key: cord-0528290-b1d0co7m authors: Salimibeni, Mohammad; Hajiakhondi-Meybodi, Zohreh; Mohammadi, Arash; Wang, Yingxu title: TB-ICT: A Trustworthy Blockchain-Enabled System for Indoor COVID-19 Contact Tracing date: 2021-08-09 journal: nan DOI: nan sha: 9eb98e1a244a2db2fbe7f789c1d44a097e367245 doc_id: 528290 cord_uid: b1d0co7m Recently, as a consequence of the COVID-19 pandemic, dependence on Contact Tracing (CT) models has significantly increased to prevent spread of this highly contagious virus and be prepared for the potential future ones. Since the spreading probability of the novel coronavirus in indoor environments is much higher than that of the outdoors, there is an urgent and unmet quest to develop/design efficient, autonomous, trustworthy, and secure indoor CT solutions. Despite such an urgency, this field is still in its infancy. The paper addresses this gap and proposes the Trustworthy Blockchain-enabled system for Indoor Contact Tracing (TB-ICT) framework. The TB-ICT framework is proposed to protect privacy and integrity of the underlying CT data from unauthorized access. More specifically, it is a fully distributed and innovative blockchain platform exploiting the proposed dynamic Proof of Work (dPoW) credit-based consensus algorithm coupled with Randomized Hash Window (W-Hash) and dynamic Proof of Credit (dPoC) mechanisms to differentiate between honest and dishonest nodes. The TB-ICT not only provides a decentralization in data replication but also quantifies the node's behavior based on its underlying credit-based mechanism. For achieving high localization performance, we capitalize on availability of Internet of Things (IoT) indoor localization infrastructures, and develop a data driven localization model based on Bluetooth Low Energy (BLE) sensor measurements. The simulation results show that the proposed TB-ICT prevents the COVID-19 from spreading by implementation of a highly accurate contact tracing model while improving the users' privacy and security. Novel Coronavirus disease (COVID-19) has abruptly and undoubtedly changed the world as we knew at the end of the 2 nd decade of the 21 st century. Highly contagious nature of the novel coronavirus has resulted in a global outbreak and has significantly imperiled global healthcare systems [1] , [2] . On account of such a highly contagious disease, people around the world are being asked to practice strict social distancing protocols. In this regard, Contact Tracing (CT) [3] - [5] , i.e., contact identification, contact listing, and follow-ups, becomes of paramount importance. Manual CT solutions [6] are labor-intensive, making it inefficient, error-prone, and timeconsuming in addition to suffering from potential security This Project was partially supported by the Department of National Defence's Innovation for Defence Excellence and Security (IDEaS) program. and privacy issues. For these reasons, the focus of recent research works [7] have been shifted towards development of autonomous CT models. Using technologies such as Internet of Things (IoT), mobile applications, and/or wearable devices, efficient autonomous CT solutions [6] , [8] can be implemented to immediately inform potential users at risk, while reducing the required amount of labor force. Since the spreading probability of COVID-19 in indoor environments is higher than that of outdoors [9] , there is an urgent and unmet quest to develop/design trustworthy indoor CT solutions with highest achievable tracking capabilities. To achieve these objectives (i.e., trustworthiness and high indoor localization accuracy), we focus on (i) Blockchain-enabled design, coupled with (ii) Angle of Arrival (AoA)-based localization via Bluetooth Low Energy (BLE) beacons. With regards to the Objective (i), a critical aspect for widespeared adoption of indoor CT models is trustworthiness, i.e., assuring and preserving users' personal data [10] , [11] . Several countries and related agencies [12] have released recent reports on security and privacy breaches of CT applications. Compliance with country-level health and privacy legislation, however, have yet to be discussed within CT platforms. Decentralized data storage, Decentralized Applications (DApps) [6] , [8] , and Blockchain-based methods [13] are potential solutions to address these issues. Among these technologies, Blockchain-enabled models are favored since they inherently share users' data by employing a decentralized structure and cryptographical encryption that protects the privacy and security of the shared information. The trust provided based on a secure/distributed platform that keeps the users' identity and personal information anonymously, makes blockchain approaches an attractive solution to address the aforementioned concerns [14] . In blockchain-based services, information can be validated, data storage is immutable, and the data can be updated in a real-time fashion. More importantly, blockchainbased applications are, typically, independent of third parties. Since all nodes share the exact copy of the original data, which is hashed and chained in different blocks of the blockchain, it is impossible to manipulate data stored within different blocks of the system. In summary, in a blockchain-based CT infrastructure, system's consistency is not at risk and is widely resistant to tampering [15] . With regards to the second identified objective (Objective (ii), i.e., equipping indoor CT solutions with accurate localization), while existing Global Positioning Systems (GPS) can be used to provide the required accurate localization in outdoor environments, tracking in indoors is a different and challenging task. For the design of autonomous indoor CT solutions, preinstalled IoT sensors [16] , [17] can be leveraged to use existing infrastructures and allow widespread and timely adoption. To identify, track, and monitor users' location, which is the input of an autonomous CT model, several IoT-based indoor localization technologies such as BLE [18] , [19] , and Ultra Wide Band (UWB) [20] frameworks are available. Among such technologies, BLE-based tracking is of particular interest due to its ubiquitousness in most modern smart devices, low power consumption, and low cost. AoA-based localization [21] is one of the most efficient triangulation frameworks to measure users' location through the direction of the incident signal. BLE-based AoA estimation, however, was not possible until recently that direction-finding feature is introduced to the Bluetooth 5.1 Core specification. Consequently, research works in this area are still in their infancy. This motivates the design of a BLE-based AoA estimation to increase the accuracy of the proposed indoor CT model. Despite recent researches performed on blockchain-enabled CT models, there is no integrated infrastructure coupling secure contact identification, accurate indoor localization, and follow-ups via a decentralized secure approach. The paper addresses this gap. Contribution: The main contribution of the paper is implementation of an innovative trustworthy, Blockchain-enabled, and Smart Indoor Contract Tracing (TB-ICT) framework by integration