This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Study Group on Certification Infrastructure in the Education Field (2nd meeting in FY 2025)

Overview

Date and

Thursday, December 18, 2025 from 17:00 to 19:00

US>

Held online

Agenda

  • 1. Opening
  • 2. Agenda
    • 1. Report on the Summary of the First Expert Meeting
    • 2. Explanation of research on linking educational data between organizations not via the individual in question
    • 3. Exchange of opinions on linking educational data between organizations without going through the individual
    • 4. Explanation of survey and research on educational data linkage via the Principal
    • 5. Exchange of opinions on educational data linkage via the Principal
    • 6. Administrative Communication
  • 3) Closing

Summary of the Proceedings

1. Report on the Summary of the First Expert Meeting

Based on materials, the secretariat explained the compilation status of the first Advisory Council as follows.

  • We received opinions on data and file formats, methods for eliminating the complexity of operations and personal authentication, and the future direction of this project. We incorporated these opinions and examined our policies.
  • In particular, regarding the method of personal identification of students who do not have a My Number Card, which received opinions, we examined a draft of alternative measures.

In addition, regarding the method of personal identification of students who do not have a My Number Card, free discussion was held among the study group members regarding the draft of alternative measures. The main contents are as follows.

  • I think that it is quite difficult to distribute QR codes and have students respond to them during busy periods such as enrollment procedures.
  • It is important to consider a system in which the QR code is given to the teacher correctly, and the person or the parents can confirm whether the QR code has been read appropriately. For example, a system could be introduced in which a QR code is given to the teacher, and a notification is sent to the parents or students when the QR code is used or when a file is uploaded based on the QR code.
  • The original purpose of the alternative measure is to assign IDs to each organization and simply confirm that they are the same person, which can be easily realized by utilizing the national infrastructure. We recognize this as the original purpose of utilizing My Number Card. I feel that the introduction of QR codes as an alternative measure is a very redundant mechanism.

2. Explanation of research on linking educational data between organizations not via the individual in question

Based on materials, the secretariat explained the survey and research on collaboration of educational data between organizations that does not go through the person as follows.

  • We took up the system configuration diagram of the authentication infrastructure, details of the business flow after the introduction of the system, data format, signature method, deadline, operation system, and future schedule proposal, etc. as examination perspectives.

3. Exchange of opinions on linking educational data between organizations without going through the individual

Free discussions were held among the members of the Study Group on issues related to the linkage of educational data between organizations without going through the individual, and the main contents were as follows.

