Myanmar Education Governance Framework

V1.0

Introduction #

A primary purpose of ZADA Network and its Verifiable Credentials is to address concerns about trust of credentials as well as security and privacy sharing them on the Internet. These concerns have resulted in diminished public trust in the Internet as a global public utility, which in turn has affected the potential to harness the Internet’s power for economic and social empowerment and digital transformation.

For Educational Credentials issued over ZADA Network to be trusted, the public must be able to assess the policies around them and feel confident that the issuers of the Educational Credentials comply with the policies specified in the Governance Framework for Educational Credentials in Myanmar. 

Governance Board #

The role of the Governance board is to set the policies and rules so the issuers’ credentials can be trusted by the public.

The Governance Board consist of representatives from:

  • Myanmar Ministry of Science & Technology
  • ZADA Solutions Pte LTD

The Governance Board will meet annually, or as required, to review and update the policies of the Governance Framework.

Issuance Policies #

The issuance policy sets the rules for the ecosystem and ZADA Network issuance.

Types of Verifiable Credentials and approved issuers #

Academic QualificationCan be issued only by Institutions approved by the relevant Ministry to provide the Academic Qualification in question.
Professional QualificationCan be issued only by Professional Training and Certification providers holding a relevant license.
StudentIDCan be issued by an institution with a license to provide training to students.

General Rules on Issuance #

  • All issuances and re-issuances are to be done according to a four-eye principle, either electronically reviewed and signed (with supporting logs) or reviewed and signed on paper and archived for at least threee years.
  • Issuance can only be done to people where identity has been verified to an acceptable level including at least matching FullName and Birth Date. Ensuring there are no fake credentials is a responsiblity of the party preparing the data to be issued.

Schema designs and example data #

The Credential Schema is the structure of the set of claims comprising the Verifiable Credential. 

TypeExamplesSchema
Academic QualificationEducational Levels
– High School
– Diploma
– Vocational
– Bachelor
– Master
– Doctorate

Institution
– TU (Magway)
1 Type
2 Full Name
3 Birth Date
4 Document Type
5 Document Id
6 Education Level
7 Institution
8 Major
9 Study Mode
10 Start Date
11 Graduation Date
12 Certificate No
13 Country
14 Issuer
15 Issue Time
TypeExamplesSchema
Professional QualificationDesignation
– Project Management Professional

Post Nominals
– PMP
– LCCI Level 1
– CPA

Agency
– Project Management Institute
1 Type
2 Full Name
3 Birth Date
4 Document Type
5 Document Id
6 Designation
7 Post Nominal
8 Agency
9 Certificate Number
10 Grant Date
11 Expiry Date
12 Issuer
13 Issue Time

Trust Elements #

Trust in the Credentials requires certain Elements to be managed to ensure that the activity of issuance and data validation can be trusted:

  1. Security 
    • Systems are protected against unauthorized access. 
    • Users do not share their access to other people.
  2. Data integrity
    • The data provided is complete, valid and accurate. 
    • No fake data is added.

To support the trust in these elements, there will be:

  1. Signed Contracts & Agreements
  2. Self-Assertion of Compliance
  3. Logs
    1. System Access
    2. Credential Issuance
  4. Audits to ensure compliance to governance framework to help ensure the quality of the data.

Periodic Review & Audits of Business Operations #

ZADA reserves the right to request information about operations affected by this Governance Framework, at any time, to audit and ensure the operations meet the Governance Framework rules. If they are not, ZADA may immediately suspend or terminate any of the ZADA Platform Services being used.

Appendix I: Standard Operating Procedure (SOP) for Academic Qualifications #

This is a suggested SOP to make it clear how the internal teams will be assigned and how they will work to ensure trust in the issued credentials and to avoid any mistakes or fraud.

Data Preparation & Validation #

1) To ensure trust in the data, the data will be collected and verified by two different people in each university: #

Data CollectionEach University will collect the data
Data ValidationOne person will be responsible to sign off on the data

2) To ensure traceability of what is done, each upload will be logged and only the approved person will have permission to do it #

Data UploaderEach university representative uploads their data directly to the Data Vault.  To ensure traceabilityInstitution name will not be editable for logging purposesEach upload will have a timestamp

Manual Issuance #

4) In cases where automatic issuance is not working for different reasons, such as missing records or records that are wrong and need to be re-issued, manual issuance can be done through ZADA Portal. #

IssuerCan only prepare issuance of credentials
ApproverCan only approval credentials requested to be issued
AdminHas full access to logs, issuance, verification and managing the user accounts and access.

Appendix II: Issuance of Academic Qualifications (MOST) #

Academic Qualifications such as Diploma, Bachelor and Master will follow a process similar to the paper version being signed by both the University Rector and Chairman of the Examination Board of the Ministry of Science & Technology.

  1. The Certificate Data is prepared and validated by the university
  2. The University is listed as an Institution in the Credential
  3. Issuance signature is by MOST

Using ZADA’s decentralised solution, the processes will be optimised and made automatic to the highest possible degree.

  1. Universities need to comply with the Governance Framework as set by MOST.
  2. Universities prepare the data, using a four-eye principle before it is made available for issuance to the student from a data vault.
  3. Students will be able to request the certificate, receiving a verifiable credential digitally signed by MOST.

Digital Signatures and logs ensure credentials can be verified in a decentralised matter, but also so that any issuance fraud or mistakes can be traced back to the originator.

Appendix III: Issuance of Student ID (UNIVERSITY) #

N/A

Powered by BetterDocs