of blockchain and IoT technologies. The proposed blockchain-enabled TB-ICT framework is shown in Fig. 1 . In summary, the paper makes the following key contributions: • The TB-ICT framework is proposed to protect privacy and integrity of the underlying CT data from unauthorized access. The TB-ICT is an alternative blockchain platform exploiting the proposed dynamic Proof of Work (dPoW) credit-based consensus algorithm coupled with a Randomized Hash Window (W-Hash) and dynamic Proof of Credit (dPoC) mechanisms to differentiate between honest and dishonest nodes. Unlike the existing CT solutions [22] - [25] , which are centralized and potentially vulnerable to information leakage, TB-ICT is a fully distributed framework without any reliance on third parties. The TB-ICT not only provides a decentralization in data replication but also quantifies the node's behavior based on its credit-based mechanisms. A Proof of Concept (PoC) version of the TB-ICT framework implementation is made publicly accessible 1 . In this PoC, sample localization data is fed to the local database of distributed nodes and the proximity of users is calculated and saved in the database. • To boost the accuracy of the TB-ICT model, we design an efficient data driven AoA-based indoor localization framework. More specifically, to avoid the need to analytically model noise, path-loss, and multi-path effects, a Convolutional Neural Network (CNN) model is designed 1 https://github.com/MSBeni/SmartContactTracing Chained on the subspace-based angle estimation in a 3-D indoor environment. For robust localization even in the worstcase scenario, we consider an indoor environment without presence of Line of Sight (LoS) links affected by Additive White Gaussian Noise (AWGN) with different Signal to Noise Ratios (SNRs). Moreover, the destructive effect of the elevation angle of the incident signal is considered. The rest of the paper is organized as follows: In Section II related works are discussed. Section III formulates the BLE signal to extract location information and introduces the proposed CNN-based AoA localization framework. In Section IV, we introduce the proposed blockchain-based TB-ICT framework. Simulation results are presented in Section V. Finally, Section VI concludes the paper. Four of the most well-known CT applications recently proposed are TraceTogether from Singapore [22] , Google/Apple joint project on a CT platform [23] , COVID-19 application proposed by National Health Service (NHS) [24] , and Chinese application named Health code system [25] . TraceTogether is a centralized service that uses Bluetooth technology to discover and store close proximity of users locally. BLE security concerns, e.g., bugging, sniffing, jamming, and power consumption in active advertisement fashions, are the issues related to this approach. Apple and Google exploit BLE technology as well. Unlike the TraceTogether, Apple/Google platform does not hold the user's real identity/data, but a central server is used for contact profiling and sending necessary notifications. The vulnerability in user information leakage, which could result in privacy issues, is also the same in the NHS COVID-19 application. On the other hand, the health code system leveraged a different approach in CT, utilizing QR code-based relational cross-match instead of BLE. While the health code is a better platform due to its lower power consumption, the centralization of the platform and violating the importance of anonymity of the users are key security issues of this platform. In what follows, first, we provide a brief overview of AoA and BLE-based localization, then we outline recent literature on blockchain-based approaches: BLE Literature Review: High power consumption is one of the most important challenges of wireless technology for IoT applications. BLE technology has opened the way for IoT applications to flourish by enabling low-energy communications. BLE uses the same frequency spectrum as WiFi, ranging from 2.4 to 2.48 GHz, with 37 data channels and 3 advertisement channels, each with a bandwidth of 2 MHz [19] . There are several BLE-based indoor localization frameworks including but not limited to Received Signal Strength (RSS)based methods [26] , Time of Arrival (ToA) [27] , and Angle of Arrival (AoA) [21] . AoA-based localization is an active research field, where among all possible approaches, subspacebased angle estimation algorithms [28] , [29] , such as MUltiple Signal CLassification (MUSIC) and its extensions, are among the most reliable methods, especially in the presence of noise. Subspace-based algorithms, however, are prone to the multi-path effect, which is an unavoidable factor in indoor environments [30] . Under the assumption that there is a strong LoS path between the transmitter and the receiver, there are a variety of approaches to mitigate the multi-path effect, including channel classification [31] , Kalman filter-based techniques [32] , and subsample interpolation methods [33] . There are, however, key challenges ahead: On the one hand, due to the computational complexity of the multi-path identification/mitigation methods, it is challenging to analytically model and compensate for the multi-path effect. On the other hand, ensuring that the receiver receives at least one LoS signal is a particular challenge. For these reasons, the focus has shifted to data-driven approaches such as those based on Artificial Intelligence (AI) [34] , [35] . Consequently, the need for complex and precise analytical models is reduced by considering the effects of multi-path, noise, and path-loss on the train dataset of the AI models. In this context, Reference [36] introduced a CNN-based AoA localization method in a 2-D indoor environment, where the transmitted signal is only affected by noise. Although the elevation angle of the incident signal is not used for localization purposes, it leads to a considerable location error. Therefore, it is essential to consider a 3-D indoor environment. For this reason, the effect of noise on the estimated angle in a 3-D indoor environment measured by DNNs was investigated by the authors in [37] . Similarly, authors in [34] , [35] , [38] proposed a DNN-based localization framework, where the Channel Impulse Response (CSI) is the input of the DNN, which is prone to noise, shadowing, and small-scale fading, increasing the localization error. Blockchain Literature Review: Blockchain is a distributed ledger that uses cryptography, Public Key Infrastructure (PKI), economic modeling, and a shared consensus mechanism to synchronize a distributed database. Blockchain can be considered as a Peer-to-Peer (P2P) network, operating on a large number of distributed devices to securely store/manage information, and transfer immutable append-only transaction logs, which are signed cryptographically [47] . More precisely, blockchain is a hierarchical chain of blocks, where each block stores transactional records with transactions being distributed across the network to improve robustness against unauthorized modifications. Each block header consists of several fields, including the hash field (representing the block's hash value), a field to store hash value of the previous block, the nonce field for consensus algorithm, and the main body field. Hash-value is utilized to secure the constituent block. In this regard, each block appends the hash value of its preceding to provide a secure chain. To ensure integrity of transactions, blocks are included in the distributed ledger with time-stamp and hash value [15] . Each block needs to be mined and validated by all mining nodes across the network, after which the block is appended to the chain and cannot be changed or manipulated afterwards. This process maintains data integrity and provides a tamper-resistant network. Unique characteristics of blockchain models such as decentralized structure, fault-tolerance, persistency, anonymity, transparency, and immutability [15] make them the ideal technology for IoTbased applications [48] , especially, for securely storing CT information in a trustworthy and distributed fashion without dependence on a central processing unit. Recently, blockchain-based and privacy-preserving approaches [42] are proposed in the wake of the COVID-19 outbreak. The main objective is to protect the identity of infected users and prevent the release of fake information or false claims that can produce panic in public. Blockchainbased localization [39] and CT [10] , [40] , [41] have been discussed in recent literature. Most recent researches [10] , [41] , however, mainly focused on data security and location privacy in smart CT services. For instance, Martinez et al. [40] used blockchain to store digitally signed pairwise encounters, which are transferred between users' handheld devices, and also leveraged AI approaches to recognize close contacts. Moreover, the platform is focused on the Sybil attack not deploying localization approaches and designing a privacypreserving blockchain-based platform for CT purposes. Xu et al. [41] , on the other hand, proposed the BeepTrace, which is a platform focusing on user's privacy in the whole CT system. Two blockchains for notification and tracing are implemented, and different positional technologies are used, yet no elaboration is made on the indoor localization approaches. The same issue is observed with Reference [10] , where the authors represent a unified blockchain system for proximity-based CT and location-based CT considering Bluetooth technology. In [43] , a public blockchain is designed to enable each user to upload information, i.e., the hash of the encounters list, about the interaction with others at certain distances and for a certain period of time as qualified encounters. Avitabile et al. [44] defined a robust CT proposal based on BLE leveraging the Diffie-Hellman (DH) secret sharing protocol to protect the system from more sophisticated attacks. Authors in [45] , proposed Bychain as a permissionless blockchain for tracing BLE-enable nodes or Long-Term Evolution (LTE) stations or WiFi access points, based on the location. Some certified nodes collect the information about the close interactions and submit them to the blockchain, and smart contracts will be used for the proof of location without violation of users' privacy. PriLok is proposed in [46] , which is a permissioned blockchain that should be handled by collaboration of various entities, e.g., health and public authorities and telecommunication firms. PriLok uses a cellular network with the idea that the BLE technology and smartphones are not available as they should be specifically for older people. The structure of the TB-ICT framework, as shown in Fig. 1 , consists of the following two main components: (i) Indoor localization platform, and; (ii) The Blockchain network. In this section, we focus on the former category, i.e., the localization, where as can be seen from Fig. 1(a) , the IoT nodes (the BLEenabled mobile devices) exchange their unique ID with other nodes within their local neighborhood. To have an efficient indoor CT model, it is essential to implement a robust localization framework with high accuracy. The proposed localization solution is described below. In this subsection, first we formulate BLE wireless signal model. Then, we present our proposed CNN-based AoA where terms E and T represent the energy and the time interval of the transmitted symbol, respectively. Term φ 0 is the initial phase of the transmitted signal. Finally, term φ(t), denoting the phase deviation, is expressed as where h, known as the modulation index, is between 0.45 to 0.55 in BLE standard. Terms s[n] = ±1 and p(t) denote the baseband pulse sequence and Gaussian Filter (GF), respectively. Finally, the transmitted BLE signal s(t) = Re{s b (t)e j2πfct }, is modulated by Gaussian Frequency-Shift Keying (GFSK), i.e., where N (t) represents the number of detachable paths. Terms ρ k (t, τ ) and τ k (t) denote the attenuation and the delay of the k th path, respectively. In addition, term n(t) represents the AWGN channel, which is modelled by n(t) ∼ N (0, σ 2 ). In a BLE positioning system, the location of users can be obtained from the estimated CIR, i.e., where Θ(θ, φ) denotes the array vector, expressed as follows where θ and φ represent the azimuth and elevation angles, respectively. Term d indicates the space between two consecutive elements of the LAA, which is equal to λ 2 , with λ = c/f c . Finally, term c = 3 × 10 8 m/s is the speed of light. By assuming M samples in each received signal, we have Therefore, the received signal can be expressed as follows 4. AoA Estimation: Given the angle of the incident signal through a subspace-based angle estimation algorithm, we propose to use a CNN model for localization. In this regard, the spatial spectrum of the received signal, denoted by p(θ, φ, t), is calculated in each time slot as follows where E N is the noise eigenvectors of the covariance matrix R = E[r, r H ], and r denotes the received signal. In each time slot, a reshaped angle image is the input of the CNN, which is generated by where the minimum value of p i (θ, φ, t) indicates the incident angle θ. Fig. 2 (b) illustrates a typical angle image, containing 724 sets of AoA measurements generated by the subspace-based algorithm. As can be seen in Fig. 2(b) , the original angle image is of size 4 × 181, reshaped to be an square angle image of size 28 × 28 by zero padding. This completes presentation of the localization platform of the TB-ICT. Next, we focus on the blockchain module. The TB-ICT network is a blockchain infrastructure where each entity act as a node in the system. The nodes are divided into light nodes and full ones, which is a regular categorization within the blockchain context. Several nodes participating in the network are power-constrained mobile devices and cannot store the whole network data as is the case in the classical blockchain frameworks. Referred to as light nodes (as shown in Fig. 1(a) ), power constraint devices only store the data associated with the last 14 days (the period defined and necessary for checking the infection) and can send and receive different transactions in the network, including but not limited to Submission Transaction (ST), Trace Transaction (TT), Query Transaction (QT), Request Transaction (RT), and Alarm Transaction (AT). Light nodes can also act as miners and run the consensus algorithm to mine the block, sign and broadcast it. The TB-ICT network architecture is shown in Fig. 1(b) , which consists of three main components: (i) Mobile Devises: Users in the network acting as light nodes and commute in the environment. The proximity of these nodes to neighboring devices is estimated in a real-time fashion leveraging the TB-ICT localization platform as discussed in Section III. Their contacts will be preserved in their local device to be used, if necessary, in future transactions. These nodes will receive credits (positive or negative) over time based on their proximity-based localization results and/or their behavior in the network. Each mobile device creates a blockchain account and receives public and private keys (P k , S k ) within the initialization phase as the node's unique identifier. The key/pair is used to sign the transactions and create a unique public identifier to be placed in the BLE advertisement packets and to be shared with its neighbours. (ii) Authorized Static Nodes: Static nodes, i.e., the full nodes, are mostly the legally authorized units, which have read access to data in the Infected Users Pool (IUP). The infected persons' data, which is saved in the IUP, is distributed among these nodes and cannot be changed. When an authorized node receives data about the infection of a node (a user is recognized to be infected with COVID-19 in a test center), this data will be broadcasted to the other authorized nodes. Any claim for infection by the users in the network will be validated with these nodes, and in case of any false claim, the claiming node will be punished by receiving negative credit points. (iii) Manager Static Nodes, are specific full nodes responsible for managing (add/delete) the authorized nodes in the network whose public key is hard-coded into the software. Manager node M (denoted by AN M ) can lunch a transaction T X to keep the record of the authorized nodes as follows T X = Sign SK AN M P K AN1 , P K AN2 , . . . , P K ANn , (12) where SK AN M denotes the secret key of the manager and (P K AN1 , P K AN2 , . . . , P K ANn ) represents public key of the other authorized nodes. Since the manager uses his secret key, which cannot be forged to sign the transaction, other authorized nodes can simply fetch the list of the authorized nodes in the blockchain network published by the manager. The number of the manager nodes can be defined based on the distribution of the network and national/provincial policies. Light nodes with high credit and authorized static nodes act as miners in the network. Other nodes can submit different transactions to know about the status of the network (e.g., QT and ST) and/or claim an infectious status as a transaction (i.e., the TT). Interactions between different nodes are shown in Fig. 3 . The TB-ICT architecture is distributed and resilient to potential cyber attacks. Attacks, such as DDoS, Sybil, or double-spending, however, would not be of interest for the malicious nodes, as the proposed platform is inherently designed to securely share and distribute data. There is no monetized structure to urge attackers targeting the system. In any case, the data itself is precious, and the users' information must be kept safe and secure. In this context, most of the existing blockchain-based platforms use the Proof of Work (PoW) consensus protocol, which faces the following key challenges: (i) Network Scalability: The number of blocks that can be processed per unit time represents the throughput of the blockchain network, which shows the platform's scalability; (ii) Security Vulnerabilities: Keeping the submitted records and mined transactions immutable is a security-wise concern that should be proved/improved in a blockchain platform, and; (iii) Computational Complexities: The difficulty level determines the processing power (computational complexity) required to mine a new block. To address these challenges, the proposed TB-ICT is an alternative blockchain platform exploiting the Dynamic PoW (dPoW) Credit-based consensus algorithm along with a Randomized Hash Window (W-Hash), and Dynamic Proof of Credit (dPoC). Next, each of these components are detailed. The introduced Randomized Hash Window, referred to as the W-Hash, is a mechanism to mine a block, which is similar in nature to the randomized sliding window algorithm and the check-points concept [48] . More specifically, a miner continuously mines the current block with a number, i.e., the nonce value, to meet the predefined Difficulty Level (DL) and produces the target hash string. W-Hash makes this hashing process harder, i.e., the W-Hash mechanism slides through the blockchain ledger similar to the sliding window algorithm. In other words, as can be seen in Fig. 4 , the miner should hash the current block along with the sliding window of the previous blocks. For instance, assume W-Hash is 14, and the current block number is 100, the miner should consider the concatenation of block 100 with previous 13 blocks (from 87 to 99) to create the window size of 14. Within the initializing phase of the TB-ICT network, when a W-Hash is larger than the current number of blocks in the blockchain, the W-Hash will be set to zero. Otherwise, the current block will be hashed based on the previous succeeding blocks determined and concatenated considering the W-Hash. In the long term, when more blocks become added to the blockchain, the W-Hash, which is a value between 0 to 100, can be applied to every block. The drawback of such an approach is that the overhead complexity is of O(n), where n denotes the W-Hash value, when compared to the classical blockchain platforms with a constant PoW difficulty level. To address this issue, we propose dPoW difficulty managed by a credit-based evaluation mechanism as discussed next. As stated previously, there is a tradeoff between security and scalability in blockchain networks. The proposed W-Hash solution is an innovative approach to maximize the security of the network. However, W-Hash directly affects the underlying computational complexity, mining costs, and mining time. As stated in [48] , a dynamic approach can be employed to define the different levels to control the rate of the incoming communication traffic and the mining difficulty. Therefore, Dynamic PoW consensus approach and credit-based difficulty level (DL) determination for the nodes in the network is a solution to the added complexity of the W-Hash. Intuitively speaking, the users in the network with higher credit can exploit a much easier difficulty level in the system helping them to easily mine the blocks, and the confidential W-Hash value n will be shared with them securely. On the other hand, a malicious miner now requires both n − 1 blocks and the W-Hash value n to mine a new block. A fraud process and/or faulty behaviors are, therefore, costly as they result in high negative credits for malicious nodes resulting in the higher difficulty. In the TB-ICT framework, we consider