论文标题
隐私保护多手术触点跟踪,以早期检测Covid19传染病
Privacy-Preserving Multi-Operator Contact Tracing for Early Detection of Covid19 Contagions
论文作者
论文摘要
2019年冠状病毒病(Covid-19)的爆发正施加严重的全球锁定。基于智能手机应用程序(APP)的接触跟踪已成为追踪传染和实施更可持续的选择性隔离的可能解决方案。但是,需要大量采用这些应用程序才能达到有效接触跟踪所需的临界质量。作为替代方案,下一代网络中的地理位置技术(例如5G)可以使移动运营商(MOS)能够以被动跟踪用户的移动性和接触性,并承诺的准确性降至一米。为了有效地检测传染病,还需要仅由政府权威(GA)知道的积极个人的身份。请注意,除了非常敏感之外,从业务角度来看,这些数据也可能至关重要。因此,MOS和GA需要以隐私的方式交换和处理用户的地理位置和感染状态数据。在这项工作中,我们提出了一项隐私权协议,该协议使多个MOS和GA可以共享和处理用户的数据,以使最终用户与正面个人发现其联系的数量。该协议基于现有的增强隐私策略,该策略保证了用户的移动性和感染状态分别是其MOS和GA所知道的。从广泛的模拟中,我们可以观察到保证总隐私的成本(根据协议引入的数据开销进行评估)是可以接受的,并且如果我们接受用户隐私的妥协妥协,也可以大大降低。
The outbreak of coronavirus disease 2019 (covid-19) is imposing a severe worldwide lock-down. Contact tracing based on smartphones' applications (apps) has emerged as a possible solution to trace contagions and enforce a more sustainable selective quarantine. However, a massive adoption of these apps is required to reach the critical mass needed for effective contact tracing. As an alternative, geo-location technologies in next generation networks (e.g., 5G) can enable Mobile Operators (MOs) to perform passive tracing of users' mobility and contacts with a promised accuracy of down to one meter. To effectively detect contagions, the identities of positive individuals, which are known only by a Governmental Authority (GA), are also required. Note that, besides being extremely sensitive, these data might also be critical from a business perspective. Hence, MOs and the GA need to exchange and process users' geo-locations and infection status data in a privacy-preserving manner. In this work, we propose a privacy-preserving protocol that enables multiple MOs and the GA to share and process users' data to make only the final users discover the number of their contacts with positive individuals. The protocol is based on existing privacy-enhancing strategies that guarantee that users' mobility and infection status are only known to their MOs and to the GA, respectively. From extensive simulations, we observe that the cost to guarantee total privacy (evaluated in terms of data overhead introduced by the protocol) is acceptable, and can also be significantly reduced if we accept a negligible compromise in users' privacy.
