CVWO

Active Ageing Centres

Background
CVWO’s work with eldercare centres began in 2007, when we
built an IT system for Geylang East Home for the Aged
(GEHA) to support their daily operations and simplify the
process of generating reports.

Over the years, the original system has expanded to support

eldercare centres of varying types (back then, the main types
were Senior Activity Centres, Neighbourhood Links, and
Active Ageing Hubs), while evolving to stay relevant to
operational needs. The overarching goal of these centres is
to support vulnerable or lower-income seniors by serving as
drop-in centres in the community. There, seniors can
socialise with their peers, participate in activities, and be
connected to other services. The system has thus helped
centres all around Singapore better serve tens of thousands
of seniors over the past decade and more.

In 2021, the original system was being actively used by 11

eldercare centres from Care Corner Singapore, GEHA and
Sheng Hong Active Ageing Hub. This was also when the
Ministry of Health (MOH) and the Agency of Integrated Care
(AIC) started rolling out a new eldercare service model,
where active ageing-related services will be extended to all
seniors across the nation.

Eldercare centres will now serve as a key point of contact for

all social-health matters, provide opportunities for
volunteering among seniors in their community, and o!er
the following four main services:

Current eldercare centres will be transitioning to the new

model of care from 2021 to 2024 and will be rebranded as
either Active Ageing Centres (AACs) or Active Ageing Care
Hubs (AACHs) based on the services they provide.
Additionally, the number of seniors per centre is increasing
substantially from 300–500 to 3000–4000. This makes it
crucial for the centres’ operations to be supported by
suitable IT systems to reduce manual work.

The 2021 team did an amazing job of porting the previous

system, which was built with Ruby on Rails, over to Golang,
resulting in higher scalability and improved performance.
However, due to the large scale of the project back then, it
resulted in little time to push out additional features,
especially ones needed to help centres transition to this new
model of care.

The 2022 team thus set out to overcome a few key

challenges.

Current Challenges

Befriending & Buddying

Befriending & Buddying (B&B) is a service where volunteers
and sta! members would check in regularly on higher-risk
seniors. This is a process that is relatively new to most of the
existing eldercare centres, and thus these centres require
more support from our end to fully transition. As the team
last year was focused on rewriting and upgrading the
application, they, unfortunately, did not have the time to
build a comprehensive set of functionalities to support B&B.

As such, some of the processes on the ground were not

supported fully by our system, resulting in workarounds and
manual work being done. For example, the recording of
visits done under B&B was facilitated via Microsoft Forms,
and the use of an external system meant that volunteers had
to key in a lot of data manually, and the sta! would transfer
that information into our system, once again, manually.

This issue becomes increasingly severe as the number of

seniors that each centre serves grows day by day.
Furthermore, B&B is a high-engagement programme, which
meant that scalability is key as the number of seniors and
number of volunteers grow.

Security & Access Control

Previously, basic authentication was implemented for the
application, but there was no access control framework
utilised. What this meant was that all users had access to all
functionalities of the application, except for a minute few,
which were guarded using hardcoded checks.

Though this was su"cient for the initial launch of the

rewritten application, an access control framework needed
to be brought in as soon as possible, to not only improve
security such that only people who need the data should be
able to access it, but to also provide configurability for each
centre, since di!erent centres can have di!erent access
requirements.

Furthermore, organisations were asking for Two-Factor

Authentication (2FA) so that their data and processes can be
more secure. This is also in line with the national agenda of
improving cyber-security. One specific example where 2FA
should be required would be to view a senior’s NRIC
number, as enforced by the Personal Data Protection Act
2012.

Scalability to 220+ centres

Bringing a new centre onboard to our application used to be
a very manual process. It required the spinning up of
relevant databases and infrastructure. Furthermore, there
was no way for organisations to manage their centres on the
CVWO system easily, should they have more than one
centre. They would need to go through each of the separate
centre instances, as we are employing a multi-tenancy
approach, where each centre is a tenant.

There needed to be some way for both CVWO to e"ciently

manage organisations that join us, as well as for the
organisations to manage their centres and sta! members.

