GARR

STATUTE
CONSORTIUM GARR ASSOCIATION
(GESTIONE AMPLIAMENTO RETE RICERCA)

TITLE I

(NAME, SUBJECT, DURATION, SOCIAL CAPITAL)

Art. 1 – Name and legal form

1. Pursuant to Articles 14 et seq. of the Italian Civil Code, the Association is recognised according to the DPR (Presidential Decree) 10 February 2000, no. 361, called Consortium GARR (Gestione Ampliamento Rete Ricerca), without constraints of graphic representation, and more briefly, within this Statute, "GARR".
2. Pursuant to art. 10, fifth paragraph, of Legislative Decree 25 November 2016, n. 218, the Association manages the GARR network, the only national research network, part of the European research network GEANT, open to the subjects referred to in art. 1, paragraph 512, of law no. 208/2015 for research, education, training and cultural activities.

Art. 2 – Headquarters

1. GARR is headquartered in Rome, Via dei Tizii n° 6, and can set up subsidiaries, branches, representations and agencies, as well as operational and/or administrative offices. The headquarters may be changed by resolution of the Board of Directors.

Art. 3 – Duration

1. GARR has an unlimited duration and its termination is disciplined by Title V of this Statute.

Art. 4 - Purpose

1. GARR, pursuant to art. 10, fifth paragraph, legislative decree 25 November 2016, n. 218, manages the GARR network, the only national research network which is part of the European GEANT network, and has the aim of founding and supporting scientific research at national and international level and cultural and institutional collaboration and, specifically, of:
   1. designing, implementing and managing with its own organisational and technical facilities, a national high-tech telecommunications network capable of securing connectivity to the global Academic and Research Network System;
   2. providing services to facilitate the harmonization, implementation and management of e-Infrastructures to benefit the national scientific and academic community;
   3. supporting and stimulating the development of tools to facilitate access to computing, supercomputing and storage resources at national and international level, providing the appropriate methods, interventions and functionalities needed to maintain e-Infrastructures at international standards;
   4. carrying out related technological research, experimentation, technology transfer and staff training.
2. The use of the network and thetools to access e-Infrastructures is intended primarily for the institutional activities of the members. Institutional activities shall be understood as all those relating to the performance of the tasks set out in their respective Statutes, including the activities within the agreements approved by their respective bodies, provided that they are used for institutional purposes. These include, in particular, institutional activities, research, teaching, e-learning, dissemination and promotion of knowledge, cultural activities, administrative functions and research activities on behalf of third parties.
3. GARR is a non-for-profit association. Any operating surpluses should be reused for social activities or designated to strengthening the asset base.
4. GARR can carry out commercial activities on a residual basis and in any case within the limits established by law.

Art. 5 – Objectives

1. In order to achieve this purpose, GARR, in its capacity as manager of the network, is responsible for developing the following functions:
   1. planning the development of the network and necessary tools, based on the needs of the members;
   2. establish network development paths and organisational schemes for network infrastructures; defines specifications, technical solutions, network protocols, and access rules;
   3. define and coordinate the configuration of network access equipment;
   4. evaluate the technical and economic development of highly innovative networks in the pursuit of the objectives;
   5. provide effective information and documentation tools on the operation of the network;
   6. establish the conditions for access to the network and its modalities;
   7. support the ICT initiatives of various public institutions, organisations of public institution and inter-university computing consortia, with a view to developing and founding synergies between them and the harmonization of initiatives for the benefit of the entire Italian scientific and research community.
2. GARR also has authority for the addresses, accesses and the structure of information of general interest, and is responsible for the agreements, contracts and procedures for the acquisition of equipment, optical fibres, hardware and software tools, as well as accessory services and everything necessary to achieve the institutional goals
3. GARR may make available to its members and to subjects with whom it has concluded a specific agreement facilities and equipment for the achievement of their respective institutional goals in the fields of scientific and technological research, in accordance with the procedures to be established by the Board of Directors.
4. GARR will be able to carry out all the proceedings necessary and useful to the achievement of the statutory purpose. For the sole purpose of carrying out the functions and services referred to in the preceding paragraphs, GARR may enter into cooperation agreements with other public or private entities having a common interest in their business sectors. Consequently, in order to pursue its statutory goals, GARR will be able to participate in calls for proposals, programs and research projects in its areas of expertise, as published by local, national and international bodies.
5. In any case, GARR can only act in its own name. GARR shall not represent individual members in their dealings with third parties or assume obligations on their behalf.

