SpaceMediator: Leveraging Authorization Policies to Prevent Spatial and Privacy Attacks in Mobile Augmented Reality

Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies Pub Date : 2023-05-24 DOI:10.1145/3589608.3593839

Luis Claramunt, Carlos E. Rubio-Medrano, Jaejong Baek, Gail-Joon Ahn

{"title":"SpaceMediator: Leveraging Authorization Policies to Prevent Spatial and Privacy Attacks in Mobile Augmented Reality","authors":"Luis Claramunt, Carlos E. Rubio-Medrano, Jaejong Baek, Gail-Joon Ahn","doi":"10.1145/3589608.3593839","DOIUrl":null,"url":null,"abstract":"Mobile Augmented Reality (MAR) is a portable, powerful, and suitable technology that integrates digital content , e.g., 3D virtual objects, into the physical world, which not only has been implemented for multiple intents such as shopping, entertainment, gaming, etc., but it is also expected to grow at a tremendous rate in the upcoming years. Unfortunately, the applications that implement MAR, hereby referred to as MAR-Apps, bear security issues, which have been imaged in worldwide incidents such as robberies, which has led authorities to ban MAR-Apps at specific locations. Existing problems with MAR-Apps can be classified into three categories: first, Space Invasion , which implies the intrusive modification through MAR of sensitive spaces, e.g., hospitals, memorials, etc. Second, Space Affectation , which involves the degradation of users’ experience via interaction with undesirable MAR or malicious entities. Finally, MAR-Apps mishandling sensitive data leads to Privacy Leaks . To alleviate these concerns, we present an approach for Policy-Governed MAR-Apps, which allows end-users to fully control under what circumstances, e.g., their presence inside a given sensitive space, digital content may be displayed by MAR-Apps. Through SpaceMediator , a proof-of-concept MAR-App that imitates the well-known and successful MAR-App Pokémon GO, we evaluated our approach through a user study with 40 participants, who recognized and prevented the issues just described with success rates as high as 92.50%. Furthermore, there is an enriched interest in Policy-Governed MAR-Apps as 87.50% of participants agreed with it, and 82.50% would use it to implement content-based restrictions in MAR-Apps. These promising results encourage the adoption of our solution in future MAR-Apps","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"105 1","pages":"79-90"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3589608.3593839","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Mobile Augmented Reality (MAR) is a portable, powerful, and suitable technology that integrates digital content , e.g., 3D virtual objects, into the physical world, which not only has been implemented for multiple intents such as shopping, entertainment, gaming, etc., but it is also expected to grow at a tremendous rate in the upcoming years. Unfortunately, the applications that implement MAR, hereby referred to as MAR-Apps, bear security issues, which have been imaged in worldwide incidents such as robberies, which has led authorities to ban MAR-Apps at specific locations. Existing problems with MAR-Apps can be classified into three categories: first, Space Invasion , which implies the intrusive modification through MAR of sensitive spaces, e.g., hospitals, memorials, etc. Second, Space Affectation , which involves the degradation of users’ experience via interaction with undesirable MAR or malicious entities. Finally, MAR-Apps mishandling sensitive data leads to Privacy Leaks . To alleviate these concerns, we present an approach for Policy-Governed MAR-Apps, which allows end-users to fully control under what circumstances, e.g., their presence inside a given sensitive space, digital content may be displayed by MAR-Apps. Through SpaceMediator , a proof-of-concept MAR-App that imitates the well-known and successful MAR-App Pokémon GO, we evaluated our approach through a user study with 40 participants, who recognized and prevented the issues just described with success rates as high as 92.50%. Furthermore, there is an enriched interest in Policy-Governed MAR-Apps as 87.50% of participants agreed with it, and 82.50% would use it to implement content-based restrictions in MAR-Apps. These promising results encourage the adoption of our solution in future MAR-Apps

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

利用授权策略防止移动增强现实中的空间和隐私攻击

移动增强现实(MAR)是一种便携、强大、合适的技术，它将数字内容(如3D虚拟对象)集成到物理世界中，不仅用于购物、娱乐、游戏等多种目的，而且预计在未来几年将以惊人的速度增长。不幸的是，执行MAR的应用程序(以下简称MAR- apps)存在安全问题，这些问题在全球范围内的抢劫等事件中被发现，这导致当局在特定地点禁止MAR- apps。MAR- apps存在的问题可以分为三类:一是空间入侵，即通过MAR侵入性地修改敏感空间，如医院、纪念馆等。第二，空间影响，这涉及通过与不受欢迎的MAR或恶意实体的交互而降低用户体验。最后，mar应用程序对敏感数据的处理不当会导致隐私泄露。为了减轻这些担忧，我们提出了一种策略管理的MAR-Apps方法，它允许最终用户完全控制在什么情况下，例如，他们在给定的敏感空间内的存在，MAR-Apps可以显示数字内容。通过SpaceMediator，一款模仿著名且成功的MAR-App poksammon GO的概念验证MAR-App，我们通过40名参与者的用户研究评估了我们的方法，他们识别并防止了刚才描述的问题，成功率高达92.50%。此外，对policy - controlled MAR-Apps的兴趣浓厚，87.50%的参与者同意它，82.50%的参与者将使用它在MAR-Apps中实现基于内容的限制。这些有希望的结果鼓励在未来的mar应用程序中采用我们的解决方案

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies

自引率

0.00%

发文量