Learning with equanimity
When Edulog is committed to securing the digital identity of our children in their educational path, ELCA is proud to contribute as a technological partner! The trustID solution will thus form provides the technological foundation of the first Federation of Identity Services in the Swiss education space.
Read the double interview with Daniel Jehle and Matthieu Bissat from ELCA on the occasion of the launch of the project.
Given your size, Edulog is small fry. What makes the project so interesting for your company?
Daniel Jehle (D. J.): At ELCA, we are very proud that we are going to co-design and operate the first federation of identity services for the Swiss Education Area as their technology partner. With this project, it will be possible to give children and young people a digital identity for the full duration of their educational careers. ELCA carries out around 100 projects per year. For this, we need well-trained staff who love challenges, so we collaborate closely with various educational organisations. ELCA’s motto is “we make it work”, and this applies irrespective of project size.
Matthieu Bissat (M. B.): Once the platform has been successfully implemented, we estimate that Edulog will have more than a million active users. This means millions of connections that will have to be reliably established, protected and maintained each day.
How are you shaping up for the task?
D. J.: ELCA has over ten years’ experience of developing, integrating and operating identity solutions. The technical operation of the trustID identity platform is one of our core activities. This guarantees that we use the highest standards and will be supporting the platform long term. For this task, we are providing Edulog with an extremely capable team of experienced staff from the IT security sector. We have numerous project references and are familiar with the demands of modern security management, which will be efficiently addressed with our software-as-a-service solution.
M. B.: A specialist team is assigned to each ELCA project to bring together all the skills needed for the project. To meet the high security standards required, it is vital that project staff receive ongoing training. If need be, highly specific skills can also be requested from ELCA’s in-house centres of excellence and interest groups.
What lessons are you contributing to the field of education from successes and difficulties experienced in other areas?
D. J.: The basis for successful collaboration between customers and ELCA is active communication and ongoing dialogue between all concerned, which in turn ensures that our projects are a success. Another success factor is active support by ELCA management.
M. B.: Experience in other fields such as finance and international organisations has taught us that security, high availability and the necessary services are key aspects for this type of solution. The certification of electronic patient records also generates confidence and peace of mind in our solution.
How much effort will identity providers have to earmark to connect their existing solutions to the future federation?
D. J.: We are working closely with educa.ch to design the connection process so that it is simple as possible for providers. The aim is clear: identity providers should have to expend the minimum possible effort.
M. B.: The identity providers have two main tasks – identifying the users who connect to Edulog, and pre-registering their identities on the platform. From a technical point of view, the first task consists of supporting the SAML standard and furnishing the federation platform with the necessary attributes (first name, last name, e-mail, etc.). The other task is to set up a user registration process. This is necessary because Edulog uses a pseudonym concept that is intended to make the platform easier for children to adopt.
And what can be expected from the service providers?
D. J.: In future, their services will be easier to obtain. It will be ensured that a pupil or a teacher is behind each electronic identity. However, personal details such as name, address and age will not be shared. “Data gatherers” will have resign themselves to that fact, because this prevents misuse and/or data being passed to unknown third parties.
M. B.: The service providers’ main responsibility is approval management. From a technical point of view, this also happens via the SAML standard. They need to be in a position to manage their authorisations based on the attributes provided by the federation platform.
When the platform is complete, there will be around 1.5 million primary and upper secondary school users. Initially, in summer 2020, less than ten percent of them will be active. How are you planning to scale up operations?
D. J.: We are keeping in close contact with representatives from the different cantons, and are planning to communicate regularly with representatives from cantonal education departments to familiarise them with the project.
M. B.: We will start off with our current infrastructure and, depending on the number of cantons who are connecting to Edulog, will expand the resources we have in the ELCA cloud. Our cloud solution is a modern distributed architecture based on Microservices and the OpenShift platform. This gives us the necessary flexibility to expand step by step.
The personal data of users who are minors is a particularly sensitive commodity. How do you ensure it is kept safe and secure?
D. J.: The basic trustID solution is hosted within Switzerland at certified geo-redundant ELCA computer centres. These ELCA computer centres have the very highest safety and availability standards. Their independence from international cloud providers guarantees that no sensitive data leaves Switzerland. The safety and security of particularly sensitive data is ensured thanks to trustID, the first electronic identity solution to be certified by the Federal Office of Public Health (FOPH).
M.B.: trustID is a technological identity management solution that has been developed entirely within Switzerland. It is based on an open-source architecture that ensures full data processing transparency. There are no cross-references between the technological solution itself and the content for which it is the key.
The question that nobody likes to think about: what contingency is included in your project plans to ensure the launch takes place at the start of the 2020/21 school year, even in the event of unexpected difficulties?
D. J.: The planning is tight, but with our experienced project team led by Matthieu, we will be able to cope with even unexpected difficulties.
M. B.: Within ELCA, lively discussions take place between project teams. With over 100 projects per year, a fair amount of useful information is gathered. What's more, our proposal is based on an established platform that has been running for years. We’re looking forward to a successful project, and are relishing the challenge.
And finally, if the Edulog fairy could grant you one wish: what would you ask her for?
D. J.: I would ask the Edulog fairy to win over as many cantons and communities as possible for this innovative project. It is probably one of the most important components of the EDK’s digitalisation strategy, enabling children and young people to have a digital identity for their entire educational career.
M. B.: My wish would be for our children to be able to trust this platform, that they can use Edulog with equanimity to connect safely and simply to their digital study tools.