A4L – Australia Success Stories Scotts Valley, California February 2017
Standards – Success with Agile Tools NAPLAN – National Assessment Program Literacy and Numeracy All States & Territories, multiple year levels, lots of kids Moving from paper to online Multiple legacy systems – multiple integration points, large number of stakeholders internally and externally Thankfully… All stakeholders agreed to exchange data based on the SIF AU data model
NAPLAN – How is it meant to work? NSW Victoria Assessment Platform Student registration data QLD SA WA Student results data TAS So, simply, this is how NAPLAN Online is meant to work. Looks straight forward, simple even. But we all know how complex integration can be… And how easily projects can become derailed when people are focussed on their patch and not on the edges…. ACT NT
What is it like? Image 1 – So can anyone tell me what this is? Commonly found on Australian beaches. Man-of-war, blue bottle, or floating terror, is a marine hydrozoan Siphonophore, which, unlike jellyfish, is not actually a single multicellular organism, but a colonial organism made up of specialized individual animals called zooids. Now I bring this up because our NAPALN program, needs to operate like a co-ordinated group of blue bottles, and not end up like a tangled mess on the beach. Our greatest challenge has been in getting co-ordination between systems and stakeholders. Getting agreement on the data model was great but because of the roll-out model and transition across 3 years, systems will be at different stages of their evolution, and while everyone was focussed on the core assessment aspects of the system, the little part about data needing to change hands was pushed further and further back in people’s minds.
The Challenge Stakeholders want to focus on their core business. They want tools that are: Easy Flexible Forgiving Integration is hard
NIAS Not a service :) A set of tools that create useful services That help the work of integration Which have SIF as a foundation, but recognise that integration may have to manage multiple models and formats Simple, robust, scalable services Written in GoLANG, uses LEDIS/REDIS, NATS for the messaging bus All open, all available
We released NIAS and then we waited… Who knows what this is? Funnel web / Trapdoor spiders are named for their unique nest building and hunting strategies. The spiders wait and watch for prey behind a false door at the entrance to their burrow. When an unsuspecting victim wanders too close, they appear in a flash, grab their meal and pull it into their den. Most dangerous spider in the world (alongside redbacks). Have killed 13 people, but no one since the ‘80s.
NIAS for NAPLAN Used by multiple states to validate NAPLAN registration data against the SIF AU data model Supports legacy systems and formats during transition A start for the community Only the community can make it work Integration needs to be easier We should still use the best models possible
Resources Check out NIAS tool for NAPLAN registration here: https://github.com/nsip/nias2 NIAS queries: info@nsip.edu.au
Vendor Led Adoption of SIF3 Solving business problems with managed services Aziz Elia, CPSI Ltd. in partnership with ZiNET Data Solutions Limited Access 4 Learning (A4L) Community 2017 Annual Meeting, Santa Cruz, CA
Session Overview Engaging with vendors Benefits of vendor led SIF adoption Use Case: Privacy by Design How DataExchange delivers privacy control and SIF as a business solution
Engaging with Vendors The best way to engage with vendors is by delivering a solution to their business problem, for new entrants its delivering a cross sis support. New entrants will be heavily focused on sales and will need to integrate with what their customs have. For existing entrants they will be looking for a solution that offers a better return on investment.
Developer Choice SIF data models can be accessed in XML and JSON format, but the SIF3 infrastructure is data model agnostic can support other standards such as ISB too. Developers want to engage with tools and standard that support their current way of working so support XML and JSON gives this flexibility.
Delivering the SIF specification as a documented API reduces the barrier to entry for developers, this style of documentation is familiar to them and doubles as a test hardness.
Enterprise Grade Vendors want an on demand enterprise grade solution that they can deployment when and where they need it and for as long as they need it. This flexibility will support their business growth plans.