Key Contributions
Volunteer Application
To tackle the challenge of manual data collection and entry,
as well as the increasing number of seniors that a centre
needs to care for, we developed a one-stop mobile-friendly
progressive web application for the volunteers to use, which
will in turn simplify processes for the centres too.

The app works in conjunction with CVWO’s existing web

application, and data would be shared across. Previously,
volunteers had to manually key in a lot of information about
the senior via Microsoft Forms, e.g. a senior’s name, address,
etc. Now, all of this information is pulled directly from the
CVWO system - they just need to select who they want to
visit.

Furthermore, the application is designed to make data entry

extremely easy for volunteers - just a few taps and the visit
record would be completed. They can even take a quick
photo of an issue that the senior is facing and it will be saved
together with the record!

This process of designing a form for volunteers to fill up was,

unfortunately, not straightforward, as there is no o"cial
requirement for the information to collect for B&B from the
government, so every centre had their own standards. Our
team thus had to discuss with the various centres to find out
more about their requirements, and from there, design a
shared form that would satisfy everyone’s needs.

•BelfiendingRecords|AAC

demo.aac-stagina.com/befriendingbefriendingrecords Qa©*©Incognito

DemoActiveAgeingCentre GUY@GMAIL.cOMB

HomeBefriendnoRecords

PENDING

PendingBefriendingRecords ChADDRECORD

OSearchbybefriendeenameorNRIC QSEARCH

AdvancedSearch

Community

Screener

Betriendinga

itBuddying SIN aranaunterme sentenderrresens modeosserviceelvery VisasaTues

Thu,14Jul2022,2:28PM Face.To-FaceOtheral VeryGood

ÉRecords Tha,14Jul2022,2:28PM
AnthonyAng
ChanARE FaceToFace(Others) haired VerYGOOD

Thu,14Jul2022,2:28PM HoYinLes ChanAB Face.ToFaceOtheral VeryGood

Well
IReports AdiHasan,
Fri,22Jul2022,11:59AM CaREKEAST

SethFang
Tessa FacerosaceaSenite VickedE
SickorInjured
Administration AdiHasan.
Fri.223012022.11158AM TestStaff PhoneCall Visited VeryBad CARTSCH Sickorinjured
BothPang

Thu,21Jul2022,12:59PM AuWeeTat TeePiFive vonroĸоптотополоот PACOSTOPACOALSONO VISITOGE Sickorinured

Thu,21Jul2022,3:25PM AuWeeTat Murieadmin

Thu,21Jul2022,3:23PM AuWeeTat Face-To-FaceAtCentre Visited

DemoStaff

Thu,21Jul2022,9:00AM AuWeeTat Dotoshin

10 Wed,20Jul2022,10:43AM TechSan SARDIAISAS

Rowsperpage:10Y 1-10of28

ReviewBetriendingRecordA

demo.aac-staging.com/befriending/befriending_records/32/edit

DemoActiveAgeingCentre GUY@GMAIL.COMG

Home/BefriendingRecords/Wed,20Jul2022,10:43AM(FatimahAbdullah)

ReviewPendingBefriendingRecordforFatimaAbdullah •DELETE

RecordDetails

FatimahAbdullah FatimahAbdullah(BefriendingGroup)

20/07/2022 Phonesal

Community VisitStatus©Visited ONotin

Screener

EndTime*
10:43 10:44
Bettiendino&

itBuddying
Good Confused Well

ÉRecords

dhaReports BefrienderAttendance

Administration •KwokGeokLeng
"bethFang

AdiHasan

StaffAttendance

•DemoStaff

©DemoUser
TestStaff

•ReviewBefriendingRecordAr

§demo.aac-staging.com/befriending/befriending_records/32/edit ©*O€Incognito

DemoActiveAgeingCentre GUY@GMAIL.COMB

©Lighting

©Plumbing
resInaes ~PestControl

•HomePhoneMobilePhone

Community

Screener

Bettiendino& COthers(Maintenance)
itBuddying

ÉRecords
ServicesNeeded
dhaReports wMedicalEscort •PersonalHygiene
•MealDelivery ©MobilityEquipment
•HomeMedical/Nursing ©Housekeeping •Daycare/Counselling ©FinancialSupport
AdmInistration

