We propose PrYVeCT, a private-yet-verifiable contact tracing system. PrYVeCTworks also as an authorization framework allowing for the definition offine-grained policies, which a certain facility can define and apply to bettermodel its own access rules. Users are authorized to access the facility onlywhen they exhibit a contact trace that complies with the policy. The policyevaluation process is carried out without disclosing the personal data of theuser. At the same time, each user can prove to a third party (e.g., a publicauthority) that she received a certain authorization. PrYVeCT takes advantageof oblivious automata evaluation to implement a privacy-preserving policyenforcement mechanism.

Private-Yet-Verifiable Contact Tracing

Andrea Canidio;Gabriele Costa;Letterio Galletta
2020

Abstract

We propose PrYVeCT, a private-yet-verifiable contact tracing system. PrYVeCTworks also as an authorization framework allowing for the definition offine-grained policies, which a certain facility can define and apply to bettermodel its own access rules. Users are authorized to access the facility onlywhen they exhibit a contact trace that complies with the policy. The policyevaluation process is carried out without disclosing the personal data of theuser. At the same time, each user can prove to a third party (e.g., a publicauthority) that she received a certain authorization. PrYVeCT takes advantageof oblivious automata evaluation to implement a privacy-preserving policyenforcement mechanism.
Computer Science - Cryptography and Security
Computer Science - Cryptography and Security
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/20.500.11771/16439
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
social impact