Art. 6 – Amendments to the Articles of Association and to the Statute

1. Amendments to the Articles of Association and the Statute can be made by a resolution of the extraordinary Assembly by the majority of those present entitled to vote and with the favorable and unanimous vote of the founding members.

Art. 7 – Assets and means of operation

1. In pursuing the statutory objectives of the Association and to ensure its functioning, initial asset base is provided by the founding members as indicated in the constitution.
2. The asset base of the association is composed of:
   1. the social fund of Euro 500.000 (five hundred thousand) allocated by the founding members at the time of constitution;
   2. any subsequent contribution to the Social Fund by the members, collectively or individually;
   3. the participation fees of the new ordinary members;
   4. the physical and intellectual assets (active and passive) arising from the realization and management of the GARR-B Project by INFN in relation to the Implementation Conventions of the Framework Programme by the Ministry of Education, University and Research and INFN on 10.3.1998 and subsequent extensions;
   5. movable and immovable property acquired by the Association in any way, as well as from contributions, legacies and donations made by public and private natural and legal persons, whose acceptance is deliberated by the Board of Directors, with the indication to designate it as an asset;
   6. from the proceeds of the initiatives promoted by the Association and any other revenue, destined for a resolution by the Board of Directors to increase the asset base;
   7. any surplus, also designated as reserve funds.
3. The Board of Directors makes decisions regarding investments of assets.
4. For the duration of the association members may not request the division of the capital base.
5. The means for the activity of the Association derive from the contributions of the members provided for in art. 14, from income from activities, subsidies, grants and donations from the state or public or private, national, European, and international bodies.
6. It is forbidden to distribute any profits, even indirectly, or operating surpluses as well as funds, reserves or capital during the life of the Association, unless the destination or distribution is required by law.

Art. 8 - Programme of activities

1. GARR's activities are carried out through Multi-Year Programming and Annual Activity Programs, consisting of specific plans for each project, prepared by the Director and proposed by the Board of Directors to the Assembly, which adopts them when approving the Budget.

Art. 9 – Personnel

1. In carrying out activities, functions and services, GARR normally employs staff made available by the members.
2. Any other recruitment of staff must be carried out with a contract not exceeding the GARR duration.
3. members do not respond or make any commitment to professional relationships put in place by GARR under the preceding paragraph or towards those who will benefit from GARR 's vocational training activities.

IT Security

Security is a major concern for the education and research community, both in terms of protecting user data, and in preventing and managing attacks aimed at undermining the usability of networked services offered by the community, or causing harm to third parties. Over the years, there has been an evolution of attack systems, threats, and even motivations behind the security threats; thus the importance of constant research efforts in the area of new information threats, first implemented by HoneyPot system installations, and subsequently by means of anomaly monitoring systems and the search for specific attack patterns.

In the area of possible attack modalities, the work focused at first on the creation of valid and reliable lists of BotNet servers and "bad hosts", later moving to heuristic systems for the detection of malware, viruses and compromised servers, in collaboration with other national and international organisations, following the exponential increase in types of attack. Because there are no borders in the proliferation of digital threats, it has been crucial to also expand the research to the study of procedures, protocols, and agreements for the notification and timely incident management in multi-domain environments. At the same time, GARR security team (CERT) designed automated systems to maximize efficiency and reaction speed in this area.

In the context of system vulnerabilities, research has focused on the study of mechanisms of penetration testing and machine stressing, while to cope with new types of application-layer attack the CERT team are studying protection systems which employ level 7 firewalls. Other research topics that have recently gained huge relevance with the emergence of new types of computing devices and new usage scenarios (Internet of Things, Bring Your Own Device) relate to the new types of vulnerabilities and new types of service disruption, such as DoS (Denial of Service) and DDoS (Distributed DoS) and the response strategies to these threats.

