Notes |
The Trusted Learner Network
Building the Foundation
October 4, 2019 - v1.3
University Technology Office + EdPlus, Arizona State University
Phil Long, Donna Kidwell, and Lev Gonick
Contents
Trusted Learner Network: What It Is and Why Now
● Executive Summary
● The Role of Blockchain
● Technical Foundation
● The TLN - Technologies of Trust and the Rules That Guide Them
● 12 Principles of the Trusted Learning Network
● The TLN Community
Trusted Learner Network CoLaboratory
● Mission and Vision
● Governance
● Budget
● Proposed Development Priorities
The Trusted Learner Network, Page 2
The Trusted Learner Network
What It Is and Why Now
Executive Summary
Individuals need opportunities for formal instruction across their lifespan. The three-phase life of
education, work, and retirement is no longer a reality for a growing cross-section of people
around the world. Likewise, the kinds of education and training are also diversifying, expanding
beyond disciplinary degrees (undergraduate or graduate) and embracing a wider array of
credentialing formats, from nano-degrees, to micro-credentials, to certificates all of which may or
may not be credit-bearing. Current methods of managing this diversity of learning interactions,
dependent as they are on credential issuers, does not scale. We need a new approach.
The Trusted Learner Network (TLN) describes a new, secure, and decentralized approach to
recording, curating, and sharing learner data on abilities and skills across the learner’s lifespan.
By definition a network connects together multiple participants in a value exchange of mutual
benefit. Building a TLN needs to surface the key parameters of trust and the use cases on
which they depend to ensure that the value is attained and the technology under development is
uniquely suited to deliver it. This requires a committed group of organizations working together,
formalized in the TLN Partnership.
The TLN is both a technical and organizational framework for collaboration and advancing
learner agency in the 21st century. The TLN represents a means of enabling institutions,
organizations, and learners to have near real-time transfer of learning-related data where
consented. It also offers a testbed to explore applications that enable selective disclosure of
information where the owner of the information wishes to have greater discretion in what they
share and with whom they share it. This paper provides a view of the technical framework
needed to support this initiative and partnership.
The Role of Blockchain
Blockchains, the peer-to-peer public network for directly transferring assets without an
intermediary, have garnered recent attention from government, technology companies, and the
popular press; the original public blockchain introduced by Satoshi Nakamoto laid the
infrastructure for Bitcoin and the basis for establishing an open, decentralized method for
exchanging ‘value’ while protecting against the so-called ‘double spend’ problem. This is a
1
trustless network, as there is no presumption that network members can be trusted, won’t act
1
The double spend problem: Simply put, double spending is spending the same digital coin twice. In real life, physical
money cannot be easily copied but digital money can be. The blockchain prevents double-spending by timestamping
groups of transactions and then broadcasting them to all of the nodes in the bitcoin network. As transactions are
time-stamped on the blockchain and mathematically related to the previous ones, they are irreversible,impossible to
tamper with, and visible to all network members. The person receiving the digital coin simply needs to wait for the
transactions cued up to be added to the blockchain to validate that the coin they have been given has passed the
check. If the same coin appears in a prior transaction, the transaction it is in will be discarded.
The Trusted Learner Network, Page 3
maliciously and do whatever they can to maximize their personal interests. Instead, math and
cryptography are used to replace the trust that banks as reliable intermediaries perform.
Removing the banks reduces friction and increases the efficiency of value exchange, with
cryptography guaranteeing protection from fraudulent data.
Confidence in the network was achieved by a unique consensus mechanism which guaranteed
that entries made to the ledger would be well-formed and accurate, notwithstanding the
intentions of any particular participant, which could be arbitrarily malicious. The consensus
algorithm combined with open access to ledger transactions enabled trust in the integrity of the
network contents without requiring trust in the network nodes.
Technical Foundation
The TLN represents a means of enabling institutions, organizations, and learners to have near
real-time transfer of selected learning/work related data where consented. The TLN also
enables the learner to curate and share metadata that describe their accomplishments,
credentials, and evidence of learning with others directly, expressing agency with respect to
achievements they have earned. The current underlying architecture of the TLN is a
permissioned blockchain.