  • In order to avoid confusion in the field of education, the terminology related to the certification infrastructure should be unified in accordance with the field, and the requirements necessary for connection should be clearly indicated. For example, it is necessary to sort out whether each system is "assumed to have already been introduced in all local governments" or "can be handled even if it has not been introduced".
  • It is unclear at which stage of work the personal verification is performed, and the significance of the personal verification itself is currently ambiguous. If the high school side has a mechanism that can refer to the information sent before the personal verification, the question arises as to what the purpose of the personal verification is. It is necessary to sort out the purpose, whether the identity verification should be made at the final stage or the main purpose is to make it impossible to view the wrong file when it is sent.
  • It may be necessary to clarify the division of responsibilities in the event of a security breach.
  • I have the impression that the contents of the report are complicated. If it is not made as simple as possible, I feel from experience that the overall direction becomes unclear and confusion occurs in the field. The principles such as "digital first," "once only," and "connected one-stop" shown by Digital Agency are very important, and I think that it can be arranged in the direction to avoid complexity by judging in light of these.
  • The policy states that implementation of school affairs support systems will proceed in stages. However, in many cases, the operation of this system is carried out at the local government level, and the workload of testing and updating is extremely large. Therefore, we feel from experience that it is more efficient to implement it at once. In order to reduce the burden on school affairs support system business operators, it is important to devise ways to lower the hurdles. For example, it is considered effective to take support measures to facilitate implementation, such as making the specification as concise as possible and providing sample code.
  • Although a step-by-step concept is necessary, it is extremely important to proceed in a unified manner at once when actually implementing it. In particular, when considering operations across large-scale local governments, it is believed that it will proceed more smoothly if the entire system is implemented with common specifications, and unnecessary elements are abolished after ensuring that everyone can use it.
  • In the design of digital locker requirements, it is important for schools to build a system that can respond to multiple academic destinations with a single operation. Similarly, high schools should aim for a design that can receive data from multiple junior high schools at once. It is necessary to consider the specifications of digital locker based on these requirements.
  • Terminology selection is also important. The expression "digital locker function" is easy to imagine, but technical terms such as "A. I. function" are for experts, so it is desirable to use easy-to-understand terms when disseminating them to the field.
  • The design of multiplexing authentication and further granting electronic signatures is assumed to make the operation complicated, and its purpose is unclear. Despite the original purpose of linking IDs that are independently granted by junior high schools and high schools at the same time, if the number of confirmation means increases according to the number of files to be sent, it is not logical. In this regard, it is necessary to confirm the consistency between the purpose and the design policy again.
  • The purpose of adding a signature or time stamp is to guarantee the validity at the time of transmission, but it is unclear in the current discussion whether it is really necessary to guarantee the authenticity for a long period of time such as 10 years or 15 years at the time of storage. From the viewpoint of system operation, the design that requires a signature even in the storage state is strange. It is reasonable to add a signature at the time of issuance and add it again at the time of provision. It should be reviewed whether it is systematically appropriate to continue to maintain the signature at the storage stage.
  • There are guidelines on the expiration date of certificates. However, electronic signatures in the digitization of guidance records serve as a substitute for seals and are considered to be more of a confirmation of intent than a verification of authenticity. Therefore, the provision of "expiration date not exceeding five years" in the Electronic Signatures in Global and National Commerce Act may not be consistent with the business requirements in this case. We believe that signatures with an expiration date that is consistent with the business requirements in this case should be adopted. If the guidelines themselves are not consistent with the business requirements, there is no need to combine other means to achieve both.
  • As for the handling of PDFs, it is necessary to consider which format is appropriate in accordance with the current status of use of guidance records and medical examination forms. At present, not all students necessarily open and check all PDFs, and I think it is not a problem in itself. If there are various things in junior high school and you go to high school, I think it is not necessary to hand over all the situations to high school. Therefore, if there is no intention to change the current operation significantly, I think it is good to receive it in PDF and print it only when necessary. On the other hand, if there is a strong policy such as a policy to analyze and utilize structured data for all students, I think it is necessary to review the use of forms based on the opinions of the field.
  • At present, there are many paper documents, and this is considered to be a major obstacle to computerization. Considering the ideal situation, it is desirable to shift to structured data en masse. As a measure for this, I think that the utilization of AI technology is effective. If paper documents are to be made into PDFs, it is possible to convert them into structured data by processing them with AI.
  • There is also an issue of whether or not it is appropriate to maintain records of daily activities and grades for a long period of time. I think it is necessary to discuss while separating what is feasible from what is not implemented.
  • If AI is to be used, AI should be used to output data to PDF or paper, rather than to extract data from PDF. Communication between systems should be done with data, and the fundamental design policy should be based on data linkage.
