Collaborative and Efficient Privacy-Preserving Critical Incident Management System

Abstract When a critical incident occurs, timely location-based status messages (known as alerts) conveyed by a witness present at the incident site to the competent authority constitute a key part of an effective approach to handle the situation. Details provided by witnesses are of extreme significance, but their collaboration with the authority may make them susceptible to various threats such as loss of anonymity, false implication, unwarranted surveillance, etc. As a solution, an anonymous reporting mechanism can be provided to encourage the witnesses to report the incident to the concerned authority. However, there is a possibility of system collapse in case the anonymous witnesses inundate the authority with multiple fake reports, resulting in delayed response to the critical incident. In this paper, we present a critical incident reporting system that provides privacy to honest witnesses but can disclose the identity and punish the malicious ones. The proposed system facilitates the indistinguishability of the witness among a group of users such that reports are linked to groups of k (or more) users instead of a single user. We use a game-theoretic approach based on the co-utility principle to encourage the users of the system to engage in mutually beneficial collaboration, which leads to a “rewards and punishment” mechanism to encourage legitimate information and discourage false information. The incident management authority rewards honest witnesses with a blockchain-based cryptocurrency, which can be redeemed anonymously by the awardees from the city council. We have analyzed the security and privacy properties of the system, and carried out real-device testing to evaluate the system performance and its feasibility.