Existing Bluetooth-based Private Contact Tracing (PCT) systems can privately detect whether people have come into direct contact with COVID-19 patients. However, we find that the existing systems lack functionality and flexibility, which may hurt the success of the contact tracing. Specifically, they cannot detect indirect contact (e.g., people may be exposed to coronavirus because of used the same elevator even without direct contact); they also cannot flexibly change the rules of "risky contact", such as how many hours of exposure or how close to a COVID-19 patient that is considered as risk exposure, which may be changed with the environmental situation. In this paper, we propose an efficient and secure contact tracing system that enables both direct contact and indirect contact. To address the above problems, we need to utilize users' trajectory data for private contact tracing, which we call trajectory-based PCT. We formalize this problem as Spatiotemporal Private Set Intersection. By analyzing different approaches such as homomorphic encryption that could be extended to solve this problem, we identify that Trusted Execution Environment (TEE) is a proposing method to achieve our requirements. The major challenge is how to design algorithms for spatiotemporal private set intersection under limited secure memory of TEE. To this end, we design a TEE-based system with flexible trajectory data encoding algorithms. Our experiments on real-world data show that the proposed system can process thousands of queries on tens of million records of trajectory data in a few seconds.
翻译:现有蓝牙私人联系追踪系统(PCT)可以私下检测人们是否直接接触COVID-19病人。然而,我们发现现有系统缺乏功能和灵活性,这可能会损害接触追踪的成功。具体地说,它们无法检测间接接触(例如,人们可能因为使用同一电梯而接触冠状病毒,即使没有直接接触);它们也无法灵活地改变“风险接触”规则,例如,接触次数多长,或接近被视为风险接触的COVID-19病人,这种接触可能随着环境状况的变化而改变。在本文件中,我们建议建立一个高效和安全的联系追踪系统,以便能够直接接触和间接接触。为了解决上述问题,我们需要利用用户的轨迹数据进行私人联系追踪,我们称之为基于轨迹的PCT。我们把这个问题正式化为Spatotomposal私人连接。通过分析各种方法,例如为解决这一问题而提议的同系加密,我们发现信任的执行环境(TEE)是一种有限的方法,用以实现我们所需要的方法。主要挑战是如何利用用户的轨迹数据轨迹数据序列来设计我们数据库的链接。