Large-scale social networks, interactive content, and ubiquitous mobile access have emerged as driving technologies in education and training. At the same time, data analytics presents new opportunities for assessing the effectiveness of training content and instructional strategies for different learners, understanding organizational trends across large volumes of education data, and utilizing this data to continually improve the way we train and educate. The Department of Defense (DoD) Instruction 1322.26 recommends the Experience API (xAPI) as the primary method for capturing learner performance across the DoD enterprise. xAPI statements are a form of JavaScript Object Notation (JSON), a common data format used across industry and Government.  In practice, xAPI Statements collect and store information about individuals and system performance within a Learning Record Store (LRS).

 xAPI captures data about all these formal learning experiences, but can also capture informal learning that occurs in work environments . Capturing data from the field provides great insight into learners.  xAPI presents an extremely complex cybersecurity challenge that includes multi-level security and the management of Personally Identifiable Information (PII). The Advanced Distributed Learning (ADL) Initiative has been analyzing the xAPI through the lens of accrediting to run on the Global Information Grid (GiG).

This paper will report on the results of this work by providing specific implementation guidance that is required for xAPI to conform to cybersecurity requirements. It will also provide an overview of current accreditation initiatives and an overview of related tools and technologies required to manage xAPI solutions. This paper will provide readers with a background on the relevant cybersecurity topics, explore use cases, and create awareness of the technology and its existing challenges within the DoD.