The TLN is conceived of as a trust network. It is founded on existing trust relationships among
network members, based not just on technology, cryptography and algorithms, but also on the
lived experience of reciprocally honored out band interactions. The TLN leverages trust
relationships as an asset, collaboratively engaging in network transactions using consensus
algorithms that are driven by communal governance agreements.
Developed with Salesforce, the TLN uses open-source software from the Hyperledger Sawtooth
project. There is a commitment in the co-development partnership to make this network
available as the technology develops and matures, we plan to extend the TLN to hybrid trust
networks, enabling the sharing of encrypted, verifiable metadata about learners achievements
with others beyond the core trust network members. To do that, we must wrestle with the
challenges of identity, selective disclosure of information, zero knowledge proofs, and a host of
other topics that will broaden the utility of the TLN to serve the learners.
The TLN is also conceived of as a collection of networks, founded on the idea that different
attributes and applications will be piloted among groups of members on subnetworks based on
the design principles of the TLN. The TLN is then a secure decentralized data store of records
issued by institutions, companies, government agencies, or non-profits, owned by learners,
permission based, with the intrinsic ability to develop business logic logic meeting the
requirements of specific use cases. It is a trust platform that supports secure applications.
The Trusted Learner Network, Page 4
The TLN - Technologies of Trust and the Rules That Guide Them
Technologies of trust ensure reliability, truth, confidence, and strength in assertions and their
relationships. Current technologies that implement these characteristics will give way to others.
Among the most promising at present are various implementations of distributed ledger
technologies and associated mathematical and statistical applications of encryption, consensus
(decision-making), and proofs. These will change, but our focus on how we use them to
empower learners to achieve their goals and well-being will not. We live today in two worlds:
physical- and digitally-mediated virtual worlds. The TLN strives to bring to the digital world the
confidence and certainty of human interpersonal trust.
12 Principles of the Trusted Learning Network
A foundational data structure in the Trusted Learner Network is the Trusted Learner Record
(TLR). The underlying technology can be used for many other purposes, but ours focuses on
the metadata that describe the learner, their achievements and abilities earned over a lifetime.
1. The TLN represents a place to store assertions made about a learner’s
achievements by educational institutions, employers or other organizations who are
partners in the TLN and use the TLR data model. Only those entities who are TLN
members can upload information to and append a learner’s record.
2. The data in TLR are immutable. Once an accomplishment is asserted by a TLN
member entity, it cannot be manipulated or changed. This is an attribute of the
technology, and of special relevance to assuring confidence achievements issued
cannot be modified by the learner or any other party, guaranteeing authenticity.
3. An issuer’s assertion about an accomplishment can be supplanted by either an
expiration or revocation if the record type supports such an update. The original
accomplishment remains as part of the historical record, but the business logic of
the database presents only the current record when an update is made.
4. A learner accomplishment is owned by the entity making this assertion. Ownership
means the ability to view, share, or update said record (if it is a record type that
supports updating).
5. The business logic of the TLN always presents the most current view of a learner’s
record. The history ledger transactions are retained and can be viewed by the
owner of those records, or others who have been granted permission by the owner
to view them.
6. Sharing a learner record of accomplishment is dependent upon learner consent,
which is recorded in the database. Learner consent can be revoked by the learner at
any time, updating its shareable status. Sharing means the record may be viewed by
or transferred to another TLN member as determined by the list of TLN members to
whom the learner has given such consent.
The Trusted Learner Network, Page 5
7. At the present time, learner records can only be shared with other members of the
TLN. Sharing off-chain and with non-TLN entities will be implemented at a later date
as the required technology emerges.
8. Learner accomplishments are co-owned by the learner. Co-ownership allows the
learner to selectively share the metadata describing their achievements with
others. The achievements themselves cannot be manipulated or changed;
however, the narrative that surrounds them is the author’s own.
