This project aims to assist in tracing the spread of a virus during a pandemic. By automatically registering encounters with other users of the app, you are can later be notified in case those users become infected with the virus, and vice-versa. Furthermore, our solution focuses on protecting the users’ data, reducing the risk of sensitive information (such as identity, location and infection status) being leaked.
Contact Tracing systems can be extremely useful in controlling the spread of a virus in a pandemic scenario. However, due to the nature of the data these systems deal with, they can also constitute a great
privacy problem for users.
There are two main pieces of sensitive information that a contact tracing system deals with and stores in some way: a user’s infection status and a user’s contacts (which may include the location and time of those contacts). With our solution, we aspire to mitigate these problems by reducing, as much as possible, the ways in which a malicious or otherwise neglectful actor may attack the system and / or disclose the forementioned information.
- Hub OS: Ubuntu 20.04.3 LTS
- DB OS: Ubuntu 20.04.3 LTS
- App OS: Android 6+
- Language: Java
- App ↔ Hub Communication: gRPC with SSL/TLS
- App ↔ App Communication: Bluetooth Low Energy (BLE)
- App Local Storage: SQLite JDBC
- Server-side Storage: PostgreSQL 14
- Building and dependencies: Gradle
- Firewall Utility: Iptables
- Tools used in development: Android Studio, IntelliJ IDEA
-
- Hardware:
- Physical Computer or Virtual Machine
- Operating System:
- Ubuntu 20.04.3 LTS
- Software:
- PostgreSQL 14
- Hardware:
-
- Hardware:
- Physical Computer or Virtual Machine
- Operating System:
- Ubuntu 20.04.3 LTS
- Software:
- Java 11
- Gradle 7.3
- Hardware:
-
- Software:
- Java 11
- Gradle 7.3
- Android SDK 11.0.10 (API 30)
- Software:
-
- Hardware:
- Physical Android device
- Operating System:
- Android 6+
- Hardware:
Some of the features of the app are demonstrated in the following table:
Database containing 2 messages received through Bluetooth LE from another device:
Tu run this service we will need 2 virtual machines running Ubuntu 20.04.3 LTS
One of these VMs, which we'll call VMH, will be running the Hub and will be connected to the internet through a NAT.
The other one, which we'll call VMDB, will be running the PostgreSQL database and will only be connected to a local network shared with the VMH.
Step-by-step instructions for preparing the VMs:
(These instructions assume you're using VirtualBox)
-
Create a new Ubuntu (64-bit) VM, call it
VMH
-
Install Ubuntu 20.04.3 LTS
-
Boot the VM and open a terminal.
-
Run the command:
sudo apt update && sudo apt upgrade && sudo apt install net-tools
-
Power off the VM.
-
Go to VMH > Settings > Network and enable and configure the following Network Adapters:
- Adapter 1:
- Attached to:
Internal Network
- Name:
intnet
- Attached to:
- Adapter 2:
- Attached to:
NAT
- Port Forwarding > New Rule (Host Port:
29292
, Guest Port:29292
)
- Attached to:
- Adapter 1:
-
Create a clone of the VM, with the following configurations:
- Name:
VMDB
- MAC Address Policy:
Generate new MAC addresses for all network adapters
- Clone type:
Full clone
- Name:
-
Boot up the VMDB.
-
Open a terminal and run the commands:
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - && sudo apt update && sudo apt -y install postgresql
-
Transfer the directory
A28-CT/scripts/database
to the VMDB through your preferred method. (ex: Drag'n'Drop, Shared Folders, etc.), make sure the files are in unix format and not windows. -
Change directory to that directory, and change some important permissions for the setup:
chmod +x *.sh && chmod 777 .
-
Run ssl.sh with root privileges:
sudo ./ssl.sh
-
Copy the file rootCA.crt generated by ssl.sh to your host machine (It will be needed by VMH)
-
Change to user "postgres", go to the transfered directory "database", and run the script "setup.sh":
sudo su - postgres cd <path to database dir> ./setup.sh exit
-
Run the following command to set the IP address of the VMDB:
sudo ifconfig enp0s3 192.168.0.10/24 up
-
Run the following command to set up a simple firewall that only accepts requests from VMH to port 5432:
sudo ./firewall.sh
-
Power off the VMDB
-
Go to VMDB > Settings > Network and disable "Adapter 2" (Which should be the one "Attached to: NAT")
-
Boot up the VMH.
-
To setup the network adapter that is going to connect to the VMDB, we run the following command:
sudo ifconfig enp0s3 192.168.0.20/24 up
-
Install Java 11:
sudo apt install openjdk-11-jdk
-
Install Gradle:
sudo apt -y install vim apt-transport-https dirmngr wget software-properties-common && sudo add-apt-repository ppa:cwchien/gradle && sudo apt update && sudo apt -y install gradle
-
Transfer the whole project directory
A28-CT
to the VMH through your preferred method. (ex: Drag'n'Drop, Shared Folders, etc.) -
Copy from the host machine the rootCA.crt to the folder /etc/ssl/certs, give read permissions to the file:
sudo chmod +r /etc/ssl/certs/rootCA.crt
-
Change directory to the directory
A28-CT
and build the projectgradle :hub:build
-
Run the following command to set up the firewall:
sudo ./scripts/hub/firewall.sh
-
With VMDB booted and postgres running, run the hub:
gradle :hub:run
First we must create the App APK:
-
Open a shell and change to the project's directory (A28-CT)
-
Run the following command to set the hostname of the previously deployed Hub server. (Or alternatively, navigate to that directory and edit it manually)
echo <hostname> > app/src/main/res/raw/hub_hostname
-
Run one of the following commands, depending on your operating system:
- Windows:
gradlew :app:build
- Linux:
chmod +x gradlew && ./gradlew :app:build
- Windows:
Then, we must install the APK unto the Android Device: 3. Install Android SDK in order to have access to the adb platform tool. 4. Find the path to the installed adb binary and add it to you PATH environment variable. * Example for windows: path = "C:\Users\AppData\Local\Android\Sdk\platform-tools\adb.exe" 5. Turn on Developer Debug mode on your Android Device. 6. Connect your device to your computer using a USB cable and accept the connection. 7. Run the following command on your computer:
```sh
adb install path/to/project/A28-CT/app/build/outputs/apk/release/app-release-unsigned.apk
```
- Afonso Gomes - IST Master’s student - @AfonsoG6
- Miguel Henriques - IST Master’s student - @miguelchenriques
- António Martins - IST Master’s student - @AL-CT
This project is licensed under the MIT License.
MIT License
Copyright (c) [2022] [A28-CT Team]
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
This project was heavily inspired on the original DP^3T Project. Please follow the link above in order to check out their work.