Medal award 2016

Jan Gruntorád, Director of CESNET, the association operating the Czech Republic’s national e-infrastructure of the same name, was awarded the medal of honour of the Vietsch Foundation. The medal is awarded annually to people who have made a contribution of lasting value to the research and development of advanced Internet technology aimed to support science, research and higher education. Jan Gruntorád received the medal in Prague on 13 June, during the TNC16 conference, the largest European research and education networking event, organised by GÉANT, the association of European national research and education networks, and hosted this year by CESNET.

Jan Gruntorád holds Dipl. Ing. (1975) and Ph.D. (1989) degrees from the Faculty of Electrical Engineering of the Czech Technical University in Prague. Upon graduating from the University he took a job at the University Regional Computing Centre (URCC) in Prague. In 1986 he became the head of the Data Communication and Computer Networking department of the URCC.

In those early days, Jan Gruntorád was a member of a limited set of people that grasped the importance of the Internet and its potential for research and education. After political changes in 1989 he initiated the connection of Czechoslovakia to the European Academic and Research Network – EARN and in May 1990 he became the national director of EARN for Czechoslovakia and was responsible for setting up the EARN network in all of Czechoslovakia.

From 1992 he was responsible for establishment of the first Internet type network in the Czech Republic – CESNET. He received an award from the Minister of Education, Youth and Sports of the Czech Republic for the Project and Realization of the CESNET Network.

Jan Gruntorád was a key person involved in establishment of the new legal body CESNET, Association of Legal Entities, in March 1996. He was elected Managing Director of CESNET and member of the Board of Directors of CESNET and he has remained in these positions up to now.

In the period of 1998 to 2003, Jan Gruntorád was the Chairman of the CEENET (Central and Eastern European Network Association) and for more than five years he served as a consultant for NATO in the field of computer networks for the R&D community in the area of the Caucasus and was involved in establishing an IP network for the R&D community in Azerbaijan. For a period of six years Jan Gruntorád served on the Board of Directors of DANTE, a UK-based company responsible for establishment and operation of the pan-European network for the Research and Educationa community GÉANT and for several years he was a member of the Executive Committee of GÉANT projects. Since 2010 Jan Gruntorád has been responsible for creation and operation of the e-Infrastructure for Research, Development and Infrastructures in the Czech Republic, which consists of computer networks, grids, clouds, storage services and provisioning tools for collaboration. He also chaired the Working Group responsible for creation and updating of the Informatics/e-Infrastructures section of the Roadmap for Large Research, Development and Innovation Infrastructures in the Czech Republic. Jan Gruntorád represents the Czech Republic in the European e-IRG (e-Infrastructure Reflection Group). The Trustees of the Vietsch Foundation were unanimous in their choice this year. “Now that CESNET is celebrating its 20th anniversary under the leadership of Jan Gruntorád, it is only appropriate that his efforts get recognition at the international level as well,” adds Valentino Cavalli.


FedLab Test Harness

Funded in 2016

– Federated Identity Management (FIM) is being used increasingly for different Internet applications, including web and mobile. The demand for cross-organizational collaboration and the proliferation of cloud applications is driving the demand to federate identities. To support FIM there are two main protocols established: SAML and OAUTH2/OIDC, with SAML being used in the majority of use cases for cross-organizational collaboration.

Interoperability between products for FIM, in particular commercial offerings, is still an issue 11 years after the SAML V2 standard was published. Many products lack conformance to the SAML profiles used in federations, leading to extra effort in the integration process. While standards and specifications are available, implementations frequently do not follow these.

There are no comprehensive testing suites available that would provide the metrics to get better. The GÉANT project had funded initial efforts to remedy this situation, which resulted in a proof of concept implementation of a SAML2 test tool, published at Federation Labs (www.fed-lab.org). In the meantime, related test suites have been developed for OIDC has just been initiated.

This project is underway to take FedLab from its current status as a research project and bring it towards service operation. This phase will focus on making a comprehensive test suite available at Federation Labs, which features an improved architecture that will allow improved flexibility in test configurations and easier to use for deployers. It shall establish a community process by being open source, allowing users to contribute and improve test cases and profiles.

As a result, we expect to improve the conformance of products to increase and show clearly where products are failing to meet the profile. Improvements will trickle down in implementations and make federation integration quicker and cheaper. For the end user, access to external resources without giving up security and data protection will proliferate.


Medal award 2015

The first Vietsch Foundation medals of honour have been awarded to Andrew Cormack, Chief Regulatory Adviser at Jisc and Roland Hedberg, senior researcher at the University of Umeå in Sweden. They were honoured for outstanding contributions during their careers to the development of the Internet:

  • Andrew Cormack, for his role in advancing trust and security within the European research and education sector
  • Roland Hedberg, for his activities in the specification and development of essential components of current Authentication and Authorisation Infrastructures (AAI), a cornerstone of secure access to websites, applications and data.

The medals were presented during the closing plenary session of TNC, the major European conference on research and education networking that is organised annually by GÉANT.

About the winners

Andrew Cormack is Chief Regulatory Adviser at Jisc, a charity that provides technology services and support to UK education and research. Andrew contributed to the establishment of TF-CSIRT, the European forum for security incident response. More recently, his interest in legal matters put him in the unique position to bring together computer security and legal disciplines. Andrew was instrumental in the creation of the successful TRANSITS course on security incident response, which has trained more than 500 individuals in Europe and many more around the world, meaning the internet is a more secure place.

Roland Hedberg is a senior researcher at the University of Umeå in Sweden. Roland has played a key role in contributing his expertise from the research and education networking community to standard industry deployments of federated identity management, an essential component of AAI. He developed the OpenID Connect conformance test suite, which was adopted by the OpenID Foundation and became the de facto reference implementation. OpenID Connect is a new standard, only a year old, but it sees good traction and is rapidly becoming the protocol to use for protecting web-based application.