
PISN is a national initiative by the Ministry of Education, Research, and Technology that assigns unique identification numbers to diplomas and certificates issued by Indonesian universities. The system manages millions of records for thousands of university representatives nationwide, with every submission running through an automated, rule-based eligibility check. Administrators can also revoke numbers or grant exceptions, adjusting a student's eligibility status case by case. Because the rules shift with both central policy and university-level regulation, keeping the validation logic correct and current is an ongoing effort.
Backend
Frontend
Database
Infrastructure
The application had to pass a strict cybersecurity audit from the Ministry, focused on web server and data-protection vulnerabilities.
Audited Apache using OWASP and Wireshark, then configured ModSecurity with custom rules against SQL injection, XSS, and unauthorized access. The application passed the Ministry's compliance review.
Validating millions of records against dynamic, multi-level rule sets created both performance bottlenecks and logic complexity.
Built a modular, rule-based validation engine that updates without touching core logic, then optimized batch validation with async jobs and targeted database indexes.
Large-scale operations and frequent data imports put the system under sustained load.
Profiled and refactored slow code paths and tuned queries, keeping the system responsive even during heavy import cycles.
Exception and revocation workflows needed flexibility without putting data integrity at risk.
Designed a per-student and per-regulation override mechanism backed by audit logging and transaction safeguards.