Learn more

• The security policy for the GARR community – presentation by C. Allocchio - it
• News from GARR CERT - presentation by R. Cecchini and S. Venuti at the GARR workshop - it
• GDL cybersecurity: fighting DDoS - presentation by N. Ciurleo at the 2017 GARR Workshop - it
• GDL cybersecurity: Network auditing (intrusion detection) - presentation by E. Ripepi (CNR) at the 2017 GARR Workshop - it
• GDL cybersecurity: best practices for security - presentation by M. Pirovano, Università Bocconi at the 2017 GARR Workshop - it

As part of its institutional mission, GARR conducts research and development activities in the field of data transmission, network architecture and services, and digital infrastructures in support of research by specific user communities. Many of these research activities, also carried out within task forces, work groups and national and international projects, have led to the development of new services and the adoption of new technologies.

• Networking & tecnologies
• Advanced network services
• Cybersecurity
• Digital identities
• Grid & Cloud
• Advanced multimedia services

Evolution of the network

GARR network is always on the leading edge to enable the scientific and academic community to compete and collaborate globally. This means not only constant and rapid capacity upgrades to adapt to user needs, but also the transition to new technologies and models when existing ones have been pushed to their maximum development. This is what happened during the main evolutionary stages of the research and education network in Italy.

Today we are at one of these turning points, and a task force (ELISA Project) is at work to study the impact that new technologies will have on service delivery and on the overall architecture of the infrastructures managed by GARR and its connected organisations. The goal is to involve the entire academic and research community in a shared path that can lead to the design of the next generation of the network.

Learn more

• pdf White Paper: Considering the next generation of GARR Network(1.78 MB)
• pdf A software soul for tomorrow’s network - article from CONNECT magazine(394 KB)
• pdf Article by M. Carboni "Disaggregata e "a container": la rete del futuro sarà così" - on Agenda Digitale(69 KB)
• GARR 2017 workshop - "Netvolution": all related presentations - (it)

Future Internet e SDN

GARR research on the Internet of the future is focused on projects for the creation and development of GÉANT European backbone network for interconnecting national research and education networks, co-funded by the European Commission (from GN1, completed during the 5th Framework Programme for scientific and technological R&D, to the ongoing phase 2 of GN4), FEDERICA (Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures) and NOVI. The FEDERICA project, coordinated by GARR, designed and built one of the first virtualised infrastructures in the world entirely dedicated to experimental work on architectures and new Internet protocols. This allowed to experiment with innovative network protocols and services in an environment that is real, yet totally separate from the production environment, to avoid affecting the functioning and performance of the latter. In addition to the research carried out directly by GARR and other European organisations involved in the project, it was also possible to offer portions ("slices") of the virtual infrastructure to other research groups for their experiments. The experience and the results of this project were then fed into the NOVI project, in particular for its work on the cloud, and into the GÉANT project for the network aspects.

Concerning the development of SDN (Software Defined Networking), GARR participated, within the DREAMER project, in the study and testing of architectures for its implementation in production environments, with an approach based on a "hybrid" IP/SDN solution. The SDN control works in parallel to the traditional IP routing, which is retained for basic connectivity between nodes. SDN is used to control additional services such as virtual private networks. This hybrid approach turned out to be the best fit for the evolution of a provider's network. The demonstration of the effectiveness of the new operational model based on the SDN paradigm and implemented with open source software took place during the Open Networking Summit, featuring an international team of researchers from ON.Lab, CreateNET, CNIT/Università di Roma Tor Vergata, the GÉANT project and GARR.