9. The technology to participate in the TLN is not dependent on proprietary or
commercial vendor products. The database architecture and the means of
interacting with it are based on open-source tools, protocols, and Application
Protocol Interfaces (APIs). The policies that govern these features are the
responsibility of the TLN Governance Council (described in a subsequent
section).
2
10. Identity and Access Management is central to the confidence in and adoption of
the TLN as a mechanism for the value of achievements associated with
learning as well as the competencies and skills earned in social and workforce
engagement. The TLN must incorporate a variety of identities from existing
sources. These trust anchors represent a federated set that map to a
well-established and validated identity an individual institution has assigned to their
members.
11. No personal identifiable data will ever be exposed, shared, or made available
without the express permission of the learner. Analytics and insights are
gathered for optimizing algorithms and service design logic will always respect
the privacy of the users of this system.
12. The TLN is architected to support a network of networks. That is, the TLN is
not designed to be a hierarchical network with a single anchor entity. Rather,
over time, the network effect of the distributed database should naturally
evolve into multiple networks to support cross-sections of different members.
As in all well-designed networks, the intent is to mirror these principles in all
derivative networks so as to maintain coherence and the technical protocols
to assure overall integrity, consistency, and future interoperability.
2
While the full core features of the TLN are open-source, the TLN features a smooth and easy integration path to
leverage the power of the Salesforce™platform for management and extended functionality.
The Trusted Learner Network, Page 6
The TLN Community
Advancing the TLN from proof of concept to widespread reality will require a community of
practice -- and action. It is vital to engage a variety of stakeholders in an ongoing manner to
understand where this technology is most useful, as well its implications. For institutions, the
TLN can replace data exchange with systems operating from the same data even when it is
distributed across many locations. It is transformational for learners/workers as they gain a
personal record of their achievements that are theirs for a lifetime yet remain verifiable. The
implications of the TLN require an imaginative, diverse and engaged group of stakeholders who
recognize the importance to learners and works, and for the organizations in which they invest
their time. Only as a community can we explore and describe the possibilities the TLN and the
applications that will require it services.
Codes of Conduct
Respect - The TLN and the TLR cover a wide range of applications and records of learning,
formal and informal in many contexts within a lifetime. There will be fundamental disagreements.
Express your opinions respectfully and with consideration.
Humility - We are all experts and novices; it just depends on the topic, the context and even the
time of day. It is essential to be active listeners. Partisanship has reached new heights, but our
community needs openness and a willingness to empathize -- to see through the eyes of your
colleagues. Everyone’s views deserve respect and recognition.
Connection - All of us bring unique expertise; even by being unfamiliar we have the opportunity
to ask the questions that may seem naive but help everyone better understand. Take risks to
engage in conversations and ideas that are outside your professional comfort zone to bridge
conversations. New ideas are born amid the intersection of disparate ways of thinking.
The TLN Community provides context, creativity, and imagination that guide and situate the
work developing trust networks, the data models supported and the applications which use
them. The TLN Community is open to all. It strives to ensure that the pursuit of trust networks is
grounded in:
1. Access and Equity - Trust networks must be accessible to everyone. Services and
applications should address people at all stages of the lifespan.
2. Learning-Workplace Continuum - Learning and work are continuous elements of a
productive and satisfying life. Their intensity and expression will vary over time, but they
are integral parts that blending with others of a life well lived
3. Learner/Worker Agency - The interconnected and braided nature of education, work,
and the pursuit of social, community and personal interests involves connections with
many organizations across time. The constant is the individual bringing their evolving
narrative. The TLN and their data in the TLR retain their identity providing digital
continuity in a changing world.
The Trusted Learner Network, Page 7
4. Data Security - Only through distributed, encrypted data storage, augmented by regular
sanity checks to ensure data integrity and isolate attempted intrusions can we restore
confidence that digital data can be reliably trusted.
5. Personal Privacy - the individual should be empowered to share as much or as little
about themselves as they wish. When they do share a set of personal data, the very act
of doing so should avoid unnecessary ‘data exhaust’, the trail of data left by the activities
users during their online activity, behavior and transactions. Sharing your data should
not expose who you are. Conversely, decryption of your data should only be possible by
you, and those you permit to view it.
