Pseudonymization


Introduction

TRAX LRS provides a pseudonymization feature which consists in replacing agents identities by artificial identities for all the incoming statements.

When this feature is enabled, the statements of your LRS no longer contain real agents identities (except for the authority).

Configuration

{danger} Configure the pseudonymization before starting to record statements. Then, don't change these settings or you may get inconsistent behaviors.

Enabling pseudonymization

Pseudonymization is disabled by default and can be enabled in the .env file.

To enable both agents and groups pseudonymization:

XAPI_STORE_PROFILE=full_pseudo

To enable agents pseudonymization only:

XAPI_STORE_PROFILE=partial_pseudo

Artificial identities

Artificial identities looks like this:

{
    "account": {
        "name": "3f81141f-f4a8-42d3-9be0-99637cc32548",
        "homePage": "http://pseudo.traxlrs.com"
    }
}

The account.name is a generated UUID. The account.homePage can be configured in the .env file:

XAPI_STORE_PSEUDO_IRI=http://pseudo.traxlrs.com

Getting the relation between real and artificial agents

When pseudomization is enabled, TRAX LRS keeps the relation between real and artificial identities. This relation can be checked with the standard Agents API.

Filtering with artificial identities

You can use artificial identities in the agent filter of the standard Statements API. It will return statements with artificial identities.

Filtering with real identities

As long as the relation between the real and artificial agents exists, you can use real identities in the agent filter of the standard Statements API. It will return statements with real identities.

Removing real identities

You can remove real identities from the LRS, which is a great feature to comply with the GDPR. The statements are not removed. They stay into the LRS with artificial identities.

The standard API does not provide any feature to remove agents from an LRS. However, TRAX LRS extended APIs does.

In order to remove an agent from the LRS, you a client/access with the Manage xAPI Data permission.

Then, you can use the endpoint http://traxlrs.test/trax/api/<uuid-generated-for-your-access>/xapi/ext/agents with the DELETE method and the following parameters:

{
    "filters": {
        "agent": { 
            "account": {
                "name": "john",
                "homePage": "http://traxlrs.com"
            }
        }
    }
}

Impact on performances

Pseudonymization has a significant impact on performances, both for writing and reading operations.

During writing operations, agents and relation tables must be updated and statements must be modified before being written.

During reading operations, real agents identities must be get from the agents table and statements must be modified before being returned.