Analysis and publications

• FEDERICA: technical documents and publications
• DREAMER: scientific publications, videos and presentations
• NOVI: publications
• NOVI: technical documents

Optical networks - Alien wavelengths

GARR has successfully tested the "alien wavelengths" technique, developed for the transport of signals on a transmission infrastructure different from the one that generated the signals and the one that receives them. The testing investigated some efficient solutions for the integration of heterogeneous transmission platforms. The goal is to strong>deliver next generation transmission services using the existing transport infrastructure and optical signal regeneration, thus enabling the evolution of the optical network infrastructure through targeted actions that can ensure the stability of the service. Another advantage of this approach is to reduce the dependence of those who manage the network from a specific technological choice or producer (vendor lock-in).

The testing was initially performed on a 345 km portion of network, free from production traffic, and subsequently on a production path of about 1200 km. This activity was carried out with GARR resources, and the results had immediate effects on the national network’s short term evolution project. The approach used and the results achieved have attracted interest internationally and there are plans for an extension of the trials at the European level, in collaboration with other national research networks.

Learn more

• The testing: "Alieni: nostri alleati sulla rete ottica"- (it)
• pdf Testing with alien waves on GARR-X network: presentation at the GARR workshop 2016(2.01 MB) - (it)
• pdf Field test on Alien Waves in GARR DWDM Network: presentation at TNC2016(1.98 MB)
• ​Aliens: our allies on the o​ptical network: article in CONNECT magazine

This activity was born out of a close collaboration with the live arts community (in particular music and theatre), which led to the exploration of two main areas of activity that contributed to the emergence of new scenarios of use and creative research involving digital infrastructures:

• decrease in latency of ultra-HD a/v transmission by eliminating compression operations and using ultra-wide bandwidth for real-time uncompressed signal transmission;
• use of direct optical transport for audio and video streams.

The first approach is the result of more than 10 years of collaboration with the Tartini Conservatory of Trieste, which led to the creation of the LOLA (LOw LAtency) for the transmission of high definition audio and video signals between two locations, with a latency so low that it can even be used during musical performances. Continuous research and experimentation has enabled us to bring a number of improvements and introduce new features into the system. The latest version, now in pre-release stage, also permits the simultaneous connection of multiple locations, while a new set of innovative teaching and learning services is under development, as well as a cutting edge study for the reproduction and simulation of complex sound environments, in collaboration with the Tartini Conservatory, the Vienna Music and Performing Arts University and the Sennheiser Research Division.

The second approach was the subject of a recent collaboration with theatre director Giorgio Barberio Corsetti and his team, who performed a live show distributed between two sites, after successful testing; the innovative element in this case was the transmission of the audio / video signals directly over the optical fibre, without using the IP level. The sites were interconnected through a dedicated lightpath, allowing the signal to approximate the speed of light on optical fibre (about 200 thousand km per second) and maintain latency well below the threshold of human perception (50ms), all in a completely transparent way for the theatrical team.
GARR also participated in the eMUSIC project

Learn more

• LoLa web site
• Lola: the technology behind the distributed performance - it
• Innovating Colosseum site, pages and videos
• pdf Innovating Colosseo: a distr-active artistic performance - Presented at TNC16(22.99 MB)
• Il ratto d’Europa: learn more - it
• pdf Il ratto di Europa: Theatre at the speed of light - Presented at the 2016 GARR Conference(2.32 MB)
• C-theatre: light speed connected geo-distributed performances - presented at TNC17

Given the significant interest in the scientific and academic community for this topic, GARR has been involved since the beginning with the developments in high throughput distributed computing under the GRID paradigm, and has contributed to numerous GRID projects in the years from 2004 to 2012, such as EGEE, EGI, EUChinaGRID, EUMedGRID, performing research activities as well as support actions for numerous user communities in the domains of physics, astronomy, bioinformatics and medical research.

Subsequently, the success in recent years of the cloud paradigm had a strong impact with the education and research community, thus making it necessary to create a Distributed Computing and Storage (CSD) Department to manage these technologies for the benefit of GARR user community, in terms of services as well as research.

