Private-Yet-Verifiable Contact Tracing
Andrea Canidio, Gabriele Costa, Letterio Galletta
TL;DR
PrYVeCT is a contact tracing system that ensures user privacy and verifiability by enabling policy-based access control and proof of authorization without revealing personal data.
Contribution
It introduces a novel privacy-preserving contact tracing framework with fine-grained policy enforcement and verifiable user authorization using oblivious automata evaluation.
Findings
Ensures privacy during contact tracing and policy enforcement.
Allows users to prove authorization without revealing personal data.
Supports fine-grained access control policies.
Abstract
We propose PrYVeCT, a private-yet-verifiable contact tracing system. PrYVeCT works also as an authorization framework allowing for the definition of fine-grained policies, which a certain facility can define and apply to better model its own access rules. Users are authorized to access the facility only when they exhibit a contact trace that complies with the policy. The policy evaluation process is carried out without disclosing the personal data of the user. At the same time, each user can prove to a third party (e.g., a public authority) that she received a certain authorization. PrYVeCT takes advantage of oblivious automata evaluation to implement a privacy-preserving policy enforcement mechanism.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Privacy-Preserving Technologies in Data · Privacy, Security, and Data Protection