APPROVEBEFRIENDINGRECORD

On the centre side, the integration of these two applications

means that the sta! members no longer need to manually
transfer the data from the form to our system, since visit
records submitted are already within our system. After
volunteers submit their records, a notification is shown on
the main application, where sta! members can see a list of
recently submitted visit records. They can then review the
submitted records to ensure that the data is accurate,
complete and free of issues, in which case, the records can
be approved. This new workflow allows the sta! members to
now focus on verification instead of data entry, allowing
centres to scale up their processes greatly.

Lastly, a number of our volunteers are actually seniors

themselves, and many of these seniors primarily converse in
their mother tongues. Thus, to allow everyone to
meaningfully engage in befriending and buddying, we have
also provided multi-language support, and the volunteer can
easily switch between languages on the application.

Access Control and Two-Factor

Authentication
Traditionally, CVWO uses Role-Based Access Control (RBAC)
frameworks for our applications, where sta! members have
di!erent levels of access to di!erent types of resources
based on their roles. This approach is preferred because it
allowed the centre managers to configure the permissions
for their sta!, as reasoning about RBAC is quite intuitive.

Our team, however, was quite ambitious when designing our

access control framework. We would still support a RBAC-
based user interface for managing permissions, but we
wanted to go with a more flexible Attribute-Based Access
Control (ABAC) approach, where decisions are driven by
policies, which themselves make use of the attributes of the
user and the resource being accessed to make a decision.

An example of how ABAC can be more flexible would be

when checking if a user (who can be a sta! member or a
volunteer) has access to a senior’s basic information for B&B
purposes. ABAC allows us to:

Check if the user is a sta! member, and if so:

Check if the sta! member is allowed to view
information on seniors (as configured by the
centre manager). If so, allow access.
Else, deny access.
Check if the user (who must be a volunteer, by
elimination) is in the same befriending group as the
senior. If so, allow them to access the information.
Else, deny access.

Each of these checks would be a hardcoded block of code if

we were to adopt a RBAC approach, whereas each of these
checks would just be a policy in our ABAC framework. This
leads to not only greater reusability of code, but also cleaner
abstractions, since developers just need to code policies that
return “Allow” or “Deny”, and the framework does rest of the
heavy-lifting. This is especially the case for the check on
whether the volunteer is in the same befriending group as
the senior - the required logic can be encapsulated within
the policy.

In addition, we saw ABAC as a way to integrate 2FA. Not all

organisations require 2FA for the same things - some may
want their sta! members to perform 2FA when updating
data for seniors, whereas some may not. It made sense to tie
this 2FA checking with access control checks, since 2FA can
be seen as another layer of access control.

This meant that the first step above can be rewritten as:

Check if the user is a sta! member, and if so:

Check if the sta! member is allowed to view
information on seniors (as configured by the
centre manager). If not allowed, deny access.
Check if viewing information on seniors requires
2FA (as configured by the centre manager). If it
does not require 2FA, allow access.
Check if the user has done 2FA recently (based
on cache duration). If yes, allow access.
Ask the user to do 2FA.

We thus now have a third possible outcome, which is “Need

2FA”. This should trigger a 2FA check for the user.

As no such Golang package exists that fits our need, we

implemented our ABAC framework from scratch. We made
sure that the framework abstracted away the complexity so
that it is easy for future developers to add new policies as
required.

We also support RBAC-style management for the centre

managers, since as previously mentioned, it is often easier
for manager to reason about access control based on the
di!erent roles in their centre. Note that this level of
management is highly granular, as managers can configure
permissions for the creation, reading, updating and deletion
of each resource.

2FA was also successfully rolled out together with the

permissions, allowing the centre managers to configure
when 2FA checks are needed at a fine-grained level. Of
course, upon successful verification of identity via 2FA, there
would be a duration afterwards where the user would not
need to verify again, where their successful authentication is
cached - otherwise, they would be doing 2FA for potentially
every action, making the system unusable. In addition to 2FA
on accessing resources, we also introduced 2FA on login,
which guards against unauthorised entry to the system as a
whole.

