Versions Compared

Old Version 4

changes.mady.by.user Diarmid Mackenzie

Saved on

compared with

New Version Current

changes.mady.by.user Diarmid Mackenzie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The “time window” is a UTC timestamp in seconds, rounded down to the nearesrt nearest 5 minutes.

  • E.g. Time: 14 April 2020, 12:03:12pm (which rounds down to 12:00:00pm), which maps to 15868656001586865600000 (msecs)

The “nearby” time window is defined as follows:

  • If the timestamp is in the 1st half of the time window (e.g. 12:01pm) it is the preceding time winow window (begins 11:55am)

  • If the timestamp is in the 2nd half of the time window (e.g. 12:03pm), it is the following time winow window (begins 12:05pm)

The exact midpoint of the 5 min window (2:30) is ttreated treated as being in the 2nd half.

...

  • A “cost” (N) that is to be determined. For initial implemention we use 2^12 = 163844096. For improved security we expect to move to 2^16,. 2^17 or 2^18 for production, but the exact value still needs to be determined.

  • A block size (r) of 8 - this is the default.

  • Parallelization (p) of 1 - this is the default.

  • A keylen (output) of 8 bytes = 16 hex digits.

...

  • The 8 char geohash

  • Followed by the UTC timestamp of the beginning of the relevant 5 minute time window, in secondsmilliseconds

Example:

  • Latitude: 51.5019, Longitude: -0.1415

  • Time: 14 April 2020, 12:03:12pm (which rounds down to 12:00:00pm)

...

  • 8 character geohash: gcpuuz8u

  • UTC timestamp: 1586865600158686560000

Data string to encode: “gcpuuz8u1586865600”“gcpuuz8u1586865600000” which should hash to “c9414c55812d796a“ (cost = 12)

Sending data to Safe Places for Redaction Processing

...

The current lat/long/timestamp format is replaced by just a hash.

So this:

Code Block
	"concern_points": [

...

{

...


		"time": 1589224427000,

...


		"longitude": 1.00000919,

...


		"latitude": 2.00000943

...


	}]

becomes this:

Code Block
"concern_point_

...

hashes":[

...

“87e916850d4def3c”]

and an example with multiple hashes looks like this:

Code Block
	"concern_point_hashes": ["e090295d8e58b7de", "92c0e4f2d757c2a8", "755d22f05c13397a"]

The value of the hash is computed in exactly the same was as on Safe Patths (see above). Note that changing the cost value will result in changes to the hash values produced, so as we tune the cost value to the optimal value, this will require careful co-ordination between Safe Places and Safe Paths.

...

For compatibility reasons as we work through this change, our plan is to add the hash first, and then remove the other points later - so for an interim period during MVP1 development, we may output data like this:

Code Block
	"concern_points": [

...

{

...


		"time": 1589224427000,

...


		"longitude": 1.00000919,

...


		"latitude": 2.00000943
	}],

...


	"concern_point_hashes": ["87e916850d4def3c"]

This will allow both old & new versions of the app to work with Safe Places. But we aim to move to the final format before we launch MVP1.

...

Code Block
"notification_threshold_percent":66,
“notification_threshold_count”timeframe”:630

These two parameters work together to control the sensitivity of exposure notifications for this data. The Health Authority can turn these based on their experience and feedback from their community.

With the defaults, we trigger an exposure notification if we get more than 66% of location matches, across any 6 consecutive location data points 30 minute period (i.e. if we match 4 or more of 6 points).

Safe Paths logic for matching points of concern

...

  • For each data point that matches an HA’s “point of concern”, it inspects the next K local data points in the local database (where K is the supplied “notification threshold count”). If more than M% of these matched “points of concern” with the same Health Authority (where M is tthe the “notification threshold percent”), then it generates an exposure notificationall K data points are classified as part of the exposure notification for that day.

  • To determine the duration of the exposure notification , the same for a given day, this calculation is repeated for each data point that matches a point of concern. Exposure notifications that overlap are combined together to create an overall exposure duration.

To illustrate, this diagram shows a series of data points, some of which match, and some of which do not match any points of concern. The brackets on the left indicate the groups of 6 data points that match more than 66% (4 points). The brackets on the right show the overall Exposure Duration that is derived.

...

  • performed for all data points in the day - with all data points that are classified as part of an exposure contributing 5 minutes to the total exposure reported for the day.

There can only be one exposure notification in a day, and the miniumum exposure perios is (5 mins x “notification threshold count”)

See more details here: Exposure Notifications more detailed design

Related Work

In MVP1, under SAF-397 / MVP1#17, we will be doing work to reduce the volume of data downloaded by the Mobile App from Same Places.

...