two difficulty levels to be applied for the nodes in different circumstances. As can be seen in Table I , Difficulty level 1 (DL e ) has the lowest difficulty achieved by considering the first significant digit of the block hash string, which is calculated by incrementing the nonce continuously and check the results until meeting the difficulty constraints. The first level of difficulty DL e is assigned to the legally authorized nodes and the nodes in the network with a credit larger than a predefined threshold (α d ). Details of the credit evaluation process will be covered later in Section IV-C. Due to the low level of difficulty, even devices with limited computational power (if they meet the constraint set by the credit threshold) can participate in the mining process. The second difficulty level (DL h ) is four times harder than DL e , which is achieved by considering the first four significant digits of the target hash string. Level 4 is considered for the low incoming communication traffic and for dishonest nodes with low credits. Parameters of the dPoW: Similar in nature to Bitcoin, data encryption is implemented in the TB-ICT exploiting Elliptic Curve Cryptography (ECC) with Elliptic Curve Digital Signature Algorithm (ECDSA). The block size in the blockchain of Bitcoin is restricted to 1 megabyte. Unlike the conventional blockchain model [49] , [50] , which has a fixed block size, TB-ICT is designed to have a variable block size considering incorporation of the dPoW approach in its consensus algorithm. Given the variable block size of TB-ICT, we set an upper bound of 1 megabyte for the block size. The variable block size is formulated as follows (13) where S Bc is the current block size, Overhead Bc is the block metadata (number of bytes representing a block), EncryptionOverhead is the number of bytes for current block data encryption, and N data is the number of data samples added to the current block. The difficulty level is defined as follows where D Bc represents the difficulty level of the current block, DL is the level of the difficulty in the dPoW, i.e., DL e or DL h , and the T argetHash is the required string to mine a block. The mining interval of the blocks, representing the average time required to mine a block, can be formulated as where HashRate is a miner's computation power for hash iteration generation per second, and 2 b is responsible for difficulty level (DL) bits control, i.e., 16 bits for the DL h and 4 bits for DL e . Table I , represents the difficulty level in the proposed dynamic structure. Consider a CT network with N nodes number of nodes. Node i, for (1 ≤ i ≤ N nodes ), is assigned a credit CR i (t) at time instant t > 0, which is a parameter altering in realtime based on the node's interactions and behavior in the environment. Normal Behaviors, i.e., following the physical distancing regulations and sending transactions after being recognized as an infected person, will gradually increase the user's credit value over time. On the other hand, abnormal behaviors will diminish the node's credit over time. Abnormal behaviors can be classified into two main categories: • Disease-Related Violations: Breaching the physical distancing regulations and other related rules, which are mostly bond to the proximity-based localization results. • Anomalous Behavior in Blockchain Network: Different anomaly behaviors in the networks including attacks or wrong claims, e.g., false claims of infection to the COVID-19 or failing to share contact information in the case of being diagnosed with COVID-19. Node i, based on its behavior, can receive negative or positive scores resulting in the following credit where t is the current time index, Cr P rox i (t) is the proximitybased credit (which can be positive or negative), and Cr − i (t) ≤ 0 is the received negative credit score, which is calculated based on malicious behaviors of the node in the network. Following Section III, let O i (t) = {o 1 (t), o 2 (t), . . . , o Ni(t) (t)}, denote the set of N i (t) BLE-enabled devices observed by the i th user (excluding the user itself) at time t. Every few seconds, this set of devices can be changed as the user moves within the environment. Based on the distance between user i and a neighboring BLE-enabled device, Node o j , (1 ≤ j ≤ N i (t)), we consider two categories, i.e., immediate nodes (less than 2 meters) and non-immediate node (near or far, when the distance is more than 2 meters). We define P i (o j ) as the credit assigned to Node i based on its proximity to the neighbouring Node o j ∈ O i (t) as follows where L(i, o j (t)) denotes the distance between Agent i and its contact o j (t) at time t. Terms λ − and λ + are the credit calculation coefficients that are defined based on the policy utilized to punish and reward the users. In a difficult situation when the disease is highly contagious and preventing policy should be considered more seriously, both λ − and λ + can have a higher value. As can be seen, keeping a healthy distance will be rewarded by a positive credit. On the other hand, in case of immediate proximity, the node will be charged with a higher negative credit score proportional to its closeness to the other contact. These coefficients allow the model to manage credit weight distribution. Considering Eq. (17), the proximity credit assigned to Node i is calculated as follows where Cr P rox i (t) is adjusted based on the level of healthy preventive behavior practiced by Node i. To measure the total credit value of a node based on the localization result, this value will be added to the previously calculated proximitybased credit to calculate the final credit. Based on the scanning and advertising intervals of the BLE devices, every few seconds, the new credit value of the user will be updated and added to the previously calculated proximity-based credit. Disease-related violations are incorporated into the credit score based on the proximity results obtained from the localization model. Term Cr − i (t) is negatively proportional to the number of anomalous behaviors of Node i, to account for anomalous behaviors, i.e., where m i is the total number of abnormal behaviors performed by user i, t l indicates time point of the l th abnormal behavior, and ∆T represents a unit of time. Term ω(x) is the penalty coefficient and is computed as follows Algorithm 1: TB-ICT Block Mining Algorithm large value, which will make continuous attacking impossible for a faulty node. The difficulty for a specific node is then set as follows A new block is designed to be concatenated with n wh number of former blocks through the dPoW consensus replication approach. Let B j represent the j th block of the blockchain, B c the current block that should be mined, and N c as its nonce value. Hash of the current block (B c ) is formulated as follows where H c is the hash of the current block and n−1 j=1 B c−j denotes the n − 1 W-Hash blocks. If H c meets the difficulty level requirement, i.e., prefix zero length, the block can be mined, and the nonce value is successfully found. Adjusting the difficulty level based on the prefix zero is already discussed