In addition, our team worked on providing multiple means of

2FA, supporting authentication via email, SMS and
authenticator applications. This allows sta! members to
choose any method that they prefer, allowing our 2FA to be
easy to configure, and the user experience as pleasant as
possible.

Admin Dashboard
To reduce the manual work required for onboarding and to
increase the ease of cross-centre management for the
organisations, our team designed an admin dashboard that
acts as a central platform for managing all centres on our
system. This platform would provide greater visibility for
both the CVWO team as well as the administrators of each
organisation.

The design process was not straightforward, given that the

system was designed to support multi-tenancy, with each
centre being a tenant. This meant that there is a separate
database for each centre. And now, our admin dashboard
needs to be able to bring together all the data across all the
tenant databases, yet provide a fast and smooth experience
for the user. At the heart of this, the key challenge lied in
ensuring that shared data across tenants/centres remained
synchronised somehow. There were a few possible ways to
tackle this challenge - some requiring major refactoring of
the database schemas to ensured single sources of truth but
resulting in greater coupling between tenants, whereas
others required expensive queries for all operations but kept
coupling low. After extensive discussion and brainstorming,
our team arrived at a solution that provided a middle ground
- where minimal changes needed to be made to the schema
but allowed for relatively fast queries and synchronisation as
a whole.

We thus arrived at an admin dashboard that met our needs.

To start o!, the admin dashboard allows for an easy
onboarding of new centres and organisations, as no longer
were manual scripting and database management needed -
all the infrastructural complexity has been abstracted away
to behind simple forms, increasing the scalability of CVWO in
the long run.

Furthermore, the admin dashboard provides one-stop sta!

management for the organisation administrators, as they
can now conveniently view and update the particulars of
their sta! members, and can just as easily redeploy their
sta! across di!erent centres.

Lastly, one more factor that increases the scalability of

CVWO is how these administrators can now manage their
centres’ configurations themselves, a process which used to
require the CVWO team to handle. The new admin
dashboard interfaces make such updates easy, allowing for
greater autonomy and enabling administrators to customize
their centres’ applications to suit their needs. For example,
some of these configurations include the reports to show on
the application.

Others
In addition to all the features mentioned above, our team
also worked on enhancing the application and fixing bugs.
Some of the more significant improvements are:

Migrating to Amazon Simple Email Service from basic

SMTP, which allows us to have smoother mailing and
also a much higher number of free emails per month.
This is in preparation for the emails sent for 2FA
verification purposes.
Implementing data encryption at suitable locations,
e.g. databases, etc. for improved security.
Redesigning of existing screens to enhance workflows.
Improve error handling throughout the application.
Upgrading the design system used in our application.

Project Team

Zhu Hanming (Project Lead, Year 3)

Richard Dominick (Deputy Project Lead, Year 1)
Marcus Pang Yu Yang (Deputy Project Lead, Year 1)
Emily Ong Hui Qi (Deputy Project Lead, Year 1)
Mai Ting Kai (Developer, Year 1)
Zhu Yuanxi (Developer, Year 1)
Tan Yi Xian (Developer, Year 1)
Bryan Lim Jing Xiang (Developer, Year 1)
Sng Haoren (Developer, Year 1)
Lee Zong Xun (Developer, Year 1)
Shah Devansh Apoorva (Developer, Year 1)
Wu Changjun (Developer, Year 1)
Joe Eng Yu Siang (Developer, Year 1)
Tiang Hui Zheng (Developer, Year 1)
Lien Cai Ting (Developer, Year 1)
Quek Jia Zhi, Shaun (Developer, Year 1)

Afterthoughts
It has been an awesome experience
working with these brilliant team
members – it was really heartening to see
everyone learn and grow over the
summer, and I also learnt a lot from each
and every one of them. I am glad to have
been able to serve through CVWO once
again.
– Hanming

I’m very grateful to have been given the

opportunity to meet and work with lots of
amazing people at CVWO. I learnt a lot of
very valuable lessons and am amazed at
the amount of good work all of us have
been able to accomplish in such a short
period of time this summer!
– Richard