Trusted Learner Network CoLaboratory
Mission and Vision
The mission of the Trusted Learner Network CoLaboratory (TLN CoLab) is three-fold:
1. Explore, pilot, and build a Trusted Learner Network (TLN) that gives agency to learners
across their lifetime over the representation and use of their achievements,
accomplishments, and skills.
2. Enable learners to exchange information across TLNs and to external networks securely,
safely and with confidence to best express the representation of themselves to others in
a digital world.
3. Provide a safe, instrumented TLN testbed to deploy trust applications which add value to
learners and network members and fail gracefully -- teaching us as we iterate toward a
better future.
3
The nexus of industry and academia is experiencing digital transformation. It is caused by the
accelerating pace of technological innovation and the emergence of cryptographic protocols that
enable trust to be instilled into any digital transaction. The combination of these technical
catalysts and the increasing lack of faith in traditional trusted intermediaries offer a unique
opportunity to leverage the unprecedented level of trust we have built with the community to
help foster new approaches towards solving century old problems in new ways. To provide a
framework for this interdisciplinary application of the TLN infrastructure, we propose the CoLab.
This nexus cannot be directly or adequately served by either a traditional non-profit or for-profit
verticals, which creates an opportunity to craft a collaboratory (“CoLaboratory”) acting as the
3
Graceful failure: New systems are inevitably imperfect the first time round. When they fail, as in don't execute
something properly, or they way you expected they would, diagnostics should extend beyond just a bunch of errors.
They should fail in ways that convey why they didn't execute as expected. That requires a design approach that
anticipates possible failures and provides an idea about why it happened.
The Trusted Learner Network, Page 8
connective tissue. These connections are needed to accelerate and nurture technology and
business innovations that catalyze beneficial change and can have significant, near-term,
positive impact on society.
The CoLaboratory will:
1. Prioritize the development of the TLN platform and the applications that leverage it.
2. Foster public/private partnerships designed to catalyze beneficial change for the greater
good.
3. Design and implement open technology standards and platforms to enable that change.
4. Facilitate collaboration amongst a broad array of stakeholders with a focus on equality,
equity, diversity, and inclusion.
Governance
Codebase
The codebase of the TLN will be governed by the council, and will be released for public review
with the completion of Version 1.0. The functional core of the TLN architecture will be
open-source. The specific open-source license will be discussed among the Executive
Committee who will present a summary of the arguments in favor of licensing options with a
recommendation to be voted on by the CoLab membership. An open-source license will be
4
required to use the platform, write software that uses the services of the platform, or build smart
contracts on top of the platform. Applications built upon the TLN blockchain platform may be
open-source or proprietary.
CoLab Operational Practices
Governance Meetings Schedules:
1. CoLab Council Meeting - Monthly (virtually), face-to-face (f2f) for kickoff with one
additional f2f meeting co-located with a planned professional meeting, e.g., Salesforce
Higher Ed Summit, TrailheaDX or Dreamforce.
2. CoLab Exec Committee - Bi-weekly (every 2 weeks)
3. CoLab Technical Advisory and Standards Body - Each member will have an
opportunity to appoint a representative to the CoLab Technical Advisory and Standards
Body. This core group can add and remove additional technical advisors in an advisory
role as needed. All proceedings and deliberations of the Technical Advisory and
Standards Body will come to the Executive Committee of the CoLab. The meeting
frequency is virtual, monthly, or as needed.
4. All operations, CoLab performance, projects, meetings - Required to generate
bi-annual progress reports for public dissemination. The frequency is as needed.
5. CoLab Council Communications - Discussion and information will be openly shared
among the members and a separate curated public record will be made available to the
4
The starting proposal will be an Apache 2 license (choosealicense.com/licenses/apache-2.0/)
The Trusted Learner Network, Page 9
world. Communications posted to the public site must be approved by a consensus of
the membership.
