The overall objective of this project is the development of a blockchain-based architecture for the issuance, immutable storage, retrieval and validation of academic and training certifications while maintaining strict compliance with the GDPR.
The project acronym, GAVIN, acknowledges the merits of Dr. Gavin Wood, an English Computer Scientist that founded Ethereum.
Academic certification should be understood as any type of learning accreditation, ranging from regulated educational programs to the validation of professional skills and non-official training, professional training within companies, online courses, life-long-learning courses, endorsement letters, etc. In other words, the system devised would support the validation of university degrees and also the validation of a specific skill by a coworker (e.g., Python programming skills, teamwork abilities, competence endorsement as in professional social networks such as LinkedIn or ResearchGate, etc.). In this project proposal, academic information, certificate, accreditation or competence, has to be understood in this context, that is, the validation or endorsement by any entity or individual of the successful completion of a training activity or achievement of a competence or skill.
Thus, the main objective is to guarantee, through the necessary technological elements, full compliance with the GDPR in a blockchain-based academic information management system. We enumerate below the main premises or operational objectives of this research:
- It should be possible to use this system without modifying existing information systems in academic/training institutions or other organizations that issue certificates or academic information and accreditations.
- It must be possible to verify the validity of the content of the certificate and the associated accreditations even after the discontinuation of the institution that issued the original certificate and of all its information systems.
- It must be possible to use it in all types of education: formal, non-formal and informal; regardless of the capacity and characteristics of the information systems of the entity that supports the training and issues the certification. It must be a universal system in terms of being able to be used for different training modalities and types of entities.
- It must strictly comply with the GDPR and all its requirements. Specifically, the right to be forgotten must be guaranteed, that is, the person who owns the certificates may effectively remove all or part of the information stored in the system. From a technical perspective, this is a relevant challenge in blockchain technologies.
- It must be flexible enough to be able to accommodate different types of academic information, accreditations, etc., regardless of the underlying information models.
- It must be scalable and able to support the transactions and operations related to information registration, verification and consultation by the final users of the model.
Therefore, as indicated in the previous section, the main objectives of this project are (1) to design and (2) technically validate an architecture supporting the devised system; (3) to guarantee full compliance with the GDPR and (4) to develop a MVP (experimental pilot) of a novel solution to issue, store, recover, share and verify heterogeneous and unrestricted types of academic information from any source using blockchain.
Without changing proprietary information systems, companies, organizations of different types and the educational actors will be able to generate and tamper-proof register any type of educational data or knowledge recognition, both formal or informal, and submit it to the holder automatically and securely whenever it is requested, so the owner may transfer it to a third party who can seamlessly check for its authenticity. The system should also contemplate that if, for any reason, the entity issuing the certificate disappears the issued academic accreditations could still be verified by a third party. The whole process must be fully compliant with the GDPR.