Abstract
The coronavirus pandemic is a new reality, and it severely affects the modus vivendi of the international community. In this context, governments are rushing to devise or embrace novel surveillance mechanisms and monitoring systems to fight the outbreak. The development of digital tracing apps, which among others are aimed at automatising and globalising the prompt alerting of individuals at risk in a privacy-preserving manner, is a prominent example of this ongoing effort. Very promptly, a number of digital contact tracing architectures have been sprouted, followed by relevant app implementations adopted by governments worldwide. Bluetooth, specifically its Low Energy (BLE) power-conserving variant, has emerged as the most promising short-range wireless network technology to implement the contact tracing service. This work offers the first to our knowledge full-fledged review of the most concrete contact tracing architectures proposed so far in a global scale. This endeavour does not only embrace the diverse types of architectures and systems, namely, centralised, decentralised, or hybrid, but also equally addresses the client side, i.e., the apps that have been already deployed in Europe by each country. There is also a full-spectrum adversary model section, which does not only amalgamate the previous work in the topic but also brings new insights and angles to contemplate upon.
Highlights
The World Health Organization (WHO) on March 11, 2020, declared COVID-19 a pandemic, whose effects will probably determine the evolution of our society for many years to come
It is called “hybrid decentralised proximity tracing” in which seeds are generated and used to create ephemeral IDs according to the first design, but these seeds are only uploaded in case they are relevant to exposure estimation for other users
The Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) system comprises the following components: (i) A user mobile app for proximity tracing (ii) A backend server for generating temporary IDs used with the app and processing the data received by the app (iii) A push notification service (ROBERT does not include this component because it follows a pure pull approach where the app regularly checks the infection status of its user, in contrast to NTK where the backend requests from a subset of all users to check their status.) to trigger the app to pull notification from the backend
Summary
The World Health Organization (WHO) on March 11, 2020, declared COVID-19 a pandemic (https://www.who.int/dg/ speeches/detail/who-director-general-s-opening-remarks-at-themedia-briefing-on-covid-19—11-march-2020), whose effects will probably determine the evolution of our society for many years to come. In the global race against the spread of the COVID-19, countries, public and private organisations, the academia, and others have quickly joined the forces to orchestrate appropriate countermeasures In this context, the development of contact tracing approaches is currently considered as one of the main weapons to confront the spread of the COVID-19 worldwide. Our contribution: taking into account the current landscape of digital contact tracing frameworks and apps, this work endeavours to provide a comprehensive overview of such efforts and to analyse the main security and data protection aspects around these initiatives. We describe a full-fledged adversarial model, which brings new insights and angles to be considered for the development and evolution of ongoing contact tracing initiatives Such a model is used to analyse the different frameworks around different security and data protection concerns.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
