PAARS: Privacy Aware Access Regulation System

Abstract: During pandemics, health officials usually recommend access monitoring and regulation protocols/systems in places that are major activity centres. As organizations adhere to those recommendations, they often fail to implement proper privacy requirements to prevent privacy loss of the users of those protocols or systems. This is a very timely issue as health authorities across the world are increasingly putting these regulations in place to mitigate the spread of the current pandemic. A number of solutions have been proposed to mitigate these privacy issues existing in current models of contact tracing or access regulations systems. However, a prevalent pattern among these solutions are they mainly focus on protecting users privacy from server side and involve Bluetooth based ephemeral identifier exchange between users. Another pattern is all the current solutions try to solve the problem in city-wide or nation-wide level. In this paper, we propose a system, PAARS, which approaches the privacy issues in access monitoring/regulation systems from a micro level. We solve the privacy issues in access monitoring/regulation systems without any exchange of any ephemeral identifiers between users. Moreover, our proposed system provides privacy on both server side and the user side by using secure hashing and differential privacy mechanism.