The GARR-X Progress Project gave a decisive boost to cloud research and development work, with the implementation of an OpenStack testing platform distributed over the 5 sites of the infrastructure. On this infrastructure, GARR CSD team designed and implemented a federated OpenStack platform model, and tested object storage federation scenarios, mutual synchronization of datasets from external user groups and the replication of large datasets (Google n-grams, collaboration with SWITCH, the Swiss research network). Different authentication mechanisms were also integrated, with successful results in the investigation of user authentication and authorisation strategies based on SAML and OIDC protocols.

Further information

• GARR Federated Cloud
• Technical documentation
• GARR Cloud: the discussion forum
• Article: Declarative Modelling for Building a Cloud Federation and Cloud Applications
• GARR choses open source for its R&E Federated Cloud

Research and development activities in the field of digital identity have focused in particular on two areas:

• testing of a cloud system to facilitate the process of digital identity management by organisations within the identity federations.
  This is an innovative approach that has been successfully tested in pilot studies conducted in collaboration with the biomedical community which has grown to become a nationwide service called IdP in the cloud. This activity was carried out mostly at the national level, and thanks to the great interest it has generated at the international level there are now plans to extend it to the European level in the context of GÉANT.
• study and testing of new architectures for identity federations.
  This activity has focused in particular on the management and use of attributes to manage complex groups such as Virtual Organisations and personalise the authentication and authorisation services, for example by offering services based on the user's role. These activities were carried out both nationally and internationally, within the framework of the GÉANT (from GN2 to GN4 Phase2) and AARC 1 and 2 European projects. The AARC project in particular conducted a series of pilot studies with various user communities belonging to large European research infrastructures, such as CLARIN, ELIXIR, DARIAH.

Further information

• IDEM: Publications
• IdP in the cloud
• AARC1 and 2: documents

Monitoring

Monitoring has a central role in the context of research on advanced network services. In addition to the participation in the research on this topic during the various stages of GÉANT, GARR has carries out constant and intensive in-house research and development activities. This work results in numerous services that enable a fine-grained monitoring of the GARR network, both in support of real-time network management, and to study the evolution of traffic trends. This analysis is critical to GARR activity, as it drives the development of predictive models on the evolution of network needs which, along with other elements, in turn feed the research into new technologies, network architectures and services, and are the precondition for the transition to new generations of the network.

IpV6

GARR research activities include the contribution to the development and testing of the IPv6 protocol in the context of the pioneering European project 6Net. About 10 years before the widespread adoption of the new version of the protocol, back in 2005 the project had already built a native IPv6 testbed deployed on 16 European countries, with the aim to:

• drive the dissemination of the new protocol and the migration from the existing IPv4-based networks;
• test new services and applications;
• guarantee interoperability of IPv6 with major legacy applications.

In relation to this latter aspect, GARR conducted a thorough study of interoperability of IPv6 with the middleware di Grid gLite, later extended to other families of middleware at European level (ARC, Unicore). To this end an international Grid testbed over IPv6 was set up, and specific strategies for integrating IPv4 and IPv6 resources were designed, promoting wherever possible a dual-stack approach for the services and products used. These activities were carried out within the context of the EGEE, EGI and EU-ChinaGRID international projects, in collaboration with the HEPiX working group (a group born to promote Unix within the high energy physics community).

IP/MPLS, QoS, eduroam

Other R&D activities include IP/MPLS experimentation beginning in the early 2000s, particularly within the MUPBED project which contributed to the transfer of this cutting-edge technology to telecommunication operators, Quality of Service (particularly in the Sequin project and the GN2 phase of GÉANT), and eduroam, the service that allows users visiting other organisations to easily and securely access the wireless network using the same credentials provided by their home organisation. Eduroam was developed in the context of the international task force for Mobility and Network Middleware (TF-MNM) and of the GÉANT project in collaboration with standardisation groups and industrial partners. Born as an experimental activity just over 10 years ago, today eduroam is a service available in thousands of institutions across over 70 countries.

Standardisation

Finally, among other R&D activities we note the participation and contribution to the development of new standards and definitions within IETF and other international bodies such as ITU. GARR has been author and co-author of many standards (RFCs and "T" specifications), taking the lead in various working groups and committees. Recently, a GARR representative has served as Coordinator for the IETF Application Area Directorate, overseeing the monitoring activities for IETF standard specifications in the Application Services area, which is the prelude to their submission for approval.

