Learning Environment – Components
(Sorry that this is a long post – but there is quite a lot to say here)
In light of Charlie Love’s recent publication of his proof of concept portal ( see glew.org.uk and also http://charlielove.org/?p=7810) he has worked on in the context of Glow Futures, I thought it would be worth sharing the essential components of a paper which I wrote some time ago. This sets out a high level vision for the components which might constitute a learning platform.
There are three points I want to highlight:
- I take the view that an absolutely fundamental concept here is the establishment (and maintenance) of a trusted user base. This trusted user base should be a welcomed basis for collaboration for the future benefit of education in Scotland – it should be a basic right for every Scottish pupil, parent and teacher to be a member of this community. This should be an area of strategic investment by he Scottish government.
- Secondly, what I call “Universal Search“ is also a fundamental requirement in any environment bringing together disparate applications. This feature will give users the capability to find relevant content across the whole platform through one search tool. This was an original object of Glow but there were various obstacles which prevented this being fully achieved. Lessons learned!!
- And lastly the user interface should be instinctive and customisable making provision for the wide range of user ages and abilities (and disabilities) requiring access to the environment.
In my ideal world – this portal should provide a platform for its community to develop values and behaviours to prepare them life beyond school. For this reason a desirable characteristic of this environment is that it provides a passage for learners, which is initially more restricted and protected and later more open and unrestricted.
The end product of this should be individuals who whilst still retaining their Glow accounts are able to freely share and collaborate using tools that are not necessary intrinsically part of the Glow platform. It should also be possible for users to publish to the wider community using Glow tools, but most importantly do this in a responsible manner.
BYOD is now more than ever a basic requirement – this much be a key feature of the future of ICT is our schools. I take this to be a given in the context of the rest of this paper.
It is very easy to iterate these points but I also recognise that there is a burden of responsibility which weights heavily on todays decision makers who need to temper the need for budget restraint against providing the best opportunities for our future generations.
Much has been made about the cost of the original Glow Platform which was £37.5M + VAT over the first 5 years (= 44/5 = £8.8M inc VAT).
Compare that to the total spend on Schools Education which was in 2008-9 £4,869,127,000 (source http://www.scotland.gov.uk/Publications/2010/05/11134917/3).
So based on this the total cost of Glow was 0.18% of the total Schools spend in 2009 or to put another way for every £100 spent on Schools Education 18 pence went towards Glow.
This system will be a supplement to existing classroom support and can be used both in the classroom and out with school hours from any location where broadband Internet access is available. The solution will be made up of a number of components some of which will be core and essential others which are optional add-on modules. Where it is deemed necessary to own solution components, these will be hosted in a data centre and provided to end users as a number of tightly integrated web based services which can be configured according to specific customer requirements. Indicated below is a brief description of all the service modules which can be combined to provide a custom solution.
In view of the nature and range of the services required, those which are not existing cloud based services, will be hosted in a secure data centre which is connected to a country wide network featuring good (high bandwidth and low latency) connectivity to all schools. Currently the JANET network is used for this purpose, this should continue to be the case if there are no changes to the connectivity landscape. This data centre and its hosted services will need to be available on a 24/7 basis and the services should be able to perform efficiently across the network. In view of the fact that young children will be make up a substantial proportion of the user base, it will be necessary to underpin the end user services and applications with a number of safety measures which are designed with school users in mind. The data centre will need to operate to similar performance standards as any other commercial data centre but will also need to support some services which are specific to the education sector. The nature of modern teaching and learning is such that there will be occasions when large groups of pupils in a given school will need to access broadband resources which are hosted in the data centre – with this requirement in mind it will be essential deploy network optimization services as part of the overall solution.
2. The learning environment core components
2.1. Account provisioning and maintenance system
A web based system for configuring the system components and the managing the user base will be provided. This system will feature a hierarchy of admin roles which will allows some tasks to be delegated to nominated users at country, regional and local levels. For example the creation users accounts can either be done manually or using trusted inputs from existing school Management Information Systems. The transmission of management information will be performed via a secure and encrypted web service to ensure that user data confidentiality can be maintained. This approach will allow system administrators to take ownership of their local users and deal directly with any user management tasks are necessary such as creating and deleting users, and moving users from one school to another etc.