in Section (IV-B). A larger minimum required prefix zero makes it more difficult to find the nonce value and to mine a block. Therefore, honest nodes can consume less power in the mining procedure based on the proposed dynamic difficulty level mechanism. In contrast, the malicious nodes will be forced to consume more computational resources, making them unable to conduct any other abnormal behavior. Algorithm 1 summarizes the block mining procedure of the TB-ICT framework. To evaluate the proposed TB-ICT framework, we considered a real experimental testbed in a rectangular indoor area (10 × 10) m 2 , divided into 400 square zones each with dimension of (0.5 × 0.5) m 2 (see Fig. 5(a) ). There are 16 BLE beacons, where the distance between each BLE beacon is equal to 4 m. There exists 1, 000 number of users, where their movements are modeled by a random walk. Six different W-Hash values (0, 20, 40, 60, 80, and 100) are considered to evaluate the proposed system for its two different difficulty levels, i.e., DL e and DL h as are described in Table I . Fig. 6 shows the different times spent to mine a block over different W-Hash values. The W-Hash 0, represents the classical PoW process while the other W-Hash values, concatenate the n W H number of blocks with the current block in order to enter the mining process. These plots are formed based on localization data of 1, 000 indoor users where all the nodes are active (have movements in the environment) and have several interactions. All the interactions are considered to be collected and used to calculate the users' credit over time exploiting Algorithm 1. All the proximities affect the credit value of the user where the close interactions will push negative scores to the credit, while near or far proximities (distances between 2 to 10 meters) will bring positive points to the user's credit. However, when a user is recognized to be infected with COVID-19, only the contacts in immediate distance to that user will be reported in a transaction to the blockchain. This will keep the block's incoming data as little as possible and improves the system's throughput. In our current evaluation setup, we mine 120 blocks and import a mean of 200 number of transactions to each of them. Fig. 7 , shows the median time spent to mine the block for different difficulty levels. Table II , represents the maximum, minimum, and average time required to mine a block based on different difficulty levels. The time spent to mine these blocks based on the W-Hash values completely defines the superiority of the dynamic approach to make the mining process easier for high-credit nodes and legally authorized entities. As the dPoW is based on randomly selecting the W-Hash value for the current block to make the anomaly behavior harder to conduct, the average time spent to mine the block based on two difficulty levels can be a reasonable metric to contrast the applicability of the system. DL e is far much smaller than DL h , providing a much easier procedure for the high credit nodes to mine a block. While in Bitcoin [49] , every 10 minute, a new block can be mined, this process in the TB-ICT framework is much easier and sooner for the high credit nodes. A high credit miner in this network can mine more than one block in each second and add the necessary transactions to the network in a timely fashion. In contrast, this process for the malicious nodes is much longer. Before conducting any attack in the network and any attempt to change the data of the previous blocks, other blocks will be added to the network via the honest nodes, and tampering with the signed distributed data in the network will become harder. Each user can be localized through a set of BLE beacons if the corresponding user is located in the receptive field of that BLE. The localization dataset is generated based on three different channel models: (i) AWGN model, where 10 ≤ SNR ≤ 20 dB; (ii) Rayleigh fading channel, and; (iii) Rayleigh fading channel affected by noise in a 3-D indoor environment. We also consider the destructive effect of the elevation angle on the special spectrum of the AoA measurements in this dataset. We use 76, 545 angle images labeled by their location for training. Fig. 5(b) illustrates a typical angle image, containing 724 sets of AoA measurements generated by the subspace-based algorithm. The original angle image is of size 4 × 181, reshaped to be a square angle image of size 28×28 by zero padding. For the validation and test set, we use 15, 309 and 10, 206 angle images, respectively, which are all previously unseen and randomly chosen. The accuracy and the loss of the proposed CNN-based AoA framework versus the number of epochs are represented in [20] , and UKF TDoA AoA (UKFTA) frameworks. According to the results, the location error of the CNN-based AoA framework is significantly lower than that of its counterparts. By leveraging the proposed CNN-based AoA localization framework implemented and embedded in our blockchain-based application, the proposed TB-ICT framework can positively prevent the spreading of the COVID-19. To evaluate the feasibility of the trustworthy blockchainenabled system in terms of the noise level, we have computed , where the SNR greater than 40 dB and lower than 15 dB are considered excellent and unreliable connections, respectively. Here, the localization dataset is affected by noise, which is modeled by AWGN with 10 ≤ SNR ≤ 20 dB. Fig. 13 illustrates the impact of the SNR on the location accuracy. According to the results in Fig. 13 , increasing the SNR value leads to decreasing the location error. By considering the effect of the low SNR in the range of 10 ≤ SN R ≤ 20 dB on the train dataset of the proposed TB-ICT framework, it can be observed from Fig. 13 that the TB-ICT framework is robust against noise. Infection Spreading Nature: Given the location of users during their movements and to illustrate the performance of the proposed TB-ICT framework, first, we investigate how one infected user can infect other users in its close contact. Fig. 10 evaluates the disease spreading trend. According to the results, one infected user can infect at least 341 users (out of 1000) by considering 2m as the required social distance criteria. Each of these users themselves can infect a large number of users in the environment (second cycle of infection). The contagiousness can be worsened by considering 5 m as shown in Fig. 11) . The credit-based approach can assist with management of the pandemic promoting users to act rationally. As stated previously, abnormal behaviors can be classified into two main categories, i.e., (i) Disease-Related Violations such as breaching the physical distancing rule and the rules related to the disease mostly bond to the proximity-based localization results, and (ii) Anomalous Behavior in Blockchain Network including different attacks or wrong claims, e.g., false claims of infection to the COVID-19 or violating the rule of sharing the last 14 days contact information in case of being diagnosed as infected. In our experiments, 1, 000 users are moving in an indoor venue having interactions with each