Reference : PriLok:Citizen-protecting distributed epidemic tracing
E-prints/Working papers : Already available on another site
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/43191
PriLok:Citizen-protecting distributed epidemic tracing
English
Esteves-Verissimo, Paulo [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Decouchant, Jérémie mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Volp, Marcus [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Esfahani, Alireza [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Graczyk, Rafal [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
12-May-2020
No
[en] contact tracing ; covid-19 ; privacy ; critical infrastructure ; cellular communication infrastructure
[en] Contact tracing is an important instrument for national health services to fight epidemics. As part of the COVID-19 situation, many proposals have been made for scaling up contract tracing capacities with the help of smartphone applications, an important but highly critical endeavor due to the privacy risks involved in such solutions. Extending our previously expressed concern, we clearly articulate in this article, the functional and non-functional requirements that any solution has to meet, when striving to serve, not mere collections of individuals, but the whole of a nation, as required in face of such potentially dangerous epidemics. We present a critical information infrastructure, PriLock, a fully-open preliminary architecture proposal and design draft for privacy preserving contact tracing, which we believe can be constructed in a way to fulfill the former requirements. Our architecture leverages the existing regulated mobile communication infrastructure and builds upon the concept of "checks and balances", requiring a majority of independent players to agree to effect any operation on it, thus preventing abuse of the highly sensitive information that must be collected and processed for efficient contact tracing. This is enforced with a largely decentralised layout and highly resilient state-of-the-art technology, which we explain in the paper, finishing by giving a security, dependability and resilience analysis, showing how it meets the defined requirements, even while the infrastructure is under attack.
http://hdl.handle.net/10993/43191
https://arxiv.org/abs/2005.04519

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
prilok.pdfv1.1Author preprint1.41 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.