Further information and publications

• 6Net: publications
• MUPBED: publications
• Sequin: documents and publications

Pursuant to articles 13 and 14 of EU Regulation 679/2016, non-profit association Consortium GARR with headquarters in via dei Tizii, 6 - 00185 - Rome - Italy, is the Data Controller of your personal data for this website. Acquired personal data are subject to treatment in compliance with the aforementioned legislation. In relation to the aforementioned treatments, the Data Controller provides the following information:

Contact Information

Data Controller:

Consortium GARR
tel: +39 4962 2000
email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Data Protection Officer:

Dr. Davide Vaghetti
tel: +39 050 2213158
email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Location of Data Processing

Consortium GARR, with headquarters in via dei Tizii, 6 - 00185 - Roma - Italia

Type of processed data

Browsing data

The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users.

This information - which by its nature could, through processing and association with data held by third parties, allow the identification of users - is not collected to be associated with identified subjects. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibilities in the event of computer crimes or acts of damage to the site; except for this eventuality, at present the data on web contacts do not persist beyond the time necessary to carry out the checks aimed at guaranteeing the constant security of the system.

Data provided voluntarily by the user upon registration to specific services

Consortium GARR operates many services and organizes many events, some of which require user registration. Generally, the data provided by the user upon registration (Name, Surname, Username, password, e-mail address, Institution/Organization to which they belong) are kept until the relationship with user last. Consortium GARR does not carry out any user profiling activity.

Cookies

For the information related to cookies use, please refer to our: Cookie Policy.

Purpose of the processing

Consortium GARR processes personal data within the limits of what is strictly necessary for the performance of its institutional functions, and does not process any personal data when the purposes pursued can be achieved through anonymous data or methods that allow the data subject/user to be identified only in the event of necessity.

The particular purposes, relating to individual services or in any case to specific treatments, are highlighted in detail in the privacy information of the individual services. Additional information on the processing of personal data can be found in the dedicated privacy policy of each service.

Duration of the treatment

The data will be processed for as long as necessary to provide the requested service to the user.

Optional supply of data

Except for what concerns browsing data, users can optionally choose to provide personal data to register to events, request informative material or other communications. Failure to provide such data may prevent to provide the requested service.

Processing methods

Personal data will be processed in paper or digital format and entered in the relevant databases, which can be accessed by operators expressly designated by the Data Controller as data processors. Data processors have assumed an explicit obligation of confidentiality and will carry out processing operations in compliance with the provisions of law, in particular to ensure the confidentiality, integrity, security, update of the processed data, as well as their relevance to the stated purposes of the processing.

Collected data

The data collected relate to: Identification data: IP address and, where provided: name and surname, e-mail address of natural persons; the data provided by the interested party can be collected from any joint data controllers and/or data processors on behalf of Consortium GARR.

Scope of disclosure and circulation of data

The user personal data are solely used for the purpose of performing the requested service and are not communicated to third parties.

Rights of data subjects

In relation to the aforementioned treatments, you can exercise your rights as per articles from 15 to 22 GDPR, namely:

• obtain confirmation of the existence or not of data concerning you;
• know the origin of the data, the logic and the purpose on which the treatment is based;
• obtain the cancellation, transformation into anonymous form and blocking of any data processed in violation of the law, updating, rectification and integration of the data;
• object, for legitimate reasons, to the processing of data within the limits and under the conditions established.
• withdraw the consent for personal data that has been collected on that legal basis.

To exercise their rights, subjects can address their request to: Consortium GARR, Via dei Tizii, 6, 00185 - Rome, by calling +39 0649622000, sending a fax to +39 0649622044 or by sending an email to address This email address is being protected from spambots. You need JavaScript enabled to view it..
Further information regarding the processing and communication of data directly or otherwise acquired may be requested from the Personal Data Protection Officer at the headquarters of Consortium GARR, at the e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it..