (NFV), data plane programmability; and Open Networking initiatives. In addition, another key concept is combining low-cost access broadband internet (instead of traditional connectivity services which may be very expensive) with (edge) cloud for hosting most of the network functionalities that operate now in a virtualized way (instead of relying on expensive, specialised, and power-hungry boxes on premises).
Our work hypothesis assumes that community-building and stakeholder awareness for supporting the creation of sustainable NRENs can benefit from cloud-based quick deployment of relevant services (such as eduroam) where regular connectivity is already present. Our innovation strategy involves aggregating proven solutions from past and current NREN R&D projects - such as RARE and eduroam itself - with private cloud-based NFV developed in NosFVeraTO from Brazil’s NREN (RNP).

Submitter organisation: Trinity College Dublin

Trust & Identity and Education

SMART Campus – Building the campus on Digital key identification
The SMART Campus project addresses current aim to re-use digital identities of students and employees for the benefit of better integration and wider usability of digital services in higher education institutions, improved user-experience for students and employees, easier access to campus facilities and services, better trackability of study processes, upgraded management of access to campus premises, such as auditoriums, libraries, dormitories, exams, sport centres, and even improved access to public transportation.
As a result of the project, a proof-of-concept SMART Campus architecture will be described in a segmented manner, where both campus premises, services, access, resources, and security are integrated in such way that the synergy works for the benefit of the students and employees. The tangible result of this project will be a working solution for campus dormitory access with tap-in student identification card model, with additional security of face control security solution, and integration of both LSP and ISIC student card identification, as part of university digital identity system.

Submitter organisation: Vytautas Magnus university

SIEVA: SIEM Visibility Assessment
Assessing the security state of an information system requires relying on sufficient detection capacities to monitor a satisfactory range of threat occurrences. However, selecting the adapted tooling is a complex task for security operators: not only must they thoroughly evaluate the detection features of their deployed appliances, but manually comprehend which attacks fail to be covered. To address these challenges, we propose the SIEVA tool. We aim at designing and implementing a visibility tool that allows Security Operations Centre (SOC) teams to assess the degree of visibility they have over several Tactics, Techniques and Procedures (TTPs) from real-world threat scenarios. Our approach is threefold: (i) we carry the identification of the different data sources in their environment; (ii) we train and operate AI models to classify which information can be extracted and verify its completeness; and (iii) we align the results with the techniques from well-established security frameworks (i.e., MITRE ATT&CK) to pinpoint how the threat monitoring capabilities of a SOC can be extended. The main outcome of this project is a tool that can integrate with widely used tools, such as those laid out by the SOCTools stack provided by GÉANT. SIEVA incorporates a graphical user interface that can didactically reflect the visibility the team has by mapping it against procedure specification provided by widely adopted referents. The outcome of this project will be made available to the GÉANT community to reinforce the innocuity of NREN information systems, and foster the adoption of security best practices.

Submitter organisation: i2CAT

2021

Multimedia

mingleMeet - Interactive meeting space for eduMEET
The objective of the project is to extend the functionality of eduMEET by the creation of a user friendly, graphical mingling space to allow quick group building and interaction. Using the WebRTC and Selective Forwarding Unit (SFU) capacities on which eduMEET is based, we can switch in real-time the audio-video streams which the user sees and hears in real-time, when they enter or leave a group.

The project will bring benefits to the whole GÉANT community, allowing for better interactions between people during conferences, like the TNC, or creating new concepts of educational sessions conducted online. Our project breaks the standard approach to videoconferencing, where people meet at a fixed time, in fixed rooms. Our solution creates a game-like space where users move around using the keyboard or mouse, creating dynamic groups where they can interact. Such an approach will allow to find new usage scenarios for eduMEET and extend existing ones.

Submitter organisation: PSNC

VoDsync - Synchronous playback of high quality videos in eduMEET sessions
The objective is to extend the functionality of eduMEET by the creation of an innovative solution for synchronous playout of high quality videos. The project will extend the eduMEET server capacities by creating a upload space for Video on Demand (VoD) files. In a videoconferencing session, a user will be able to upload videos and initiate playback for all users and control the playback progress. This way, the user can show high quality videos, without reencoding and losing quality like in screen-sharing.

The project brings benefits to the GÉANT community, allowing for better video presentations during reviews or conferences.

Submitter organisation: PSNC

Trust & Identity and Education

The impact of EU Digital Identity Wallets on NRENs
The project provides a SWOT analysis and high-level architectures to explore what is necessary for a connection between NRENs and the EU digital identity wallets from different roles (identity wallet provider, trusted source of micro-credentials, provider of infrastructure) and to identify how existing NREN initiatives can be leveraged to accomplish such connections. The outcomes of this work are beneficial to both NRENs and providers of credentials as it will give an overview of functional and organizational preparations that are necessary to work with the EU digital identity wallets. This facilitates cross-border education and lowers the barriers for student mobility.

