AREA Issues RFP for Research on Deployment of Wearable AR in Highly Secure Corporate Environments

To date, AREA members have funded 11 AR research projects on a wide range of timely topics critical to the adoption of enterprise AR. Now the AREA is pleased to announce a call for proposals for its 12^th research project, which will examine the landscape of cybersecurity threats and mitigation measures, recommend strategies for reducing attack surfaces, and develop running code to permit AREA members to test SSO and secure data retrieval using wearable AR devices. Building on prior research, commissioned by the AREA in its first research project in 2017, this project will address topics such as:

• Demonstrate per-app session authentication with modern cloud or on-premises IT services within applications built with the Unity game engine for AR platforms (e.g., HoloLens, iPhone, Magic Leap), without the use of closed-source, third-party plugins
• Demonstrate authentication functionality through example Unity project(s) and services environment (e.g., AWS), buildable for AR platforms
• Demonstrate authentication from multiple users for separate sessions on a shared AR devices
• Outline framework and architecture in authenticating sessions within Unity apps on AR platforms and how it may differ from Windows-based approaches
• How to implement identity gating and connect with existing enterprise IT security systems (e.g., Azure, AWS) in AR applications built with game engines (e.g., Unity applications for HoloLens)
• Mechanisms to keep sensitive proprietary data safe from risk vectors when authoring or using AR applications (e.g., destroying data upon application exit and/or timeout)
• Frameworks to effectively assess the practical cyber threat of introducing new AR devices to a secure enterprise environment
• STRETCH GOAL How federated identity and Single Sign On (SSO) works in the context of AR
• STRETCH GOAL: The applicability of existing open authentication standards for use in AR in the enterprise
• STRETCH GOAL: Assessment of how smartcards work via USB-C adapter, retina scanning and Bluetooth keyboards can be used for username/passwords

This AREA research project will produce: an updated framework to understand the areas of risk and potential impact unique to AR devices and AR software, so that proper mitigation measures can be designed, a decision support tool based on the framework, code in a cloud environment for testing SSO and secure data retrieval methods, a gap analysis that can be published to guide future work in consensus-based SDOs focusing on security protocols, an executive summary of the project, and a member-exclusive webinar.

The AREA Research Committee budget for this project is $15,000. Organizations interested in conducting this research for the fixed fee are invited to submit proposals. All proposals must be submitted by 12 noon Eastern Daylight Time on 21st March 2023.

Full information on the project needs, desired outcomes and required components of a winning proposal, including a submission form, can be found here.

If you have any questions concerning this project or the AREA Research Committee, please email the Research Committee.