2.2. Single Sign On Service (SSO)
This service is used to authenticate and authorise users to access the system! When a user attempts to access any part of the service package this module will confirm that the user is a member of the system and also has appropriate access privileges. The user is required to have a valid and current user ID and password. Once a user has logged into the SSO service it is possible for that user to subsequently, during the current web session, to access any module to which the user has been granted access rights.
2.3. Portal Service
The portal provides the basic user interface with which all users interact when first logged in! The portal can be configured to show linkages all system modules to which the current user has been given access privileges by means of portlets. So if a user has not been configured to have access to a particular service it will not be visible on the users portal screen. The Portal will also have the ability to provide real time status information about the users applications through the portlets according to specific application features. So for example if a user has access to the email application, it will be possible see on the email portlet when new mail has arrived in the users mail box or if the user has access to the Managed Learning Environment information about due assignments could be notified etc. The portal should also be customisable in terms of the range of applications that can be integrated and look and feel of the user interface so that interfaces can be designed and selected for different users types including young pupils, older pupils, teachers, university students etc.
2.4. Global User Directory Service
The global directory service contains a record for all system users holding necessary personal information access rights concerning the system modules to which each user has been granted access.
All users are granted some level of read access to the directory and can discover information about other users. It is also possible for users to configure the directory to hide some information about them selves that they do not want to share. So for example if a users mobile phone number is in the directory a user can choose to hide this particular field from other users. This restriction can be applied either on a global or user group basis. So a teacher might allow his/her mobile phone number to be shown to other teachers in their own school but deny access to all other system users.
The presence module is tightly coupled to the SSO service so that as soon as a user has been authenticated to access the system their status will be update to show that they are online. It will be possible for the user to change their statues when logged based on their current work activity. So when in a meeting the user status can be setup to “do not disturb” etc…
2.6. User Interface
The user interface should be configurable to allow users to select an appropriate look and feel according to their needs. Support for screen readers should be provided throughout the entire platform to provide support for impaired users.
2.7. Federated Authentication
In order to extend the use of the SSO service thus providing access to “external content” the system should be a member of an appropriate access federation. In this way and using SAML based federated access system it will be possible for system users to gain access to third party protected content. It will further be possible for users to benefit from personalised access to this third party content – this will be useful where some users can be granted authoring capabilities whilst others need only read only access etc. It is likely that Federations will already exist and it would be desirable to also have support for cross Federation access.
3. Content Services
Content can be stored in the system in a number of different ways depending on its type. The follows content storage/publishing system are available.
3.1. Content Object Repository (COR)
This system allows static content objects to be stored and shared. It is possible to store the following content types, Application Documents ( eg Word, Excel, Power Point, Audio/Video or any other computer based application), it is possible for the publishing user dictate which groups of users may have access to the content being published. The publishing user can also apply tags to content to make it more discoverable. Content tags can either be pre or user defined.
3.2. Managed Learning Environment (MLE) or Virtual Learning Environment ( VLE)
The MLE is used to produce, manage and execute ‘lessons’. Lessons are typically created by teachers but it will also be possible for other system users to be given management rights in the MLE. Only lesson control data will be stored in the MLE with the Content Object Repository being used to store and serve the learning objects. Learning objects can also be linked into the system from any external repository assuming that appropriate access right have been granted.
3.3. Video Portal
This service is specifically designed to efficiently store and serve video based content. The system can store video content in a range of formats which can then be linked into lessons in the MLE module. Video assets can be stored, tagged and searched and will seamlessly exist alongside other content.
3.4. Web Service and Wiki’s
Users will have access to web publishing services which will enable them to publish both their own static web pages and also build collaborative content using Wiki’s etc. In either case the content published will be indexed so that each asset (or item) can be discovered by the systems internal search engine.
Each user of the system will have the option of maintaining a personal Blog which can be configured to visible to restricted groups of users. Typically, a pupil’s Blog will not by default be visible on the public internet, but it will be possible to assign various grades of visibility to any users blog. So visibility can be controlled between very restrictive (own class and teacher only) and very open – accessible to the whole internet. The degree of restrictiveness will be set according to local management policies.
3.6. Content Search
All the above systems can be searched through the global search tool which is accessible from the portal and from within other modules where appropriate. Search results will be presented to the user based on the users access privileges and in the context of any work that they are currently engaged with. The user profile in the directory will be key in allowing the search module to rank relevance of the search results. So for example if a user is a pupil engaged in a particular subject lesson the result will be ranked according to the pupils current work context. Where a user is denied access to any content, that content will not be returned in any search results. The global search engine will have the ability to index content from a wide range of repositories including external repositories using a standards based remote search protocols and standards.
