Assignment

Security, privacy of augmented reality systems

Augmented reality (AR) technologies promise to enhance our percepton of and interacton
with the real world. Unlike virtual reality systems, which replace the real world with a
simulated one, augmented reality systems sense propertes of the physical world and
overlay computer-generated visual, audio, and haptc signals onto real-world feedback in
real tme.
We consider the security and privacy concerns associated with AR systems themselves as
well as those that arise from the supportng technologies. Researchers have explored the
idea of augmented reality since the 1960s, when Sutherland described a transparent head-
mounted display showing three-dimensional informaton. Since the 1990s, AR as a research
area has focused on overcoming challenges with display technology, tracking and
registraton to properly align virtual and real objects, user interfaces and human factors,
auxiliary sensing devices, and the design of novel AR applicatons.
However, it is only recently that early-generaton AR technologies have begun shipping
commercially. For example, Google recently released a limited number of its Google Glass,
heads-up glasses for augmented reality applicatons. Many other early-generaton AR
applicatons are enabled by the ubiquity of smartphones and other mobile devices.
Examples include the Word Lens iPhone applicaton — an applicaton that overlays
translated text on the camera’s view of foreign text — and Layer, a geolocaton-based AR
platform that allows developers to create augmented reality layers for the world (e.g., for
game playing).
SDK for Kinect [20], which provides accurate moton sensing by combining an RGB camera,
a depth camera, and a mult-array microphone, has enabled numerous prototype AR
applicatons. In additon to Google Glass, transparent, wearable displays are now available
for research purposes from several companies, such as Vuzix, Lemus, and Meta Space
Glasses.
To begin with, we fnd that AR technologies form an important, new, and fertle playground
for computer security and privacy research and industry. Of course, these technologies
should leverage standard security best practces, such as on-device and network encrypton.
Nevertheless, we fnd unique obstacles such as handling conficts between multple
applicatons sharing an AR system’s output that are simultaneously intellectually challenging
yet surmountable. Other challenges, such as access control for data, are well known in other
arenas but become even more important for AR technologies with their always on, always-
sensing inputs
. Given the future importance of AR technologies, researchers already tackling these issues
in other domains can fnd value in refocusing their atenton on AR applicatons. In additon
to presentng new challenges, AR systems present opportunites for new applicatons that
improve security and privacy. For example, these technologies can provide personal digital
views of content on personal displays. Imagine a password manager that superimposes
visual indicators over the correct keys for a complex password when a user looks at a
keyboard, or an applicaton that alerts the user when someone is lying.
Moreover, In Augmented Reality (AR), user’s main concern includes privacy and safety of
data. Since locaton based services (LBS) are one of the major applicatons of the AR, it is
important to have a privacy-aware management of locaton informaton, providing locaton
privacy for clients against vulnerabilites or abuse. This paper discusses how to protect the
locaton privacy from various privacy threats, which occurred because of the unlimited
usage of LBS, by a scalable architecture.
We have developed an efcient LBS privacy protecton algorithm. In our model, k-
anonymizaton and pseudo-anonymizaton methods are used hand in hand. The proposed
locaton privacy frame work is implemented by an efcient trusted third party server. We
have studied the efciency of our algorithm under diferent conditons using realistc
workloads. Our experiment shows that the k-anonymizaton and the pseudo-anonymizaton
methods used together in our algorithm provide an efcient locaton privacy.
Furthermore, Locaton based services (LBS) are one of the most commonly used services in
Augmented Reality (AR). In LBS, the safety and security of data is one of the most important
things to be taken care. A privacy-aware management of locaton informaton, which
provides locaton privacy for clients against vulnerabilites or abuse, is very much needed.
This paper discusses how to protect the locaton privacy from various privacy threats, which
occurred because of the unlimited usage of LBS, by a scalable architecture. We have
developed an efcient LBS privacy protecton algorithm. In our model, k-anonymizaton and
pseudo-anonymizaton methods have been used hand in hand. The proposed locaton
privacy frame work is implemented by an efcient TTP server. We have studied the
efciency of our algorithm under diferent conditons using realistc workloads. Our
experiment shows that the k-anonymizaton and the pseudo-anonymizaton methods used
together in our algorithm provide an efcient locaton privacy.
Immersive augmented reality (AR) technologies are becoming a reality. Prior works have
identfed security and privacy risks raised by these technologies, primarily considering
individual users or AR devices. However, we make two key observatonss users will not
always use AR in isolaton, but also in ecosystems of other users, and since immersive AR
devices have only recently become available, the risks of AR have been largely hypothetcal
to date. To provide a foundaton for understanding and addressing the security and privacy
challenges of emerging AR technologies, grounded in the experiences of real users, we
conduct a qualitatve lab study with an immersive AR headset, the Microsof HoloLens. We
conduct our study in pairs - 22 partcipants across 11 pairs - wherein partcipants engage in
paired and individual (but physically co-located) HoloLens actvites.
Through semi-structured interviews, we explore partcipantss security, privacy, and other
concerns, raising key fndings. For example, we fnd that despite the HoloLensss limitatons,
partcipants were easily immersed, treatng virtual objects as real (e.g., stepping around
them for fear of tripping). We also uncover numerous security, privacy, and safety concerns
unique to AR (e.g., deceptve virtual objects misleading users about the real world), and a
need for access control among users to manage shared physical spaces and virtual content
embedded in those spaces. Our fndings give us the opportunity to identfy broader lessons
and key challenges to inform the design of emerging single-and mult-user AR technologies.
To conclude, challenges with Multple Applicatons Though AR applicatons are ofen
conceived and prototyped in isolaton, we can expect that future AR platforms, like those
built on Google Glass or the Microsof Kinect, will support multple applicatons running
simultaneously, sharing input and output devices, and exposing data and APIs to each other.
Researchers must antcipate these developments and ensure that an “operatng system for
augmented reality” is designed with appropriate consideratons for security and privacy.

Security Threats Lurking Behind the Augmented and Virtual Reality Boom
References
Kohno, T. (2014, April). Security and Privacy for Augmented Reality Systems. Retrieved from
ResearchGates
htpss//www.researchgate.net/publicaton/262235821_Security_and_Privacy_for_A
ugmented_Reality_Systems
Roesner, F. (2012). Security and Privacy for Augmented Reality Systems. Security and
Privacy for Augmented Reality Systems, 10.