  • Junior high school education is compulsory, there are no special subject settings, and data collection can be coordinated among local governments. On the other hand, high schools frequently request additional documents or submit their own forms. Therefore, it is necessary for teachers at each school to respond individually. In light of this situation, it is necessary to first understand the actual situation of exchanges other than application forms and survey documents in high school entrance examinations. There are many exceptions, and it may be difficult to actually operate by simply preparing data formats.
  • In consideration of LGBTQ + people, gender information is no longer required. We are currently in a period of change, and we believe that it is necessary to clarify the scope and format of the necessary data and to design the most labor-saving method based on the actual situation.
  • In the past, school administration support systems were assumed to be network-independent. Now, however, there is a shift to next-generation systems that enable network connection and external data transmission. It is necessary to confirm whether the APPLIC standard is fully compatible with these changes. It is not enough to adopt XML as the data format simply because the APPLIC standard is XML. It is necessary to consider specifications that match the purpose.
  • Ministry of Education, Culture, Sports, Science and Technology presents the reference form. In some cases, it is standardized on a prefecture-by-prefecture basis. In other cases, different forms exist. It is also important to consider the extent to which standardization is possible on the basis of the reference form.
  • When abolishing paper and converting it to data, the document has XML, JSON, and CSV as candidate formats, but it is important to define the structure first. If it is XML, it can be defined using the XML schema, and the terminology can be clearly defined in RDF. It is also necessary to clarify whether the XML and RDF tags will be discussed mainly in the APPLIC standard or in the standards of another organization. The description in the document may cause a misunderstanding that "XML is fine because the APPLIC standard is XML." I understand the necessity of adopting XML when converting it to data, but I think that the discussion of whether to use JSON or to accept CSV when linking with API should be discussed as an operation option, not as a standard.
  • If too much effort is put into the transition period, there is a tendency for people on the ground to come to the conclusion that, "It's OK because things are going smoothly." I think it would be more constructive in terms of policy to focus on clearly indicating the ultimate state of affairs and setting the conditions for its realization.
  • Regarding the steps described in the material, Step 1 is a mechanism in which an digital locker Prime account is used to log in to gBizID and log in with a confirmed account. On the other hand, Step 2 is a cooperation using APIs, and it is described that the right to log in to the school affairs support system and the right to execute APIs to digital locker are separated. Furthermore, when digital locker APIs are automatically executed, a client certification method is adopted, and the school affairs support system executes APIs to digital locker as a client. Therefore, it seems that the idea of identity verification by gBizID, which was secured in Step 1, is lost in Step 2. How is consistency ensured in this regard?
  • I understand that the final goal is to realize access to digital locker from the school affairs support system via APIs. It is necessary to grant gBizID accounts to individuals by inserting the Web in the transitional period response, but I feel that this is wasteful. I wonder if it is possible to adopt a method of building on the premise of APIs from the beginning. I think that the work of distributing IDs and operating them for using the Web and further disseminating the usage method is a heavy burden on the job and is inefficient.
  • At present, there are local governments that have not even introduced a school affairs support system, so it is necessary to discuss how to proceed while absorbing the diversity. Ideally, it is desirable to introduce APIs all at once toward what it should be. However, as a realistic response, we recognize that it is essential to coordinate with school affairs support business operators and coordinate opinions with boards of education that have not introduced a school affairs support system.
  • In the current figure, there is a description that "teachers will deal with it", but even among teachers, it is not clear whether the vice-principal will deal with it, the director of the educational affairs department will deal with it, or it will be done by junior high school teachers, or the board of education will intervene. It is not necessary to include these details in the concept or table at this stage, but it is important to be aware of the division of roles and to clarify the image when considering implementation.
  • At present, there are three types of operation of school affairs: paper, PC-based operation, and operation by school affairs support systems, and the state of resource development differs depending on the corporation. Ignoring this premise and simply proceeding with the discussion based on the presence or absence of digital locker connection is inefficient as an examination. The original purpose to be aimed at is that school affairs support systems directly cooperate with each other and the operation is completed at once. If this is difficult, downloading through personal terminals is allowed, but it is necessary to clarify the issues (responsibility in operation). The method of downloading once through the web version, decompressing the file, and reprocessing it is not essential in light of the purpose of improving productivity.
  • When using the web version, the design in which the download destination is a personal terminal, that is, a PC, is extremely problematic in terms of operation. In an operation in which files are saved in the download folder of a shared terminal, the meaning of multi-layered authentication in the past will be lost. If such an operation is allowed, strict restrictions should be established. In other words, it is necessary to manage risks not by strengthening authentication but by thoroughly implementing operation rules.
  • In relation to linking of data via the Internet, is it necessary to take measures against security risks, such as transmission from infected Terminals associated with uploading of downloaded data to Terminals?
  • Does the operation of the system require or will there be an up-front security assessment or Privacy Impact Assessment (PIA)?
  • Security issues may arise when data is handled outside the system, and it may be necessary to ensure the feasibility of the system. For example, it may be possible to effectively utilize the dispatch of experts implemented in Ministry of Education, Culture, Sports, Science and Technology for the purpose of IT support to support the field. It is necessary to verify whether it can actually be operated in the field.

