CIP: 2 Title: Campus project goal and structure Author: Ng Jun Siang Status: Proposed Created: 07-May-2025
Campus: The Digital College¶
campus (n.) “college grounds,” 1774, from Latin campus “flat land, field,” from Proto-Italic kampo- “field,” a word of uncertain origin.
A college campus today is no longer just a physical structure on a plot of land. It also encompasses the data generated by, and arising from, the activity of students in the college.
Taxonomy of campus data¶
Personal data¶
The PDPC defines personal data as “data about an individual who can be identified from that data, or from that data and other information to which the organisation has or is likely to have access”. For data to be considered personal data, two principal considerations apply:
is the purpose of the information to be data about an individual, or that relates to the individual?
is the individual identifiable from the data?
Sensitive data¶
Such personal data can be sensitive, including their gender, contact details, home address, and year of enrollment. Access to this data is commonly restricted to a need-to-know basis, e.g. when needed by a counselor or homeroom teacher, or by college leaders for case management.
Semi-public data¶
There is also data about students and their activities, which by its nature needs to be known by multiple groups of people. Such data, although not broadcast or published for general public consumption, can be considered public to the college due to the difficulty of protecting or restricting the spread of such data. For example:
students’ participation in activities need to be known to the activity organisers and possibly its participants, also to their tutors (in the case of schedule clashes), and to office staff who may be assisting with generating student participation records
students’ college-provided email addresses need to be known to staff members for the purpose of contacting them about college-organised activities
students’ enrolled subjects need to be known for scheduling and administration purposes
Goals¶
Campus aims to achieve the following goals:
Data Security
Data Freedom
Data Portability
Data Extensibility
Data Security¶
The need to balance data security concerns with ease of access poses a data management challenge. On many campuses, this management is carried out manually, requiring many daily decisions by many campus staff to enforce the security of data. This can lead to inconsistent handling of data, and slow down processing of data.
Campus aims to provide a digital framework for consistent handling of data access, so as to speed up the necessary data processing for college operations.
Data Freedom¶
The concern over data security often leads colleges to take a safer-is-better approach, refusing to share data unless necessary. While the focus on data security is commendable, we believe it is possible to enable greater freedom of data access while still respecting data security needs.
Campus aims to enable access to student data, through the use of public APIs (such as web APIs) that other first-party and third-party applications can use. Authentication and authorisation processes allow tiered access to this data, taking into account the college’s data policies, and the level of consent given by the student.
Data Portability¶
Upon graduation, students typically receive their data in hardcopy, in the form of certificates, transcripts, records, and so on. But students are increasingly using digital data management tools, and such forms of data release means that students have to spend time digitising this data, often manually.
Campus aims to allow digital portability of student data to common digital formats, enabling other services to use this data with student consent.
Data Extensibility¶
Colleges typically use vendor-provided learning management systems (LMS) to manage academic content, but have fewer solutions for other campus data. If a digital platform is provided, this is typically a proprietary vendor-provided platform, resulting in vendor lock-in.
As college digital needs evolve, old vendor platforms might no longer serve the college’s needs. Yet, the need to justify high vendor upfront costs leads to inertia in switching platforms.
Campus aims to allow new services to “plug in” to existing data, enabling new features without requiring expensive vendor extensions.
Principal considerations¶
On-premise hosting options¶
To manage sensitive or personal data, Campus must provide an on-premise solution that colleges can host on machines that they own.
Third-party integrations¶
To achieve data freedom, Campus must integrate with common third-party services, and itself enable third-party services to integrate with it.
Structure¶
To meet these goals, Campus is designed as a centralised suite of microservices:
Palmtree: authentication framework and API
Fountain: resource authorisation framework and API
For ease of maintenance and development, Campus also incorporates a collection of internal services used by first-party and third-party clients:
Library: a common data storage interface used by Palmtree, Fountain, and other microservices
Yapper: a message broker for event-driven development