CVWO has transformed my summer into

an exciting, intense, and impactful one. I
am deeply grateful for the opportunities
to work on such meaningful projects, and
I am proud to have worked alongside my
teammates for the past 3 months.
– Marcus

An awesome opportunity to apply our

software engineering skills to interesting
problem domains as a team, and learn
how to factor in users’ context and
requirements to tackle the right
problems!
– Emily

CVWO has been an extremely enriching

experience. I developed software
engineering experience and seen its
immediate, tangible impacts. I’ve
experienced it from the top-down:
Abstracting from problem statements
provided by the clients to quickly
delivering code that solves their workflow
needs. I am very grateful to be given this
opportunity to work with so many talents,
from Prof Ben, to my team leads, and my
fellow CVWO members!
– Ting Kai

A very fruitful summer! Through CVWO, I

have learnt to deal with the complexity of
real-world problems and pick up valuable
skills. I am extremely grateful for the
opportunity to work in such an amazing
team on a meaningful project.
– Yuanxi

CVWO is life-changing. I would not have

spent my summer any other way. We
meet amazing people, empower
voluntary organisations and learn things
we would never learn in school. Looking
at the future plans for CVWO, I would say
things are about to get really exciting
from here :D
– Yi Xian

From liaising with clients, analysing

requirements and workflow to designing
UI/UX and database schemas, CVWO has
been a great learning experience for me. I
am also glad to have met such great
teammates who have continued to
inspire and impress me with their work
throughout the summer.
– Bryan

CVWO has been a challenging, yet fun

experience working together with peers
who are passionate about their work.
Really thankful for the opportunity to try
new things and apply the knowledge that
I learnt in school!
– Haoren

I am thankful for the opportunity that

CVWO has given me. It has given me a
better understanding of myself, my skills
and shortcomings, as well as how things
learned in the classroom may be used in
the real world.
– Zong Xun

CVWO was more than just about software

engineering. It was about learning to
solve challenging real-world problems,
asking the right questions, and doing
meaningful work. Overall, an invaluable
and unforgettable learning experience!
– Devansh

CVWO has been an enriching journey for

all of us. There are many things I have
learned as a software developer that I
won’t be able to learn in class. I am very
grateful to be given this opportunity to
work with my amazing teammates while
doing something meaningful and serving
the community!
– Changjun

My growth as a developer over the

summer has been incredible. It was
extremely inspiring working with such
capable teammates!
– Joe

While CVWO has been an intense journey,

at the end of the day I learnt a ton and
had lots of fun. Definitely honoured to be
given this opportunity to work with the
team, and make an impact to the
community in such a unique way :D
– Hui Zheng
 From CVWO, I learnt that it is crucial to
think about not just the ‘how’ of solving
an issue, but also the ‘why’. This has been
a truly meaningful experience, and I am
grateful to CVWO for giving me this
opportunity to learn and work alongside
really brilliant people!
– Cai Ting

CVWO has been an amazing opportunity

for me over the past summer: throughout
these past 3 months, I have not only
learnt many new technical skills, but also
experienced how to collaborate with
others and to interact with clients, among
other soft skills that I wouldn’t have had
the chance to pick up otherwise. Having
also worked with many talented and
friendly peers, I have thoroughly enjoyed
my time during CVWO as well. Overall,
CVWO has truly been an invaluable
experience for me, and was a wonderful
opportunity to engage in meaningful,
impactful work while growing as a
software engineer.
– Shaun

We would like to express our heartfelt gratitude to the

following people who have been influential and supportive
during our project:

Prof Ben Leong (NUS) for his advice and guidance.

GIC for their generous support of the CVWO
programme.
Sharon Tang, Daniel Lam, Samuel Chan, Jun Liang
Cheong, Angie Poh, Sharleen Lau (Care Corner), Joelyn
Liau, Jay Au, Janice Tan (GEHA), Lee Soo How and
Rajaletchumiy (Sheng Hong) for their co-operation and
support throughout the Active Ageing Centre project.

 
Copyright © 2023. NUS Computing for Voluntary Welfare Organisations