Submitter organisation: SURF

eduCLAIMS - educational claims and recommendation letter service with eduGAIN identifiers
The objective of the project is to study in detail, including both technical and legal aspects and show with a proof-of-concept system how digital educational claims should be released in a manner that (1) allows for marginal then gradual uptake and (2) observes and re-uses the GÉANT’s T&I ecosystem instead of creating a parallel world of identifiers and schemas.

The main beneficiaries of the project are the students and educators of educational institutes within the NRENs as well as the NRENs themselves if they have plans for promoting claims and microcertifications.

Submitter organisation: Budapest University of Technology and Economics (BME)

Networks

RaQSaC - RaptorQ-based data transport for low earth orbit Satellite Constellations
The project’s key objective is to develop and evaluate next-generation data transport protocols for LEO satellite networks that will deal with significant challenges arising from such unprecedented network deployments, effectively, and support unicast, multicast, many-toone, and many-to-many applications workloads, efficiently. We will develop simulation models in OMNeT++ that will enable us and the research community to experiment with existing and future LEO satellite constellations and evaluate the performance of novel data transport and routing protocols in said deployments. Using these models, we will experimentally evaluate research outputs of this proposal and compare them to state-of-the-art data transport protocols.

Submitter organisation: University of Sussex

Adaptive DNSSEC - DNSSEC: Make or Break Vulnerabilities in DNS
The Domain Name System (DNS) is a most critical, distributed system on which any access to a resource on the Internet depends (e.g., web page, virtual meeting, cloud storage, etc.) This critical infrastructure and the wellbeing of the Internet are the main potential beneficiaries of this project. The DNS system is under many different attacks in recent years [9,10,11,12] that have caused considerable damage. Worse than this are the potential of new attacks that can easily paralyze parts of the Internet, e.g., [1]. The main ingredient in these attacks is a flood of non-existent domain name requests, that by pass the resolver cache because each requests is for a different random sub-domain name. Such requests incur large overhead due to the necessity to online-sign each response, which cannot be prepared off-line without enabling zone-walking/enumeration attacks. An outcome of this project is a considerable improvement to the robustness and attack-resiliency of the DNS system.

Submitter organisation: Tel Aviv University (TAU)

Connected area(s): Security and Privacy

User Controlled SD-WAN Services (UCSS) with Performance Monitoring over GÉANT
The objective is to deploy a service for creating overlay VPNs for end users based on SRv6 with an integrated Performance Monitoring framework. We will provide a web based GUI to:

  1. Create on-demand VPNs according to specific application requirements.
  2. Monitor the end-to-end performance (loss and delay).

The project will assess the capability and the limitations of user controlled VPNs over the NREN and GÉANT and will help to understand how the NREN and GÉANT could provide services to improve the user experience.

Submitter organisation​: Consorzio Nazionale Interuniversitario per le Telecomunicazioni (CNIT)

Connected area(s): Cloud

Cloud

PLAS: Platformed Workflows
The GÉANT Cloud Flow (GCF) platform allows to run large-scale workflows consisting of tasks. Tasks are typically embedded in Docker Container images, and GCF deploys these Containers to the most convenient GÉANT site offering a Container platform. The project goal is to extend GCF's services with open-source software so that a user can not only run containerized-tasks, but platformed-tasks, i.e., tasks running within overlay platforms to leverage better the underlying cloud resources and make the workflow faster. For example, this extension would allow the execution of complex machine learning tasks within the Horovod distributed training platform, deployed by GCF as part of the workflow.

Submitter organisation: Consorzio Nazionale Interuniversitario per le Telecomunicazioni (CNIT)

Security & Privacy

ABEBox: Privacy Preserving File Sharing Service
The objective of the project is to build a privacy preserving file sharing service. The project will output a software tool that adds end-to-end data privacy on top of existing file sharing services. The problem we want to solve is related to the trade-off between data privacy and ease-to-use of cloud storage services. Indeed, the emerging need of data privacy, well addressed by Instant Messaging applications, is not adequately covered in cloud storage systems. We propose a new flexible solution to fill this gap, based on Attribute Based Access Control.

Submitter organisation: Tor Vergata University of Rome -
Electronic Engineering Department

Design and Implementation of an 802.11 Privacy Preserving Sub-Layer
​Objective: Protect peoples' privacy preventing un-authorized surveillance via Wi-Fi sensing.

Project: Research and Innovation, implementation oriented.

Outcome: 

  1. Working prototype of the privacy-protection sublayer implemented in the OpenWiFi framework; can be used to setup APs based on SDR in a Linux environment;
  2. Design of a protocol enabling the negotiation of the privacy-protection algorithm during association.

Beneficiaries: People and society at large that have one additional tool to protect their privacy. Startups and hardware vendors can pick-up the project and prototype to make it a fully-fledged commercial product.

Submitter organisation: ​University of Brescia (UniBS)

Connected area(s): Networks

Contacts

For further information, please contact innovation@geant.org
Skip to content