Deliverable JRA1.1: Evaluation of current network control and management planes for multi-domain network infrastructure

This deliverable includes a compilation and evaluation of available control and management architectures and protocols applicable to a multilayer infrastructure in a multi-domain Virtual Network environment.The scope of this deliverable is mainly focused on the virtualisation of the resources within a network and at processing nodes. The virtualization of the FEDERICA infrastructure allows the provisioning of its available resources to users by means of FEDERICA slices. A slice is seen by the user as a real physical network under his/her domain, however it maps to a logical partition (a virtual instance) of the physical FEDERICA resources. A slice is built to exhibit to the highest degree all the principles applicable to a physical network (isolation, reproducibility, manageability, ...). Currently, there are no standard definitions available for network virtualization or its associated architectures. Therefore, this deliverable proposes the Virtual Network layer architecture and evaluates a set of Management- and Control Planes that can be used for the partitioning and virtualization of the FEDERICA network resources. This evaluation has been performed taking into account an initial set of FEDERICA requirements; a possible extension of the selected tools will be evaluated in future deliverables. The studies described in this deliverable define the virtual architecture of the FEDERICA infrastructure. During this activity, the need has been recognised to establish a new set of basic definitions (taxonomy) for the building blocks that compose the so-called slice, i.e. the virtual network instantiation (which is virtual with regard to the abstracted view made of the building blocks of the FEDERICA infrastructure) and its architectural plane representation. These definitions will be established as a common nomenclature for the FEDERICA project. Other important aspects when defining a new architecture are the user requirements. It is crucial that the resulting architecture fits the demands that users may have. Since this deliverable has been produced at the same time as the contact process with users, made by the project activities related to the Use Case definitions, JRA1 has proposed a set of basic Use Cases to be considered as starting point for its internal studies. When researchers want to experiment with their developments, they need not only network resources on their slices, but also a slice of the processing resources. These processing slice resources are understood as virtual machine instances that users can use to make them behave as software routers or end nodes, on which to download the software protocols or applications they have produced and want to assess in a realistic environment. Hence, this deliverable also studies the APIs of several virtual machine management software products in order to identify which best suits FEDERICA’s needs.Postprint (published version

Organisatie van geestelijke gezondheidszorg voor kinderen en jongeren : literatuurstudie en internationaal overzicht