Benefits of Vendor Led Adoption of SIF Lowers barrier to entry Vendor supplies the infrastructure Moves sector toward ubiquitous infrastructure Lowers costs to vendors Reduction of complexity and development time Develop once. Deploy anywhere. Lowers cost to institutions No pre-requisite of existing infrastructure Increased interoperability Connect once. Collaborate together. Institutions don’t need to know/understand SIF – in fact it should be invisible to them.
Use Case: Privacy by Design The strict data privacy laws in the UK require that only data that is required to be shared should be shared and no additional data should be included. These principles are transferrable to other countries as they provide numerous business opportunities. Vendor applications have a mandatory set of data which their application needs to function and they have an optional set which adds value. By allowing institutions to configure what optional data is shared they are total control.
Business Focused Data Flow One of the benefits to vendors of managed services is they are able to move away from an technical approach to integration and move to a data focus approach. Having a data focused approach allows them to be innovative with there product, when new data object are required they are ready and willing to engage to support the adoption of more data objects as they already see the business benefits.
Location-Based Data Concerns DataExchange can be deployed on-site, deployed into the cloud, or a hybrid of the two. This allows for sensitive data to remain located wherever is necessary. For example, due to legal requirements, such as the UK’s Data Protection Act, or other privacy/security concerns. DataExchange is currently targeting the UK market, but with plans to move into other territories.
Managed Services
One of the key aspects of DataExchange is that it removed the need for SIS/MIS providers to already support SIF, as part of the service a connector will be built against an existing method integration method (API DB access etc). The removes a massive barrier to having a universal service.
To reduce the technical burden on institutions, DataExchange presents vendor applications in one or more market places, (country, region or institutions (district or MAT) wide. This means integration can setup/authorised by non technical users. Each deployment is governed by a digitally signed data sharing agreement.
Institutions are able to compare the data requirements of an application against what their SIS/MIS is able to support. The application vendor define their data requirements once.
Institutions are able to tailor the data they release on a per application basis and confirmed with a digitally signed data sharing agreement.
Extended elements are supported and elements can also be marked as sensitive which highlights the row orange, if the filed has additional encryption it will be marked with a padlock. All the information is used to create the XSLT filtering for each vendor zone.
Technical Overview
Technical Overview
New York regional information centers Jump Start! xPress roster via sif 2 New York regional information centers RIC One project Jason Wrage © Access 4 Learning (A4L) Community
Standard Utilization © Access 4 Learning (A4L) Community
© Access 4 Learning (A4L) Community
Concerns over privacy and security lead to the demise of inBloom The Challenge “Every new beginning comes from some other beginning’s end.” Seneca (or Semisonic?) Concerns over privacy and security lead to the demise of inBloom © Access 4 Learning (A4L) Community
The 700+ districts in New York state still needed solutions for data interoperability & SSO… © Access 4 Learning (A4L) Community
Reliably and consistently obtaining data from (6) different student systems © Access 4 Learning (A4L) Community
Maximizing adoption potential to provide students and teachers with lots of choices © Access 4 Learning (A4L) Community
The Solution Enter: API and LOGIN Entrust the regional service centers already providing data and networking services to districts with building a better mousetrap Business requirements related to privacy and security largely drove the defining architectural characteristics Emphasis is on local & regional control Regional data hubs Federated single sign on © Access 4 Learning (A4L) Community
The Solution What’s the best way to securely provide rostering data to educational apps? A modern, open, RESTful web service API Building on SIF 3, we developed xPress Roster Our implementation is known as RIC One API What’s the best way to provide Single Sign On, while maintaining local control and security best practices? Federated identity Our implementation is known as RIC One LOGIN © Access 4 Learning (A4L) Community
