In EZproxy 7.1, OCLC introduced an optional feature that releases pseudonymous identifiers to content providers. Pseudonymization is a data management and de-identification procedure by which personally identifiable information is replaced with one or more pseudonymous identifiers. Releasing pseudonymous identifiers to content providers enables them to identify an unauthorized e-content user—without obtaining personally identifiable information—so they don’t resort to turning off licensed databases. This allows for more continuous access for the library while continuing to honor library patrons’ rights to privacy. These features will help libraries
- Detect compromised credentials before they can be used to exploit other systems and data
- Save staff time from sifting through log files for compromised credentials
- Reduce interruptions in e-content access
Enabling the pseudonymous identifier will release a short-lived, opaque ID to allow content providers to distinguish between individual users (not identify them). This will help realize benefits of content provider intrusion detection systems while continuing to honor patron privacy. Libraries and content providers can use these IDs to resolve issues without blocking campus access.
How to enable the identifier
The identifier is enabled when you define a secret for the identifier. This secret does not allow publishers to decode privacy information but is used to cause each EZproxy site to send a differently-encoded identifier via hashing.
In config.txt, this statement must be included to enable the identifier:
Identifier Secret <a-value-you-set-here>
where <a-value-you-set-here> is a string that will be used as part of the hashing process. Restart your EZproxy server after adding this configuration statement.
Identifier Secret WQpx*YhF5Y?Wad?M
Note that messages.txt will indicate that the identifier feature is enabled at EZproxy startup.
In order to receive the identifier, each publisher must enter into a data protection agreement with OCLC in order to preserve patron privacy. The following publishers are currently participating:
- American Chemical Society
- Elsevier (ScienceDirect)
- The Optical Society
When a Secret value is established, the pseudonymous identifier will by default be sent to all participating publishers, though it can be disabled on a per-publisher basis. The syntax for disabling the identifier for a specific publisher is:
Identifier Disable <publisher>
The possible values for <publisher> are acs.org, osapublishing.org, and sciencedirect.com.
- The identifier is sent via x-headers and is between 80 and 90 bytes long.
- The identifier is one-way hashed and cannot be processed by publishers to get identifiable information such as a username.
- The identifer is generational; it only has a lifetime of 30 days. Two generations (60 days) are kept in the identifier database.
- Different hashing routines are used for different publishers.