other. Table III describes these interactions and related credit points exchanged between users based on different algorithms. It can be seen that TB-ICT has better results in gaining credits while the interactions are almost the same. In Fig. 12(a) , average credit scores gained in the first 4, 000 interactions between one random user in the network considering different localization algorithms is illustrated. Agents following the TB-ICT approach are gaining more credit in the environment. This calculation of the credit is based on Eq. (17), while the λ − = 12 and λ + = 2 are considered as the credit calculation coefficients. Alternative coefficient values can be considered based on the pandemic situation and the community reactions. In Fig. 12(b) , credit scores of six sample users out of all 1, 000 users are shown. Any anomalous behavior will also be punished heavily in the TB-ICT network. As Fig. 14 shows, in our experiment, each malicious activity, e.g., attacks in the network, will be punished with a high negative credit score. The nodes that are punished based on these attacks lose the chance to be an honest node in the network or act as a miner. Moreover, Fig. 14 represents the difficulty level (α d ). Nodes with credit values above the threshold line can be considered as honest nodes and participate in the mining process. Difficulty level 1 (DL e ) has the lowest difficulty with considering the first one significant digit of the block hash string. The first level of difficulty is applied to the legal, authorized nodes and the nodes in the network with a credit bigger than a threshold (α d ). As can be seen, malicious behavior directly affects the credit values and can push the nodes' credits below the threshold line. Both nodes 0 and 500 experience this situation and losing their chance to be above the threshold line. As final step, we focus on the security and trustworthiness of the proposed framework in different aspects as below: Removing Centralized Trust, Single Point of Failure and Sybil attack: The TB-ICT platform is a permissionless network without any dependency on centralized trust. Any central dependency increases the risk of data leakage and makes the system susceptible to the single point of failure issue. The TB-ICT is a distributed ledger that inherently has several full nodes having the replicated copy of the whole system. Consequently, the system is resilient to the failure of some of the nodes in the network. Different characteristics of the proposed TB-ICT solution, specifically the dynamic W-Hash proof of credit platform, coupled with inherited features of a blockchain network (being resilient to tampering with the mined and signed information) can be leveraged to guarantee the refusal of the unauthorized and malicious nodes. Guaranteeing the Validity of Shared Data: In a pandemic crisis such as COVID-91, any fake information or false claims can produce a panic in public, therefore, accuracy and correctness of the personalized claims are of vital importance. The proposed dPoC algorithm will prevent publishing any false claims in the network. False or abnormal claims from any node in the network can have significant negative effects on the credit score and pushing the malicious nodes to participate under harder difficulty constraints. The higher level of difficulty, inherently, will prevent a potential attack or abnormal behavior in the network by maximizing the cost of malicious activities. Secure Data Management: Only the unique IDs of the nodes will be shared in the network. When a claim is transmitted in the case of a positive infection result, only the contacts' IDs will be shared in the network. All users' personal information is kept locally on their devices, without the need to be shared. Additionally, data encryption is implemented exploiting ECC with ECDSA to guarantee data security. Computational Complexity: Considering Eq. (22) and Algorithm 1, hash of the current block (B c ) (if the block is not already mined) is the hash of the concatenation of the current block and n wh −1 of the previous blocks with the nonce value. n wh is the current W − Hash value, which is defined and shared between the high-credit and legally authorized nodes based on their credit. To mine the block, miners compete to solve a mathematical puzzle and find the target hash string by adding the nonce in each step via a trial and error procedure. The target hash string in the TB-ICT platform has 64 digits in hexadecimal base. A compressed representation (called "Bits") of the target hash string hex value, e.g., 0x1b0404cb is stored in the blocks. The hexadecimal value is calculated based on this packed form. For example 0000 0000 2F F 4 04CB 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000, hexadecimal string of length 64 and the hash value should be less than this value to mine a block. The leading zeros (eight leading zeros 0000 0000) in the target hash string represent the difficulty level. As can be seen in Table I , for the nodes with higher credits and the legally authorized nodes, the first significant digit (1 digit) of the block hash string is considered the leading zeros. This value will be four significant digits of the block target hash string for the nodes with bad credit scores. To be more precise, lower target values will lead to the greater difficulty of block mining. Assuming the length of target hash string is b bits, for a W − Hash value of size n wh , computational complexity is of O(n wh × t T H ). Term t T H is the required time to generate the target hash string in the search space of 2 b . Therefore, computational complexity is of O(n wh × 2 b ). The malicious node is now forced to find the hashes for all the possible values of the W − Hash sizes, which directly increases its computational complexity and, consequently, the attack's cost. The complexity in this scenario is increased as follows Complexity = O(n wh × (n wh × t T H )) = O(n 2 wh × 2 b ) (23) This attribute also makes other possible attacks such as doublespending and spamming infeasible. Without the W-Hash, the complexity of the network to conduct an attack would be as low as O(t T H ), while this complexity, after applying the hash window, will be O(n 2 × t T H ), which requires n × n more test and operation to find the block's target hash string. Consequently, the security of the network is significantly improved. On the other hand, based on the credit-based platform, any malicious attempts to even break this difficulty level will have an irreversible and high credit punishment, causing even higher computational costs to the faulty nodes. Consistency of TB-ICT Blockchain: In classical blockchain networks, consistency is provided via all miners' agreement on the longest chain, while synchronous updates about the latest block may be unavailable for all the miners at a specific time. More precisely, some miner nodes may receive the latest block, while some others not. The TB-ICT framework can offer a perfect solution for consistency based on the high credit nodes in the network. Keeping track of the credit value of the nodes in the network enables the system