L’Hexagone

+

L’Intelligence Artificelle

L’Hexagone I.A.

Lexagonia

The World’s First Truly Customized Educational Experience

Overall Architecture

We propose a modular, microservices-oriented architecture to ensure scalability, maintainability, and flexibility. This approach allows different components of the platform to be developed, deployed, and scaled independently. The architecture will be layered to separate concerns, issues, troubleshooting and updating.

Presentation Layer (Frontend):

This layer will be responsible for rendering the user interfaces for students, teachers, administrators, and parents. It will be built as a responsive web application accessible via modern browsers.

Application Layer (Backend Services):

This layer will house the core business logic, API gateways, user management, and orchestration of AI services. It will expose RESTful APIs for the frontend to consume and will manage communication with the AI/ML layer and the data layer.

AI/ML Layer (Intelligent Services):

This is where the Personalized Student Tutor Agents and Specialized Topic AI Agents will reside. These agents will be developed as distinct services, potentially leveraging Large Language Models (LLMs) and Retrieval Augmented Generation (RAG) techniques to interact with curriculum data and provide personalized tutoring.

Data Layer (Persistence):

This layer will manage all data storage, including student profiles, interaction logs, curriculum content, and analytics data. It will utilize a combination of relational and vector databases suited for different data types and access patterns.

Integration Layer:

This layer will handle communication with external systems such as Canvas (LMS), EDUCATE (SIS), and potentially Zoom or calendar services in future phases. It will use APIs provided by these external systems.

Programming Approach and Philosophy

Modularity and Reusability: Code will be organized into well-defined modules and components to promote reusability and ease of maintenance.

Programming Approach and Philosophy

Test-Driven Development (TDD) / Behavior-Driven Development (BDD): We will incorporate comprehensive testing strategies, including unit tests, integration tests, and end-to-end tests, to ensure code quality and reliability.

Programming Approach and Philosophy

Agile Methodology: Development will follow an agile methodology, allowing for iterative development, frequent feedback loops, and adaptability to changing requirements.

Programming Approach and Philosophy

Security by Design: Security considerations will be integrated into every stage of the development lifecycle, from architecture design to coding and deployment.

Programming Approach and Philosophy

Scalability and Performance: The system will be designed with scalability and performance in mind, utilizing efficient algorithms, optimized database queries, and appropriate caching strategies.

Components: Front End

User Interfaces (UIs): Separate, responsive UIs will be developed for:

    • Student View: Main interaction point with the Personalized AI Tutor (chat interface), progress dashboards, access to learning materials (if linked from Canvas).
    • Teacher View: Dashboard to monitor student progress within their classes, view class averages per topic, and identify students needing support (MVP: basic analytics).
    • Admin View: User account management (manual creation/deactivation), school-wide analytics, system configuration.
    • Parent Observer View: Restricted view of their child’s progress and AI interactions.
  • State Management: A robust state management solution will be used to manage application state, user sessions, and data fetched from the backend.
  • API Communication: The frontend will communicate with the backend services via RESTful APIs.
  • Real-time Chat (Future Consideration): While the MVP might rely on standard request-response cycles for chat, future enhancements could incorporate WebSockets for a more dynamic real-time chat experience, managed by a dedicated backend service.

Components: Backend - API Gateway

 

Acts as the single entry point for all requests from the frontend applications.

Handles request routing to the appropriate downstream microservices.

Can manage cross-cutting concerns like initial authentication token validation, rate limiting, and request logging.

Initially, this might be part of a more monolithic Flask application that is later decomposed.

Components: Backend -User Authentication and Authorization

 

Manages user registration (manual by admin), login (email/password, MFA for MVP), and session management.

Implements Role-Based Access Control (RBAC) to enforce permissions for different user types (student, teacher, admin, parent).

Interacts directly with the User Profile Database for credential verification and role retrieval.

Components: Backend - Student Profile Service

 

Manages all data related to student profiles, including academic progress, learning history, identified strengths/weaknesses, and personalized learning preferences.

Provides CRUD (Create, Read, Update, Delete) APIs for student data.

Interacts with the primary relational database (Student Profile DB).

Components: Backend - Curriculum Service

 

Responsible for accessing and managing curriculum content.

For MVP, it will interface with Canvas (via API, if available, or manual upload) to retrieve static curriculum documents (PDFs, Word, videos, etc.).

Will include functionality to process and prepare content for the AI/ML layer (e.g., text extraction, chunking for RAG).

Provides curriculum data to the Specialized Topic AI Agents.

Components: Backend - Analytics Service

 

Collects learning data from various sources (e.g., interaction logs from the AI Orchestration Service, progress data from the Student Profile Service).

Processes and aggregates this data to compute KPIs (mastery rate, methodology understood, question accuracy).

Provides data to the frontend for teacher and administrator dashboards.

AI/ML Layer

Personalized Student Tutor Agent Logic:

Maintains an evolving model of each student’s knowledge, learning style, and preferences, stored in the Student Profile Database.

Adapts its communication style, explanations, and questioning techniques based on this model.

Determines when to provide direct information, when to ask guiding questions, or when to query a Specialized Topic Agent.

Crucially, it curates the output from Specialized Topic Agents to ensure it is appropriate and optimized for the individual student.

Responsible for generating questions to assess if the student has understood the methodology, logging these assessments.

AI/ML Layer

Specialized Topic AI Agents:

A collection of agents, each an expert in a specific curriculum topic.

Utilizes Retrieval Augmented Generation (RAG) to access and reason over the curriculum content (stored in the Vector Database and sourced from the Curriculum Service).

