PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching

TL;DR

This paper introduces PAN-DOMAIN, a privacy-preserving infrastructure for secure sharing and auditing of infection identifiers across multiple domains involved in contact tracing, enhancing privacy, security, and transparency.

Contribution

It proposes a novel infrastructure enabling cross-domain identifier matching with privacy controls and auditability, addressing flaws in existing contact tracing systems.

Findings

Ensures privacy-preserving identifier matching across domains.

Provides audit logs for transparency and security.

Enhances trustworthiness of contact tracing data sharing.

Abstract

The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructure may include the Citizen, a Testing Centre (TC), a Health Authority (HA), and a Government Authority (GA). Typically, these different domains need to communicate with each other about an individual. A common approach is when a citizen discloses his personally identifiable information to both the HA a TC, if the test result comes positive, the information is used by the TC to alert the HA. Along with this, there can be other trusted entities that have other key elements of data related to the citizen. However, the existing approaches comprise severe flaws in terms of privacy and security. Additionally, the aforementioned approaches are not transparent and often being questioned for the efficacy of the implementations. In order to overcome the challenges, this paper outlines the PAN-DOMAIN infrastructure that allows for citizen identifiers to be matched amongst the TA, the HA and the GA. PAN-DOMAIN ensures that the citizen can keep control of the mapping between the trusted entities using a trusted converter, and has access to an audit log.