We propose PrYVeCT, a private-yet-verifiable contact tracing system. PrYVeCTworks also as an authorization framework allowing for the definition offine-grained policies, which a certain facility can define and apply to bettermodel its own access rules. Users are authorized to access the facility onlywhen they exhibit a contact trace that complies with the policy. The policyevaluation process is carried out without disclosing the personal data of theuser. At the same time, each user can prove to a third party (e.g., a publicauthority) that she received a certain authorization. PrYVeCT takes advantageof oblivious automata evaluation to implement a privacy-preserving policyenforcement mechanism.
Private-Yet-Verifiable Contact Tracing
Andrea Canidio;Gabriele Costa
;Letterio Galletta
2020-01-01
Abstract
We propose PrYVeCT, a private-yet-verifiable contact tracing system. PrYVeCTworks also as an authorization framework allowing for the definition offine-grained policies, which a certain facility can define and apply to bettermodel its own access rules. Users are authorized to access the facility onlywhen they exhibit a contact trace that complies with the policy. The policyevaluation process is carried out without disclosing the personal data of theuser. At the same time, each user can prove to a third party (e.g., a publicauthority) that she received a certain authorization. PrYVeCT takes advantageof oblivious automata evaluation to implement a privacy-preserving policyenforcement mechanism.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