INTRODUCTIE: In de laatste decennia van de vorige eeuw werden er in de Westerse landen belangrijke hervormingen ingezet in de sector van de geestelijke gezondheidszorg (GGZ). In de GGZ voor volwassenen kwam er geleidelijk een model van “balanced care” (“gebalanceerde zorg”) op de voorgrond: een diversiteit aan diensten biedt de zorg zo kort mogelijk bij de eigen leefwereld van de patiënt aan, en enkel indien nodig in een instelling. Tegelijkertijd moet men ook een vlotte en naadloze overgang van de ene dienst naar de andere garanderen. Geestelijke gezondheidsproblemen bij kinderen en jongeren zijn niet onfrequent. De WGO (Wereldgezondheidsorganisatie) schat de prevalentie in Westerse landen op ongeveer 20%. Ongeveer 5% zou een klinische tussenkomst nodig hebben. De sector van GGZ voor kinderen en jongeren is pas veel later ontstaan dan deze van de volwassenen, en kent een andere zorgstructuur. Toch dringen de hierboven geschetste hervormingsprincipes ook hier door. Bovendien dient zorg voor kinderen en jongeren vaak over de grenzen van de GGZ sector heen te gebeuren, bijvoorbeeld door de huisarts of kinderarts, en komen veel problemen bij kinderen en jongeren voor het eerst aan het licht buiten de zorgsector, zoals op school. GGZ voor kinderen en jongeren dient dan ook deze zogenaamde “belendende sectoren” mee te betrekken: welzijnswerk, justitie, gehandicaptenzorg, onderwijs. DOELSTELLING: De doelstelling van dit rapport is om kennis bijeen te brengen over organisatorische en financieringsaspecten van GGZ voor kinderen en jongeren, en dit in het licht van de hierboven geschetste context. De specifieke therapie-inhoud blijft buiten beschouwing. Het rapport bestaat uit twee delen: een overzicht van de literatuur en van de organisatie van GGZ voor kinderen en jongeren in België en drie andere landen. Dit rapport formuleert nog geen voorstellen voor de zorgorganisatie in België. Voor dit proces zullen Belgische stakeholders betrokken worden. Het resultaat hiervan zal beschreven worden in een afzonderlijk rapport. METHODE: Zowel voor het literatuuronderzoek als voor het internationale overzicht werd gezocht in databases met peer-reviewed publicaties en in de grijze literatuur. In het literatuuronderzoek werden naast vergelijkend onderzoek ook descriptieve studies en kwalitatief onderzoek geïncludeerd. Voor het internationaal overzicht werd de beschikbare literatuur aangevuld met gegevens van lokale informanten. MODELLEN VAN ZORGORGANISATIE: Dit rapport legt de focus op de meest geciteerde modellen, en die modellen waarvoor er vergelijkend onderzoek gebeurde. De twee meest geciteerde modellen in de literatuur zijn het WGO-model en het Systems of care model. Beide zijn vrij algemeen en vragen verdere uitwerking door het land of de regio die GGZ voor kinderen en jongeren wil implementeren. De meeste vergelijkende studies zijn wel gekenmerkt door talrijke methodologische beperkingen zoals onduidelijke inclusiecriteria, onduidelijke uitkomstmaten of kleine steekproeven. INTERNATIONAAL OVERZICHT: Om redenen van haalbaarheid werd gekozen om dit deel te beperken tot België, Nederland, Canada (British Columbia) en Engeland. De selectie vertrok van een long-list waarop vervolgens een aantal selectiecriteria werden toegepast. CONCLUSIE: Het belang van een nationaal/regionaal beleid voor kinder- en jeugd GGZ, geconcretiseerd in een duidelijk plan, is al langer bekend. Toch is de literatuur over organisatiemodellen binnen kinder- en jeugd GGZ weinig richtinggevend voor beleidsmakers. De twee belangrijkste modellen die in de literatuur aangetroffen werden geven enkel grote beleidslijnen van algemene aard aan. Bovendien zijn de wetenschappelijke studies in dit domein van beperkte kwaliteit en blijft een groot deel van de beleidsvraagstukken niet of onvoldoende onderzocht. Wel kan men uit het onderzoek ivm. het Systems of care besluiten dat de overheid niet enkel een betere zorgorganisatie en –coordinatie dient te stimuleren. Zij dient ook het ontwikkelen en verspreiden van doelmatige therapeutische concepten te bevorderen. Het onderzoek ivm. preventie en behandeling van angststoornissen via scholen toont aan dat men moet durven zoeken naar oplossingen in samenwerking met andere sectoren buiten de gezondheidszorg. In de bestudeerde landen gaan de hervormingen uit van theoretische denkkaders die gebaseerd zijn op belangrijke ethische principes en waarden; deze overlappen in belangrijke mate tussen de verschillende landen. Echter, bij het praktisch realiseren van dit denkkader ondervindt men talrijke moeilijkheden, en in een aantal gevallen mislukt men in de vooropgestelde doelstellingen. Over het daadwerkelijke resultaat van de gevoerde hervormingen zijn er meestal weinig harde gegevens. Wellicht kan men pas tot een positief resultaat komen als zowel klinische, organisatorische, als financiële aspecten alle tegelijk aangepakt worden; en als ook de eigenheid van elk van de betrokken sectoren daarbij niet uit het oog verloren wordt. In de volgende faze van deze studie zullen samen met de Belgische stakeholders voorstellen voor hervormingen geformuleerd worden. De resultaten hiervan worden afzonderlijk gepubliceerd

Security for network services delivery of 5G enabled device-to-device communications mobile network