4. Collaboration and Communication services
The solution is rich in communication and collaboration tools which facilitate both real time and asynchronous activities.
When a user is logged in to the SSO service the Presence service will provide a signal to all collaboration applications that the user is online. It is also permissible for the user to define and control the exact presence status message according to their own work pattern. So for example the displayed message could be set to “on the phone” or “away from my desk” etc….
4.2. Real Time Collaboration
Users will be able to use a suite of real time collaboration tools. The real time collaboration system will support communication using one to one and one to many text messaging (chat) and Video/Audio. Users can also jointly author documents allowing them to share documents so that editorial control can be handed from one to another. A web based white board will also allow users to share presentation material and author and highlight any application document in real time.
Recording facilities will also be available to allow collaboration sessions to be recorded and played back as necessary. This later feature can be used to provide evidence of collaborative work done by pupils and also to record lessons/tutorials so that pupils can play them back at a later time.
4.3. Asynchronous communications
The system also supports threaded discussion system which can support long term conversations with contributions being possible as and when the users have the opportunity to access the system. Any such discussions can be indexed so that the global search engine can see contents and returns links to discussion forums when user conduct content searches.
4.4. Personal Calendar
Each user will have their personal calendar, which they can manage directly by adding and editing events. It will also be linked to the community at large so that group meetings/events can be setup and resources such as rooms and real time collaboration tools can be added to the event. Important deadline events such as assignment submission dates will also be automatically added to a user calendar based on their activities elsewhere in the system – such as the VLE etc.
4.5. Twitter, Facebook and Instant messaging
These tools which are now in daily as generic internet communication services will also be available within the environment but subject to moderation measures for young users. As a user develops their knowledge and experience of using these communication tools, it will be possible for them to graduate to a more open environment and eventually to the internet based equivalents. It is recognised that users will be able to access the Internet versions of these services at any time separate from the Cisco based service.
The email service will provide users with a web based solution which allows them to exchange email messages subject to filter policies which can be setup by the system administrator. Very young pupils may be restricted to sending email within their own school, subject to the approval their teacher. The mail system will also feature protocols which allow users to use a rich mail client if they require additional functionality.
4.7. Cloud Based Content creation tools
A range of content creation tools are now available which can be access for free these should be accessible for users via the SSO and the Federation or a supported authenticator. Google Apps for Education is a service which could be popular in this repect.
In any ICT service that is designed for young children, safety is a prime concern. For this reason a number of services can be deployed to ensure that any possibility of user abuse is minimized. Typically local policies can dictate whether the safety regime is applied to certain types of users.
- All text based communication modules will be subjected to a banned words filter service. So if a pupil uses inappropriate language in either a real time chat session or in an email the offending message will be stopped and an alarm will be set to notify either the responsible class teacher or system administrator. The list of banned words can configured to take account of regional variations in the use of language
- All systems what involve user interactions will have all communications logged in files that can be analysed. These system logs will be retained for a time which can be configured by the system administrator according to local policies.
- Real Time systems are configured so that communication can only take place when a responsible user is present. This might be a teacher or school support worker.
- Any abuse pattern which can be detected by system monitors will raise alarms which the system administrators can then deal with according to the relevant acceptable use policy.6.Safe Access to the Internet
Any schools network should have a part of its facilities onward access to the internet to allow users to access the wide range of resources which exist throughout the wider education community in the local country and throughout the rest of the world. The range the quality of resources on the internet can vary in quality so it is essential to ensure that only appropriate resources are made available to schools users. Some content available on the internet is known to be unsuitable for use in schools. This can include in the worst cases pornography, politically inappropriate content and morally questionable content. Some sites have been identified by the Internet Watch Foundation (IWF) as inappropriate where the content is likely to be illegal in most countries. Because of these conditions, it essential that the schools internet gateway be subject to filter policies which can protect schools users from these unacceptable content sources.
The schools user base will also consist of a diverse set of users ranging from very young children to older children and adults. The internet content filter should have the capacity to take account of this entire user base by allowing filter policies to be applied based on the group to which the browsing user belongs.
In any case the internet access filter should apply the IWF black list to all traffic and then supplement this with additional filter policies which are applied according to the actual user identity.