Contact Tracing: Ensuring Privacy and Security

Contact Tracing: Ensuring Privacy and Security

Faced with the biggest virus outbreak in a century, world governments at the start of 2020 took unprecedented measures to protect their healthcare systems from being overwhelmed in the light of the COVID-19 pandemic. International travel was halted and lockdowns were imposed. Many nations adopted me...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Daan Storm van Leeuwen, Ali Ahmed, Craig Watterson, Nilufar Baghaei
Formato: article
Lenguaje:EN
Publicado: MDPI AG 2021
Materias:
contact tracing
COVID-19 pandemic
security
privacy
mobile application
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
Acceso en línea:https://doaj.org/article/23eaf3e70c8245698b0a83cba8853326
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:23eaf3e70c8245698b0a83cba8853326
record_format dspace
spelling oai:doaj.org-article:23eaf3e70c8245698b0a83cba88533262021-11-11T15:03:39ZContact Tracing: Ensuring Privacy and Security10.3390/app112199772076-3417https://doaj.org/article/23eaf3e70c8245698b0a83cba88533262021-10-01T00:00:00Zhttps://www.mdpi.com/2076-3417/11/21/9977https://doaj.org/toc/2076-3417Faced with the biggest virus outbreak in a century, world governments at the start of 2020 took unprecedented measures to protect their healthcare systems from being overwhelmed in the light of the COVID-19 pandemic. International travel was halted and lockdowns were imposed. Many nations adopted measures to stop the transmission of the virus, such as imposing the wearing of face masks, social distancing, and limits on social gatherings. Technology was quickly developed for mobile phones, allowing governments to track people’s movements concerning locations of the virus (both people and places). These are called contact tracing applications. Contact tracing applications raise serious privacy and security concerns. Within Europe, two systems evolved: a centralised system, which calculates risk on a central server, and a decentralised system, which calculates risk on the users’ handset. This study examined both systems from a threat perspective to design a framework that enables privacy and security for contact tracing applications. Such a framework is helpful for App developers. The study found that even though both systems comply with the General Data Protection Regulation (GDPR), Europe’s privacy legislation, the centralised system suffers from severe risks against the threats identified. Experiments, research, and reviews tested the decentralised system in various settings but found that it performs better but still suffers from inherent shortcomings. User tracking and re-identification are possible, especially when users report themselves as infected. Based on these data, the study identified and validated a framework that enables privacy and security. The study also found that the current implementations using the decentralised Google/Apple API do not comply with the framework.Daan Storm van LeeuwenAli AhmedCraig WattersonNilufar BaghaeiMDPI AGarticlecontact tracingCOVID-19 pandemicsecurityprivacymobile applicationTechnologyTEngineering (General). Civil engineering (General)TA1-2040Biology (General)QH301-705.5PhysicsQC1-999ChemistryQD1-999ENApplied Sciences, Vol 11, Iss 9977, p 9977 (2021)
institution DOAJ
collection DOAJ
language EN
topic contact tracing
COVID-19 pandemic
security
privacy
mobile application
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
spellingShingle contact tracing
COVID-19 pandemic
security
privacy
mobile application
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
Daan Storm van Leeuwen
Ali Ahmed
Craig Watterson
Nilufar Baghaei
Contact Tracing: Ensuring Privacy and Security
description Faced with the biggest virus outbreak in a century, world governments at the start of 2020 took unprecedented measures to protect their healthcare systems from being overwhelmed in the light of the COVID-19 pandemic. International travel was halted and lockdowns were imposed. Many nations adopted measures to stop the transmission of the virus, such as imposing the wearing of face masks, social distancing, and limits on social gatherings. Technology was quickly developed for mobile phones, allowing governments to track people’s movements concerning locations of the virus (both people and places). These are called contact tracing applications. Contact tracing applications raise serious privacy and security concerns. Within Europe, two systems evolved: a centralised system, which calculates risk on a central server, and a decentralised system, which calculates risk on the users’ handset. This study examined both systems from a threat perspective to design a framework that enables privacy and security for contact tracing applications. Such a framework is helpful for App developers. The study found that even though both systems comply with the General Data Protection Regulation (GDPR), Europe’s privacy legislation, the centralised system suffers from severe risks against the threats identified. Experiments, research, and reviews tested the decentralised system in various settings but found that it performs better but still suffers from inherent shortcomings. User tracking and re-identification are possible, especially when users report themselves as infected. Based on these data, the study identified and validated a framework that enables privacy and security. The study also found that the current implementations using the decentralised Google/Apple API do not comply with the framework.
format article
author Daan Storm van Leeuwen
Ali Ahmed
Craig Watterson
Nilufar Baghaei
author_facet Daan Storm van Leeuwen
Ali Ahmed
Craig Watterson
Nilufar Baghaei
author_sort Daan Storm van Leeuwen
title Contact Tracing: Ensuring Privacy and Security
title_short Contact Tracing: Ensuring Privacy and Security
title_full Contact Tracing: Ensuring Privacy and Security
title_fullStr Contact Tracing: Ensuring Privacy and Security
title_full_unstemmed Contact Tracing: Ensuring Privacy and Security
title_sort contact tracing: ensuring privacy and security
publisher MDPI AG
publishDate 2021
url https://doaj.org/article/23eaf3e70c8245698b0a83cba8853326
work_keys_str_mv AT daanstormvanleeuwen contacttracingensuringprivacyandsecurity
AT aliahmed contacttracingensuringprivacyandsecurity
AT craigwatterson contacttracingensuringprivacyandsecurity
AT nilufarbaghaei contacttracingensuringprivacyandsecurity
_version_ 1718437110830071808

Ejemplares similares