The increase in mobile traffic led to the development of Fifth Generation (5G) mobile network. 5G will provide Ultra Reliable Low Latency Communication (URLLC), Massive Machine Type Communication (mMTC), enhanced Mobile Broadband (eMBB). Device-to-Device (D2D) communications will be used as the underlaying technology to offload traffic from 5G Core Network (5GC) and push content closer to User Equipment (UE). It will be supported by a variety of Network Service (NS) such as Content-Centric Networking (CCN) that will provide access to other services and deliver content-based services. However, this raises new security and delivery challenges. Therefore, research was conducted to address the security issues in delivering NS in 5G enabled D2D communications network. To support D2D communications in 5G, this thesis introduces a Network Services Delivery (NSD) framework defining an integrated system model. It incorporates Cloud Radio Access Network (C-RAN) architecture, D2D communications, and CCN to support 5G’s objectives in Home Network (HN), roaming, and proximity scenarios. The research explores the security of 5G enabled D2D communications by conducting a comprehensive investigation on security threats. It analyses threats using Dolev Yao (DY) threat model and evaluates security requirements using a systematic approach based on X.805 security framework. Which aligns security requirements with network connectivity, service delivery, and sharing between entities. This analysis highlights the need for security mechanisms to provide security to NSD in an integrated system, to specify these security mechanisms, a security framework to address the security challenges at different levels of the system model is introduced. To align suitable security mechanisms, the research defines underlying security protocols to provide security at the network, service, and D2D levels. This research also explores 5G authentication protocols specified by the Third Generation Partnership Project (3GPP) for securing communication between UE and HN, checks the security guarantees of two 3GPP specified protocols, 5G-Authentication and Key Agreement (AKA) and 5G Extensive Authentication Protocol (EAP)-AKA’ that provide primary authentication at Network Access Security (NAC). The research addresses Service Level Security (SLS) by proposing Federated Identity Management (FIdM) model to integrate federated security in 5G, it also proposes three security protocols to provide secondary authentication and authorization of UE to Service Provider (SP). It also addresses D2D Service Security (DDS) by proposing two security protocols that secure the caching and sharing of services between two UEs in different D2D communications scenarios. All protocols in this research are verified for functional correctness and security guarantees using a formal method approach and semi-automated protocol verifier. The research conducts security properties and performance evaluation of the protocols for their effectiveness. It also presents how each proposed protocol provides an interface for an integrated, comprehensive security solution to secure communications for NSD in a 5G enabled D2D communications network. The main contributions of this research are the design and formal verification of security protocols. Performance evaluation is supplementary

Blockchain-based trust management and authentication of devices in smart grid

The digitalization of the power grid and advancement in intelligent technologies have enabled the service provider to convert the existing electrical grid into a smart grid. The transformation of the grid will help in integrating cleaner energy technologies with energy management to improve power network efficiency. Internet of things (IoT) and various network components need to be deployed to harness the full potential of the smart grid. Also, integrating intermittent renewable energy sources, energy storage, intelligent control of selected power-intensive loads, etc will improve energy efficiency. But deployment of this information and communication technologies will make the grid more vulnerable to cyber attacks from hackers. In this work, blockchain-based self-sovereign identification and authentication technique is presented to avert identity theft and masquerading. The proposed approach can minimize the chances of identity-based security breaches in the smart grid. This paper provides an overview of the model of identification and authentication of IoT devices in Smart Grid based on Blockchain technology. The Blockchain based implementation of identification and authentication of devices is proposed to validate the model in the distributed electrical energy network. The model is able to authenticate the device using Blockchain in a trusted model. The system works according to plan validating the authenticity of transaction in a node in log(n) time, which justifies presented result.publishedVersio

Co-creating the cities of the future

In recent years, the evolution of urban environments, jointly with the progress of the Information and Communication sector, have enabled the rapid adoption of new solutions that contribute to the growth in popularity of Smart Cities. Currently, the majority of the world population lives in cities encouraging different stakeholders within these innovative ecosystems to seek new solutions guaranteeing the sustainability and efficiency of such complex environments. In this work, it is discussed how the experimentation with IoT technologies and other data sources form the cities can be utilized to co-create in the OrganiCity project, where key actors like citizens, researchers and other stakeholders shape smart city services and applications in a collaborative fashion. Furthermore, a novel architecture is proposed that enables this organic growth of the future cities, facilitating the experimentation that tailors the adoption of new technologies and services for a better quality of life, as well as agile and dynamic mechanisms for managing cities. In this work, the different components and enablers of the OrganiCity platform are presented and discussed in detail and include, among others, a portal to manage the experiment life cycle, an Urban Data Observatory to explore data assets, and an annotations component to indicate quality of data, with a particular focus on the city-scale opportunistic data collection service operating as an alternative to traditional communications.This work has been partially funded by the research project OrganiCity, under the grant agreement No. 645198 of the European Union’s Horizon 2020 research and innovation program