to recognize the minimum required number of honest mining nodes that can acknowledge the current length of the chain and guarantee the agreed chain will not be removed or lost from the current chain of the blockchain. In this paper, we proposed a trustworthy blockchain-enabled system for the indoor COVID-19 contact tracing model, which securely identifies contact history of COVID-19 patients in indoor environments. To improve the accuracy of the CT model, we deployed an AI-based localization approach based on BLE sensor measurements. More precisely, a CNN-based AoA estimation framework is applied on the subspace-based angle estimation in a 3-D indoor environment to avoid the need for analytical modeling of noise, path-loss, and multi-path effects. The simulation results showed that the proposed TB-ICT prevents the COVID-19 from spreading by the implementation of a highly accurate contact tracing model while improving the users' privacy and security. The rationale for deploying BLE sensors during the current pandemic time is that they are more ubiquitous in comparison to other technologies such as Ultra-Wideband (UWB). With the emphasis on higher achievable accuracy, a fruitful direction for future research is the use of hybrid UWB/BLE technologies. The Cognitive and Mathematical Foundations of Analytic Epidemiology CovTANet: A Hybrid Tri-level Attention Based Network for Lesion Segmentation, Diagnosis, and Severity Prediction of COVID-19 Chest CT Scans Quantifying SARS-CoV-2 Transmission Suggests Epidemic Control with Digital Contact Tracing World Health Organization, Coronavirus Disease 2019 (COVID-19) Situation Report -66 Feasibility of controlling covid-19 outbreaks by isolation of cases and contacts Survey of Decentralized Solutions with Mobile Devices for User Location Tracking, Proximity Detection, and Contact Tracing in the COVID-19 Era Automated and Partly Automated Contact Tracing: A Systematic Review to Inform the Control of COVID-19 COVID-19 Digital Contact Tracing: Apple and Google Work Together as MIT Tests Validity Closed Environments Facilitate Secondary Transmission of Coronavirus Disease 2019 (COVID-19)," medRxiv Blockchain Meets COVID-19: a Framework for Contact Information Sharing and Risk Notification System Pact: Privacy Sensitive Protocols and Mechanisms for Mobile Contact Tracing Contact Tracing Mobile Apps for COVID-19: Privacy Considerations and Related Trade-offs A Blockchain-Based Trusted Data Management Scheme in Edge Computing A comprehensive review of the covid-19 pandemic and the role of iot, drones, ai, blockchain, and 5g in managing its impact Editorial: Blockchain in Industrial IoT Applications: Security and Privacy Advances, Challenges, and Opportunities Extreme RSS based Indoor Localization for LoRaWAN with Boundary Autocorrelation Memoryless Techniques and Wireless Technologies for Indoor Localization with the Internet of Things Ble Beacons in the Smart City: Applications, Challenges, and Research Opportunities Bluetooth Low Energy-based Angle of Arrival Estimation in Presence of Rayleigh Fading Mobile Localization in Non-Line-of-Sight Using Constrained Square-Root Unscented Kalman Filter Bluetooth Low Energy-based Angle of Arrival Estimation via Switch Antenna Array for Indoor Localization BlueTrace: A privacy-preserving protocol for communitydriven contact tracing across borders Exposure Notification The Security Behind the NHS Contact Tracing App In Coronavirus Fight, China Gives Citizens a Color Code, With Red Flags Belief condensation filtering for RSSI-based state estimation in indoor localization Microlocation for Smart Buildings in the Era of the Internet of Things: A Survey of Technologies, Techniques, and Approaches Subspace Identification for DOA Estimation in Massive/Full-Dimension MIMO Systems: Bad Data Mitigation and Automatic Source Enumeration DoA Estimation and Capacity Analysis for 3-D Millimeter Wave Massive-MIMO/FD-MIMO OFDM Systems Recent Advances in Indoor Localization: A Survey on Theoretical Approaches and Applications CC-KF: Enhanced TOA Performance in Multipath and NLOS Indoor Extreme Environment A Kalman filter for UWB positioning in LOS/NLOS scenarios ToA ranging using subsample peak estimation and equalizer-based multipath reduction CiFi: Deep convolutional neural networks for indoor localization with 5 GHz Wi-Fi Deep Convolutional Neural Networks for Indoor Localization with CSI Images Localization Convolutional Neural Networks Using Angle of Arrival Images Angle-of-Arrival Estimation Using an Adaptive Machine Learning Framework Deep Learning-Based Indoor Localization Using Received Signal Strength and Channel State Information Blockchain-Based Proof of Location Mobile Encounter-based Social Sybil Control Beeptrace: Blockchain-Enabled Privacy-Preserving Contact Tracing for Covid-19 Pandemic and Beyond Blockchain and ai-based solutions to combat coronavirus (covid19)-like epidemics: A survey Algorand's approach to Covid-19 tracing Towards defeating mass surveillance and SARS-CoV-2: The pronto-C2 fully decentralized automatic contact tracing system Towards largescale and privacy-preserving contact tracing in COVID-19 pandemic: A blockchain perspective PriLok: Citizen-protecting distributed epidemic tracing Blockchain Meets Database: Design and Implementation of a Blockchain Relational Database A Checkpoint Enabled Scalable Blockchain Architecture for Industrial Internet of Things Bitcoin: A peer-to-peer electronic cash system An overview of blockchain technology: Architecture, consensus, and future trends As a member of I-SIP Lab, His research interests include signal processing, Reinforcement Learning and distributed IoT Since 2019, she has been an active member of I-SIP Lab at Concordia University. Her research interests include general areas of wireless communication networks with a particular emphasis on Femtocaching Prior to joining Concordia University and for 2 years, he was a Postdoctoral Fellow with the Department of General Co-Chair of Symposium on Advanced Bio-Signal Processing and Machine Learning for Assistive and Neuro-Rehabilitation Systems" as part of 2019 IEEE GlobalSIP, and "Symposium on Advanced Bio-Signal Processing and Machine Learning for Medical Cyber-Physical Systems," as a part of IEEE GlobalSIP'18; The Organizing Chair of 2018 IEEE Signal Processing Society Video and Image Processing (VIP) Cup, and the Lead Guest Editor for IEEE Transactions on Signal & Information Processing over Networks Special Issue on "Distributed Signal Processing for Security and Privacy in Networked Cyber-Physical Systems". He is recipient of several distinguishing awards including the Eshrat Arjomandi Award for outstanding Ph He is a Fellow of ICIC, a Fellow of WIF (UK), a P.Eng. of Canada, and a Senior Member of IEEE and ACM. He has been visiting professor (on sabbatical leaves According to Research Gate statistics, his research profile has reached top 2.5 per cent worldwide, top one to 10 (timely vary in the range) at the University of Calgary, and the most read work in neural networks. He is the recipient of dozens international awards on academic leadership, outstanding contributions