Google and Apple jointly introduced a digital contact tracing technology and an API called "exposure notification," to help health organizations and governments with contact tracing. The technology and its interplay with security and privacy constraints require investigation. In this study, we examine and analyze the security, privacy, and reliability of the technology with actual and typical scenarios (and expected typical adversary in mind), and quite realistic use cases. We do it in the context of Virginia's COVIDWISE app. This experimental analysis validates the properties of the system under the above conditions, a result that seems crucial for the peace of mind of the exposure notification technology adopting authorities, and may also help with the system's transparency and overall user trust.
翻译:Google和Apple联合引进了数字联系追踪技术和称为“接触通知”的API,以帮助卫生组织和政府进行联系追踪。该技术及其与安全和隐私限制的相互作用需要调查。在本研究中,我们用实际和典型的情景(以及预期的典型对手)和非常现实的使用案例来检查和分析该技术的安全、隐私和可靠性。我们在Virginia的COVIDWISE 应用软件中这样做。这个实验分析在上述条件下验证了该系统的特性,这一结果对于接触通知技术采用当局的头脑平静至关重要,并且可能有助于该系统的透明度和总体用户信任。