The GEYSERS optical testbed: a platform for the integration, validation and demonstration of cloud-based infrastructure services

The recent evolution of cloud services is leading to a new service transformation paradigm to accommodate network infrastructures in a cost-scalable way. In this transformation, the network constitutes the key to efficiently connect users to services and applications. In this paper we describe the deployment, validation and demonstration of the optical integrated testbed for the “GEneralized architecture for dYnamic infrastructure SERviceS” (GEYSERS) project to accommodate such cloud based Infrastructure Services. The GEYSERS testbed is composed of a set of local physical testbeds allocated in the facilities of the GEYSERS partners. It is built up based on the requirements specification, architecture definition and per-layer development that constitutes the whole GEYSERS ecosystem, and validates the procedures on the GEYSERS prototypes. The testbed includes optical devices (layer 1), switches (layer 2), and IT resources deployed in different local testbeds provided by the project partners and interconnected among them to compose the whole testbed layout. The main goal of the GEYSERS testbed is twofold. On one hand, it aims at providing a validation ground for the architecture, concepts and business models proposed by GEYSERS, sustained by two main paradigms: Infrastructure as a Service (IaaS) and the coupled provisioning of optical network and IT resources. On the other hand, it is used as a demonstration platform for testing the software prototypes within the project and to demonstrate to the research and business community the project approach and solutions. In this work, we discuss our experience in the deployment of the testbed and share the results and insights learned from our trials in the process. Additionally, the paper highlights the most relevant experiments carried out in the testbed, aimed at the validation of the overall GEYSERS architecture

Generic Metadata Handling in Scientific Data Life Cycles

Scientific data life cycles define how data is created, handled, accessed, and analyzed by users. Such data life cycles become increasingly sophisticated as the sciences they deal with become more and more demanding and complex with the coming advent of exascale data and computing. The overarching data life cycle management background includes multiple abstraction categories with data sources, data and metadata management, computing and workflow management, security, data sinks, and methods on how to enable utilization. Challenges in this context are manifold. One is to hide the complexity from the user and to enable seamlessness in using resources to usability and efficiency. Another one is to enable generic metadata management that is not restricted to one use case but can be adapted with limited effort to further ones. Metadata management is essential to enable scientists to save time by avoiding the need for manually keeping track of data, meaning for example by its content and location. As the number of files grows into the millions, managing data without metadata becomes increasingly difficult. Thus, the solution is to employ metadata management to enable the organization of data based on information about it. Previously, use cases tended to only support highly specific or no metadata management at all. Now, a generic metadata management concept is available that can be used to efficiently integrate metadata capabilities with use cases. The concept was implemented within the MoSGrid data life cycle that enables molecular simulations on distributed HPC-enabled data and computing infrastructures. The implementation enables easy-to-use and effective metadata management. Automated extraction, annotation, and indexing of metadata was designed, developed, integrated, and search capabilities provided via a seamless user interface. Further analysis runs can be directly started based on search results. A complete evaluation of the concept both in general and along the example implementation is presented. In conclusion, generic metadata management concept advances the state of the art in scientific date life cycle management

Towards Interoperable Research Infrastructures for Environmental and Earth Sciences

This open access book summarises the latest developments on data management in the EU H2020 ENVRIplus project, which brought together more than 20 environmental and Earth science research infrastructures into a single community. It provides readers with a systematic overview of the common challenges faced by research infrastructures and how a ‘reference model guided’ engineering approach can be used to achieve greater interoperability among such infrastructures in the environmental and earth sciences. The 20 contributions in this book are structured in 5 parts on the design, development, deployment, operation and use of research infrastructures. Part one provides an overview of the state of the art of research infrastructure and relevant e-Infrastructure technologies, part two discusses the reference model guided engineering approach, the third part presents the software and tools developed for common data management challenges, the fourth part demonstrates the software via several use cases, and the last part discusses the sustainability and future directions