4. Explanation of survey and research on educational data linkage via the Principal

The secretariat explained the survey and research on educational data linkage via the Principal as follows based on materials.

  • The following were taken up as examination viewpoints: Use cases of this research (electronic issuance of graduation certificate and transcript of university), problem setting in hearing, system configuration diagram, and argueing points in the business of certificate issuance.

5. Exchange of opinions on educational data linkage via the Principal

Free discussions were held among the members of the Study Group on issues related to the linkage of educational data via individuals, and the main contents are as follows.

  • I wonder why university diplomas and transcripts were mentioned as use cases. While gBizID and My Number Card are domestic systems, transcripts of higher educational institutions are an increasingly internationalized field. In institutional design, the fusion of macro credentials and micro credentials is essential, and in addition, it is a social requirement to incorporate credentials related to learning outside public educational institutions. I understand that this research and study focuses on the digitization of paper diplomas and transcripts, but I think it is important to consider the wider future and build a foundation that can be widely applied.
  • I feel that this discussion is based on the premise that there is a need for recipient universities and companies to receive graduation certificates as data. However, I wonder to what extent the system development and needs of the receiving side actually exist. In addition, it is unclear whether this discussion assumes the submission of certificates at the time of advancing to a higher education or whether it assumes a wider range of usage scenarios.
  • When data is transferred between legal entities via an individual, there is a concern that the data will take on a life of its own. Therefore, a mechanism in which the data is signed repeatedly is irrational in terms of the system. In principle, when the data is transferred via the Principal, it is sufficient to have the consent history of the Principal, and the shortest distance configuration is to link the system from the storage source organization to the receiving organization with the consent of the Principal.
  • The policy of "keeping both paper and electronic documents" described in the materials seems to overturn the basic policy in the course of consideration, and I feel that it is extremely unnatural. First, the system configuration (in other words, the direction of public investment) should be clarified for the case of "not going through the person", and then what kind of consent (in other words, authentication) is sufficient for the case of "going through the person" should be considered. Since we are considering to minimize authentication and signatures with the configuration shown in the materials, that is, the method of directly connecting systems, I think it is desirable to consider this simple mechanism. Even if it is through an individual, instead of returning to paper and resubmitting it, we should build a system that provides data directly from the original educational institution with the consent of the person when the educational institution asks for data.
  • There are many things that can be learned from the eIDAS (Electronic ID Authentication System) regarding the description of materials. Based on the concept and mechanism of such a system, a comparative study with the domestic system should be advanced.
  • Related to this discussion, there is a technical specification for digital badges called open badges, and its use is spreading among educational institutions and companies around the world as a way to realize not only macro but also micro credentials. Since open badges are based on a non-centralized concept and covered by technology, there are differences in thinking, and it is necessary to consider whether the approach of this research is appropriate. In the future, there is a high possibility that there will be a need to integrate open badges and this use case. Ensuring consistency with the direction of the global study at this stage will be the foundation for widely deploying the results of this project in the future. Therefore, it is important to confirm the direction at an early stage and verify whether there is any contradiction.
  • In the field of micro-credentials, such as open badges and eIDAS, the requirements for a recipient (verifier) differ culturally and from country to country, so unique developments are taking place frequently. It is extremely important to consider how Japan will respond.
  • The discussion of micro-credentials needs to proceed in parallel with the discussion of the mapping with macro-credentials, i.e. the accumulation of credits. In Europe, europass has a mechanism in place to accumulate micro-credentials and integrate them into macro-qualifications.
  • In this study, I believe that an intermediate solution of digitizing paper certificates and adding electronic signatures to PDFs is appropriate, but it is clear that this is not a permanent solution. It is good to promote e-seals first, but I think it is desirable to compile a survey and research looking ahead to the future.
  • There seems to be a suggestion to use the e-seal certified by Ministry of Internal Affairs and Communications because the method of actual existence of universities has not been established. However, it is recognized that the NIC Center of NIAD has ratified the regulations of UNESCO and operates the list of higher educational institutions (universities). If they have already been certified by Ministry of Education, Culture, Sports, Science and Technology and registered with NIAD, etc., it is more reasonable to proceed in the direction of utilizing the date of the institutions operated under the jurisdiction of Ministry of Internal Affairs and Communications, rather than each university obtaining the e-seal certified by Ministry of Education, Culture, Sports, Science and Technology individually.
  • If the system is connected between corporations and a mechanism to obtain the consent of individuals is in place, it should be re-examined when e-seals are really necessary. In addition, it is questionable whether each school is obliged to certify when sending and receiving data to and from overseas universities. Rather, it is more reasonable to build a mechanism for the government to send and receive data in bulk.

6. Administrative Communication

The secretariat explained the administrative communication.

Relevant policy