xAPI/cmi5 in the administration

Using the Learning Record Store (LRS)

A Learning Record Store (LRS) is a prerequisite for the use of xAPI/cmi5 objects. An LRS is used to store and retrieve data in accordance with the xAPI specifications. In addition to statements, data consists primarily of states. Statements can be used for reporting, analysis and, depending on the LRS settings, also for collaborative scenarios. States only serve as a (temporary) cache for xAPI-using applications.

Suitable LRS

In principle, you are not restricted to a specific LRS when using ILIAS. You can also connect different LRS to ILIAS in parallel. However, there are specific views in ILIAS, for example for the generated xAPI statements, which are based on the widely used MongoDb-based LRS Learning Locker. Learning Locker is also available in an open source version.

Performance and data protection

Depending on the xAPI-using applications (e.g. learning modules), a lot of data can end up in an LRS. This can affect the performance and executability of xAPI/cmi5 objects. If a cluster solution is not possible, it may be advisable to operate several LRSs in parallel, and for data protection reasons it is also advisable to use the data minimization options provided by the ILIAS-specific xAPI proxy. if an LRS is not operated by the user or if data needs to be stored for longer for analysis or research purposes, we recommend pseudonymizing the data. This is possible with ILIAS without losing the assignment of data to specific users. The prerequisite for this is the use of the ILIAS-specific xAPI proxy.

Add LRS types

Availability

Not all Learning Record Stores (LRS) have options for deleting data. It may therefore be advisable to restrict access to an LRS for certain scenarios or time periods. You have the following options for availability:

  • for new and existing properties
  • for existing properties
  • not available

When collecting data, always think about how you can remove data that is no longer required.

Identification of persons

When using the ILIAS xAPI proxy, which is always required when using cmi5 content, you have the option of pseudonymizing the data stored in the LRS. If possible, use the option 'Hash combined with a unique ILIAS platform ID formatted as an e-mail address' for the identification of persons and the option 'None' for the login name. This is particularly recommended if you do not operate an LRS yourself.

If you want to prevent profiles from being created across multiple objects based on the account ID, you should use the option 'Random ID combined with a unique ILIAS platform ID formatted as an email address' for pseudonymization. A random ID is generated for each ILIAS object and ILIAS account, which remains identical each time it is called up, but which greatly restricts conclusions about specific ILIAS accounts. This is particularly recommended if content is obtained from external servers and it is unclear whether and how data is collected on these external servers.

You should only not use a pseudonymization option if the data in the LRS is to be linked to other systems, for example to verify qualifications achieved, or if collaborative scenarios are to be implemented via the LRS for which a clearly assignable identification of persons across systems is required.

With ILIAS you have the option of creating several LRS types. In the case of the LRS Learning Locker, these can also be different clients in an LRS.

Data minimization

Content using xAPI often wants to store large amounts of data. This contradicts the principle of data minimization. With ILIAS, you can allow a complete data flow for specific scenarios (e.g. evaluation) and also restrict it again. You have the following options:

  • Only save data on learning success (with further options)
  • Blacken data (note that LRS sometimes save a value for the entry date themselves, so avoiding time stamps may not be expedient)
  • Do not save sub-statements

Since ILIAS is perceived as LRS for xAPI-using content when using the ILIAS xAPI proxy, it is not apparent to this content that data is not saved. Only in the event that supposedly stored data is to be retrieved, the content cannot access data