“Better together” but “independently adoptable” The Solution RIC One API ingests data from SISs using SIF2 offers roster data to client apps via the xPress Roster API RIC One LOGIN connects to district, regional or cloud directories (IdPs) via LDAPS Offers SSO services to service providers using SAML 2, WS-Federation and OpenID Connect (future) “Better together” but “independently adoptable” © Access 4 Learning (A4L) Community
The Standards RIC One API Function Standard Description Data ingestion SIF 2 Near-universal support by source systems (SISs), reliability and real time were the main benefits to using SIF2 to get data. Data storage CEDS We created a “light” schema to support rostering based on CEDS DES. This enables us to be agnostic for ingestion and API output. API xPress Roster /SIF 3 We based xPress roster on both CEDS and SIF3. It is designed for simplicity and ease of use by developers of client apps. Code sets Since SIF 3 does not provide a standard set of codes, we decided that the option sets in CEDS were the best way to go. © Access 4 Learning (A4L) Community
The Standards RIC One LOGIN Function Standard Description Directory access LDAPS Near-universal support by source systems (SISs), reliability and real time were the main benefits to using SIF2 to get data. SSO SAML 2 The current de facto standard for enterprise, web-enabled SSO. WS-Federation An older standard required for Office 365 support. OpenID Connect Positioned to become the new standard of choice for SSO. Better support for mobile. © Access 4 Learning (A4L) Community
RIC One Integrated System Architecture Nuts & Bolts DPA (x12) Config Service Auth Service District SISs Other Data Sources District Directories Identity Federation Provisioning Auth-Time Client Client App/SP SAML Client API Client LOGIN Components API Components Central Services RIC One Integrated System Architecture © Access 4 Learning (A4L) Community
Nuts & Bolts These solutions are based almost exclusively on Open standards: xPress Roster SIF 3 SIF NA 2.x CEDS Open source: NSIP’s SIF 2 and SIF 3 frameworks ForgeRock’s identity platform Linux, Docker, MySQL/MariaDB, Node.JS, Loopback © Access 4 Learning (A4L) Community
Meeting Stakeholder Needs Districts Enabling streamlined, equitable access to apps Heightened awareness of privacy and security Eliminates the burden of manual processes RICs Collaboration across regions Reduction in labor required to build and maintain traditional extract methods across multiple SISs Vendors A single API for roster data Easy to implement (we even provide client libraries) © Access 4 Learning (A4L) Community
Related Sessions Open Source, later today xPress Next, Wednesday xPress Attendance, Thursday Thank you! For more information www.ricone.org jason.wrage@ovrtr.com © Access 4 Learning (A4L) Community
SIF2/SIF3 Mix-And-Match Extending the life and value of a SIF2 implementation using SIF3 infrastructure © Access 4 Learning (A4L) Community
In the beginning... Starting in 2014, a Multi-Tiered System of Support (MTSS) was rolled out across over 300 districts in Iowa Over 40 non-public schools were also granted access Initially only roster data was requested (this grew over time) © Access 4 Learning (A4L) Community
Lay of the land SIF 2 had been in place for some time for state reporting, state ID system, and transcript data 3 Different Student Information Systems Diverse/Distributed Hosting Model (district, SIS, AEA) Rollout on a compressed timeframe (months, not years) © Access 4 Learning (A4L) Community
Requirements Real-time (event driven) data collections Use “untouched” SIF2 Agents from SIS’s Interface with new application(s) over REST (SIF3) Scale (both administration and throughput) Could not jeopardize stability of existing deployment © Access 4 Learning (A4L) Community
Section 3.3.1: ...an agent communicating in two zones... REST Client (SIF 3.x) v2.X Agent (untouched) CedarLabs Broker (SIF 2+3 Bridge) REST Client (SIF 3.x) © Access 4 Learning (A4L) Community
Successes Over 400 Zones currently administered Over 15 K educators on-boarded Data breadth has been extended beyond roster 3 apps have plugged in to new infrastructure so far >6 million records processed in 24 hour window Data quality gets better every year © Access 4 Learning (A4L) Community
Take Away Start small Mitigate risks Recognize short-term benefits Work towards long-term strategy © Access 4 Learning (A4L) Community