Generates explanations, examples, and answers to specific questions within their domain, strictly adhering to the scope of the student’s curriculum.

Receives queries from the AI Orchestration Service and returns structured information.

AI/ML Layer

RAG Pipeline & Vector Database:

Content Ingestion: Curriculum documents (from Canvas via Curriculum Service) are processed, chunked into manageable pieces, and converted into vector embeddings using a sentence transformer model.

Vector Storage: These embeddings are stored in a Vector Database and indexed for efficient similarity search.

Retrieval: When a Specialized Topic Agent needs information, it queries the Vector Database with the student’s question (or a derived query) to find the most relevant curriculum chunks.

Generation: The retrieved chunks are then passed as context to an LLM, along with the original query, to generate a grounded and accurate answer.

Data Flow

Module Interaction Flow Example (Student Asks a Question):

  1. Student types a question into the Student UI (Frontend)
  2. Frontend sends the question via API to the API Gateway (Backend).
  3. API Gateway routes the request to the AI Orchestration Service (Backend).
  4. AI Orchestration Service retrieves the student’s context (profile, current topic) from the Student Profile Service (Backend).
  5. The Personalized Student Tutor Agent logic (AI/ML Layer) analyzes the question and student context. It decides how to proceed.
  6. If the question requires specialized knowledge, the Personalized Student Tutor Agent instructs the AI Orchestration Service to query a specific Specialized Topic AI Agent (AI/ML Layer).
  7. The Specialized Topic AI Agent uses its RAG pipeline to query the Vector Database for relevant curriculum content, then uses an LLM to generate an answer based on the retrieved content and the question.
  8. The Specialized Topic AI Agent returns the structured answer to the AI Orchestration Service.
  9. The Personalized Student Tutor Agent logic (via the AI Orchestration Service) receives this answer, curates/adapts it for the specific student (e.g., simplifies language, adds context based on student’s prior knowledge).
  10. The AI Orchestration Service sends the final, curated answer back through the API Gateway to the Frontend.
  11. The Frontend displays the answer to the student in the chat interface.
  12. Throughout this process, relevant data (interaction, AI decisions, student understanding assessment) is logged by the AI Orchestration Service and potentially the Analytics Service.

Security Considerations

Authentication and Authorization:

Strong Authentication: Standalone login system with email/password and Multi-Factor Authentication (MFA) for all users.

Secure Session Management: Use of secure, short-lived session tokens (JWTs) transmitted via HttpOnly cookies to prevent XSS attacks from stealing tokens.

Role-Based Access Control (RBAC): Granular permissions enforced at the API level by the backend services to ensure users can only access data and functionalities appropriate to their roles (e.g., students only access their own data, teachers only their classes).

Security Considerations

Data Encryption:

    Encryption in Transit: All communication between the frontend, backend services, and external systems (like Canvas) will use HTTPS (TLS 1.2 or higher) to encrypt data in transit.

    Encryption at Rest: All sensitive data stored in databases (Student Profile DB, Interaction Logs) and object storage (curriculum files, backups) will be encrypted at rest using industry-standard encryption algorithms (e.g., AES-256). Database services from cloud providers typically offer managed encryption at rest.

    Encryption Key Management: Secure management of encryption keys, potentially using services like AWS KMS, Google Cloud KMS, or Azure Key Vault.

    Security Considerations

    Network Security:

      Firewalls and Network Segmentation: (Recommended) Use of firewalls to restrict traffic to and between services. Network segmentation to isolate different parts of the infrastructure (e.g., separating the AI/ML layer from the user-facing application layer).

      Intrusion Detection/Prevention Systems (IDS/IPS): (Recommended) Monitoring network traffic for malicious activity.

      DDoS Protection: (Recommended) Utilizing cloud provider services for DDoS mitigation.

      Security Considerations

      Application Security:

        Input Validation: Rigorous validation of all user inputs on both frontend and backend to prevent common vulnerabilities like SQL injection, Cross-Site Scripting (XSS), etc.

        OWASP Top 10: Adherence to OWASP (Open Web Application Security Project) guidelines to mitigate common web application vulnerabilities.

        Dependency Scanning: (Recommended) Regularly scan application dependencies for known vulnerabilities and update them promptly.

        Secure Coding Practices: Training administrators on secure practices and conducting regular updates and reviews with a security focus.

        Security Considerations

        Compliance and Data Privacy:

          FERPA (Family Educational Rights and Privacy Act): Design and data handling practices will comply with FERPA requirements for protecting student educational records.

          COPPA (Children’s Online Privacy Protection Act): For future expansion to primary school, the architecture will be adaptable to incorporate COPPA compliance measures (e.g., verifiable parental consent).

          Data Residency: Student data will be stored in US-based data centers as per client requirements.

          Data Minimization: Collect and retain only the data necessary for the platform’s functionality and student learning improvement.

          Privacy by Design: Integrating privacy considerations into the system design from the outset.

          Security Considerations

          Logging and Monitoring:

            Comprehensive Logging: Detailed logging of system events, API calls, authentication attempts (successful and failed), and administrative actions for auditing and security incident investigation.

            Security Monitoring: (Recommended) Real-time monitoring of logs and system activity for suspicious patterns or security breaches.

            Alerting: Setting up alerts for critical security events.

            Security Considerations

            Regular Security Audits and Penetration Testing:

              (Recommended) Conducting periodic independent security audits and penetration tests to identify and address potential vulnerabilities.

              Get in touch

              Contact Us 

              (440) 841-3646

              info@airitual.com