The Security-Utility Trade-off for Iris Authentication and Eye Animation for Social Virtual Avatars

John, Brendan; Jörg, Sophie; Koppal, Sanjeev J.; Jain, Eakta

doi:10.1109/tvcg.2020.2973052

Cited by 24 publications

(11 citation statements)

References 75 publications

(80 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Method. From the 68 selected studies, we identified 5 studies that proposed a VR information flow [37], [84], [25], [137], [46] and 21 with an explicit discussion or proposal for VR defense and (predominantly) threat models [28], [116], [26], [37], [84], [64], [55], [27], [29], [65], [56], [123], [42], [58], [113], [30], [134], [112], [95], [67], [6]. Two researchers extracted, discussed, and combined the associated artifacts, resulting in a holistic VR information flow that frames our threat and defense models.…”

Section: Vr Threat and Defense Modelsmentioning

confidence: 99%

“…The collected studies discussing or proposing threat models consider application developers [26], [84], [64], [55], [27], [29], [65], [56], [123], [42], [113], [30], [67], servers [30], [84], [6], content creators [37], [84], device manufacturers [116], [84], other users [112], [134], [95], and hackers 1 [37], [123], [58] as the attackers in VR, or rely on general privacy threat models like Lindunn [31], [60], [28], [64]. Based on these studies, we adopt a more comprehensive and pervasive privacy-centered attacker classification specific to VR that encompasses the privacy repercussions of the above threat models.…”

Section: Vr Threatsmentioning

confidence: 99%

See 1 more Smart Citation

SoK: Data Privacy in Virtual Reality

Garrido¹,

Nair²,

Song³

2023

Preprint

View full text Add to dashboard Cite

The adoption of virtual reality (VR) technologies has rapidly gained momentum in recent years as companies around the world begin to position the so-called "metaverse" as the next major medium for accessing and interacting with the internet. While consumers have become accustomed to a degree of data harvesting on the web, the real-time nature of data sharing in the metaverse indicates that privacy concerns are likely to be even more prevalent in the new "Web 3.0." Research into VR privacy has demonstrated that a plethora of sensitive personal information is observable by various wouldbe adversaries from just a few minutes of telemetry data. On the other hand, we have yet to see VR parallels for many privacy-preserving tools aimed at mitigating threats on conventional platforms. This paper aims to systematize knowledge on the landscape of VR privacy threats and countermeasures by proposing a comprehensive taxonomy of data attributes, protections, and adversaries based on the study of 68 collected publications. We complement our qualitative discussion with a statistical analysis of the risk associated with various data sources inherent to VR in consideration of the known attacks and defenses. By focusing on highlighting the clear outstanding opportunities, we hope to motivate and guide further research into this increasingly important field.

show abstract

Section: Vr Threat and Defense Modelsmentioning

confidence: 99%

Section: Vr Threatsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Garrido¹,

Nair²,

Song³

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…In response to the problems mentioned above, we hope to find corresponding protection mechanisms or potential countermeasures in the literature. While 13 papers (Gavrilova and Yampolskiy, 2010;Boukhris et al, 2011;Mohamed and Yampolskiy, 2012;Yampolskiy et al, 2012;Bader and Ben Amara, 2014a;Bader and Ben Amara, 2014b;Bader and Ben Amara, 2016;Bader and Ben Amara, 2017;Falchuk et al, 2018;Pfeuffer et al, 2019;John et al, 2020;Lake, 2020) have explicitly addressed one or several identity and privacy issues and proposed corresponding protection mechanisms, works that have presented techniques or design guidelines that provide potential solutions in the area of virtual reality are also included and analyzed. Based on their characteristics and objectives, we have subdivided them into the following categories.…”

Section: Protectionsmentioning

confidence: 99%

“…On the other hand, instead of seeking to improve the performance of authentication, John et al (2020) implemented and evaluated a hardware-based eye-tracking defocus configuration that prevents biometric leaking during eye animation and iris authentication. Their evaluations reveal the security-utility trade-off between iris authentication and eye animation performance and suggest two different defocus configurations for each preference.…”

Section: Referencesmentioning

confidence: 99%

“…However, most current methods still require specific scenarios or tasks, and the way forward should be continuous authentication of users regardless of the environment and their activities. Additionally, research such as John et al (2020) that considers the trade-off between the use of biometrics and potential privacy breaches deserves more attention.…”

Section: User Authenticationmentioning

confidence: 99%

See 1 more Smart Citation

Digital body, identity and privacy in social virtual reality: A systematic review

Lin

Latoschik

2022

Front. Virtual Real.

View full text Add to dashboard Cite

Social Virtual Reality (social VR or SVR) provides digital spaces for diverse human activities, social interactions, and embodied face-to-face encounters. While our digital bodies in SVR can in general be of almost any conceivable appearance, individualized or even personalized avatars bearing users’ likeness recently became an interesting research topic. Such digital bodies show a great potential to enhance the authenticity of social VR citizens and increase the trustworthiness of interpersonal interaction. However, using such digital bodies might expose users to privacy and identity issues such as identity theft: For instance, how do we know whether the avatars we encounter in the virtual world are who they claim to be? Safeguarding users’ identities and privacy, and preventing harm from identity infringement, are crucial to the future of social VR. This article provides a systematic review on the protection of users’ identity and privacy in social VR, with a specific focus on digital bodies. Based on 814 sources, we identified and analyzed 49 papers that either: 1) discuss or raise concerns about the addressed issues, 2) provide technologies and potential solutions for protecting digital bodies, or 3) examine the relationship between the digital bodies and users of social VR citizens. We notice a severe lack of research and attention on the addressed topic and identify several research gaps that need to be filled. While some legal and ethical concerns about the potential identity issues of the digital bodies have been raised, and despite some progress in specific areas such as user authentication has been made, little research has proposed practical solutions. Finally, we suggest potential future research directions for digital body protection and include relevant research that might provide insights. We hope this work could provide a good overview of the existing discussion, potential solutions, and future directions for researchers with similar concerns. We also wish to draw attention to identity and privacy issues in social VR and call for interdisciplinary collaboration.

show abstract