Reconciling Security and Utility in Next-Generation Epidemic Risk Mitigation Systems

We present Silmarillion, a novel, inclusive system for digital contact tracing and epidemic risk notification, which simultaneously provides utility as well as security. Silmarillion relies on a low-cost infrastructure of strategically placed beacons, inexpensive and low-maintenance user devices like dongles (if smartphones are inaccessible), and a backend that assists in epidemiological analysis and risk dissemination. Unlike today's smartphone-based contact tracing systems, Silmarillion records encounters between users' devices and beacons installed in well-known and strategic locations, which enables capturing contextual information relevant for epidemiological analysis, individual risk prediction, and prevention of spread of false risk information. Silmarillion keeps a user's encounter history local to their device and allows the user to control what information they share with the backend. Furthermore, it provides differential privacy for patients in risk dissemination and information-theoretic privacy for users receiving the risk information. We have evaluated a prototype of Silmarillion using small IoT boards and show that the battery and speed of risk dissemination is adequate for a practical deployment. Furthermore, we ran a small-scale deployment within a university building, demonstrating Silmarillion's practicality.