Work Groups will be formed as needed to:
1. formulate bylaws;
2. be associated with development teams and projects;
3. assess TLN CoLab performance (annual report); and
4. assess alignment of mission and goals with actual TLN CoLab activity.
TLN CoLab Membership Criteria, Rules, and Responsibilities
The CoLab will have a maximum of 30 founding members that form a Governing Council. They
represent a diverse range of backgrounds, geographies, and expertise; bring highly respected
and earned experience in technology, governance, education, workforce development, social
inclusion, and equity; and 3) represent competing perspectives.
They will have equal voting rights and be term-limited to an initial two years, subject to the
policies for succession planning and removal as determined by the CoLab bylaws. The CoLab
anticipates membership to include education institutions, organizations, government agencies,
philanthropy, and corporations.
The responsibilities of the CoLab Council members cover several broad areas:
1. Governance
2. Membership Criteria and Rules
3. Policies and Bylaws
4. Business Model
5. Technical Advisory and Standards Body
6. Operational Practices
7. Application Priorities
8. Communications
TLN CoLab Council
The Chair of the the CoLab Council will be held by a representative of ASU, as convener of the
CoLab, with permanent membership for the duration of the proposed TLN Partnership pilot. The
Chair will be supported by an Executive Committee with the roles of Associate Chair, Recording
Secretary, Finance, Technology, Learner Representative, and Inclusion/Ethics.
Budget
The initial financial structure of the CoLaboratory is based on a two-year initial build out, after
which a decision to extend the TLN CoLab for a longer duration will be made by the governing
TLN CoLab Council. Given the membership in the CoLab assumes a significant investment in
The Trusted Learner Network, Page 10
time and resources to design, test and build the attributes of the TLN, TLR, and the applications
using them, inquiry about the budget should be addressed to the authors.
Proposed Development Priorities
Priority noted by √ first priority, + second priority, * third priority
A. Applications
a. Credit Transfer - √
i. Reverse Transfer - Transfer from a 4-year institution to a two-year college
for consideration toward completion of the student’s 2-year program.
ii. Dual Credit - High school students attending colleges while still enrolled in
their high school program.
b. Inter-school/College Transfer - e.g., courses taken at one college and transferred
for credit consideration to another, such as in a system or consortium of
institutions
c. High School Course Progress Advising
i. Sharing HS course completions with college/university Admissions Ofc √
ii. Guidance/Recommendations for HS courses aligned with college major
preferences, AI/ML assisted +
d. Transcript Dissemination - Students may wish to send their transcripts to another
institution, to complete their studies, to graduate schools or other professional
post-secondary programs, or to employers.
B. Open Source Applications Stack for TLN Operations √
a. Build reference implementation in an open source software stack to enable
non-Salesforce TLN members to perform all essential network functions.
C. TLN Governance rules on-chain
a. Voting rules √
b. Organizational audit data +
D. Identity
a. Federated Identity w/ Universal Resolver √=1st P; += 2nd P; *=3rd P
b. Self Sovereign Identity +
E. Learner Initiated Record-sharing - selective disclosure w/verification, initially among
network logins; later off-TLN locations
a. Selecting/packaging metadata for sharing +
i. without revealing metadata (ZKPs) - to employers/hiring officers *
ii. without revealing metadata anonymously - to job aggregation sites *
b. Personal device as local, secure records store - wallets, webapps +
F. TLN core - collaboratively with Salesforce
a. TLN performance dashboard/health statistics +
b. Consensus algorithms - performance/security/scalability *
The Trusted Learner Network, Page 11
c. Database options - alternative blockchains, DAGs *
d. Key Management - sharding, multi-sig replacement
G. TLR Data Model
a. Unstructured data secure storage/retrieval - IPFS √
b. OBv2 integration √
c. Consent history √
d. Competency representation +
e. Earned/aspirational achievements w/ 3rd-party attestation *
f. program structure - sequence/pathways, requirements √
g. Skill clusters +
h. Job domain preferences +
i. Psychometric profiles *
The Trusted Learner Network, Page 12 |