Blockchain and MPC Use Case: COVID-19 Tracking

Nations globally are under immense pressure to contain and suppress the spread of COVID-19. One of the resources required is an effective tool for tracking infected individuals, identifying other parties they’ve been in proximity with, and contacting them. Naturally, this exercise brings up the difficult balance between privacy and public safety. An approach is required which maintains the privacy of the individuals involved and the ability to identify and communicate with potentially impacted individuals. These approaches must also be fast, flexible and affordable to prototype, test and roll out in scale.

Nexledger™ from Samsung SDS and Multiparty Computation (MPC)-based Threshold Key Management from Sepior provide highly complementary services to rapidly and efficiently facilitate such programs. These platforms can be combined to support a virtually endless variety of use cases which require high-integrity, unalterable data collection, storage, and analysis, with virtually impenetrable privacy controls and access security.

Blockchains are recognized for providing a framework to record and store data in a manner that assures the integrity of data. Nexledger is Samsung SDS’s blockchain as a service platform which eliminates the burden of designing, implementing, operating, and maintaining a blockchain infrastructure. This allows application developers, service providers and other innovators to leverage the benefits of blockchain while focusing on the services versus the infrastructure. 

While blockchains provide a platform to assure that posted data is complete and unaltered, they do not natively provide the ability to selectively grant access to this data by certain users and limit their access to certain fields of data. Sepior Threshold Key Management provides a 100% software-based approach to virtually impenetrable, enterprise grade key management. With Threshold Key Management, administrators are able to grant users access to encrypted fields of data to view the information, maintain anonymity if required, conduct private analytics and more, all with fine grained control with a remarkably secure and scalable solution to support virtually any need. 

Example

Let’s say your company seeks to offer an innovative Infectious Disease Tracking online service to national, state, and local governments. The idea is to provide a common database where hospitals, government health agencies, and concerned individuals can upload the personal information of confirmed and potentially exposed but unconfirmed COVID 19 patients.

Along with recording names and phone numbers, this service must also record the written authorization record of the prospective parties to allow their phone numbers to be temporarily shared with mobile service providers to generate reports of their location tracking for a prior period of time.

Using an additional third-party Matching service, these service providers are able to conduct an analysis to identify other cell phones that were in the same relative proximity as these devices, for a minimum period of time, during the same time intervals. Those mobile numbers are identified and notified that records suggest their phone may have been within close proximity of another phone belonging to a person who has tested positive for COVID 19. These individuals will be encouraged to register with the COVID monitoring and management program and be tested. The test agencies might then upload test results, including both positive and negative results to provide insights on the actual spread and provide greater insight on possible correlations between proximity, duration, and transfer of the virus.

Role of Technology

Nexledger provides an ideal platform for facilitating such a service and reliably capturing and storing records in a format that prevents loss or alteration of the records. Threshold Key Management proves to be a compelling resource for administering access to this highly sensitive data. Primary fields of customer records will be encrypted with unique keys to provide fine grained access controls. 

In order for any party to access the records, the application must grant access to an authorized user to access specific fields of specific customer records. Considering regulatory constraints such as GDPR and CCPA, this data must be protected with enterprise-grade solutions to ensure the privacy of protected data. Therefore, protection and active management of the private keys used to encrypt and decrypt data is critically importation.

In many cases, such an enterprise-grade key management and protection system would require the purchase of multiple hardware security modules (HSMs) to physically secure the private keys and a key management system (KMS) to manage the keys and presentation of keys to authorized users. Such systems can easily cost $1M or more, in upfront costs alone. Then there’s the question of who will purchase, centrally host, and administratively maintain the HSMs and KMS.

With collaborative scenarios such as this, these issues become serious economic and operational impediments. Sepior eliminates many of these issues by eliminating the existence of centrally controlled key storage and management. Sepior uses multiparty computation (MPC) with threshold cryptography to provide an entirely software-based threshold key management service which decentralizes the lifecycle management and storage of encryption keys.

Sepior Threshold Key Management uses multiple virtual servers which function as a virtual, distributed key management system and HSM storage system. The Threshold Key Management system can be hosted in VMs, containers or clouds. Ideally, each virtual server should be hosted in separate environments, under different administrative domains. By doing so, no central party ever has direct access to the keys – thus eliminating the potential liability of an insider or malicious third-party gaining access to the keys.  

Since this approach is 100% software based, there is also no upfront dedicated hardware expense and the costs are dramatically than upfront appliance models with conventional alternatives.

-------------------

If blockchain-based services with fine grained privacy controls are a topic of interest to you, we invite you to contact Sepior or Samsung SDS for more information.

 

Visit Sepior: https://sepior.com/threshold-kms

Visit Samsung SDS Nexledger: https://www.samsungsds.com/us/en/solutions/off/nexledger/Nexledger.html

Key Management Systems, Threshold Cryptography, Multiparty ComputationSepiorBlockchain, MPC, ThresholdCryptography, KeyManagementSystems, KMaaS, Nexledger, secure MPC, multiparty computation, Threshold signature, blockchain key management, blockchain security, blockchain privacy