Sharing a paper written for my UMUC course, 459, Evaluating Emerging Technologies, on Optical Head-Mounted Display technology such as Google Glass. This was written as a technology selection paper for a fictitious company's executive management team, as a recommendation for implementing Optical Head-Mounted Display (OHMD) technology, such as Google Glass®, in an upcoming budget cycle. The paper was originally formatted in APA but copy/paste broke that.
Technology Selection Paper
Recommendation for Optical Head-Mounted Display Technology
Anthony Scarola
University of Maryland University College
Introduction and Overview
Inventor Edgar B. Lewis of Garden City, New York, filed a patent application in 1976 for a “high-resolution vision system”, which included a “head-mounted display that is used by an observer to view the image” (Lewis, 1977, Abstract). See Figure 1.
Figure 1: High-Resolution Vision System (Lewis, 1977)
Optical head-mounted displays more closely integrate people with technology to provide sensory enhancements; however, with the right combination of back-end compute technology, OHMD can provide much more in the area of information security and risk mitigation. Although Edgar’s device apparently did not have any type of integrated computer, it did augment the wearer’s human capabilities to give him or her enhanced vision of their surroundings. When used as an input/output device for a computer system, today’s OHMD technology can provide the wearer many more capabilities. For example, OHMD technology such as Google Glass® (hereafter called Glass), and Sony SmartEyeglass headsets provide the wearer full connectivity to stored data, compute power and applications, video and audio recording, and a messaging and voice telecommunications device. See Figure 2 and 3.
Figure 2: Google Glass (Forinash, 2015, p. 610)
Figure 3: Sony SmartEyeglass (Neves, 2015)
Glass, according to Forinash, (2015), was initially developed for consumer use, but in January 2015, the Glass program was reformulated for professional applications (p. 609). Today, according to Google (2015), there are at least ten certified Glass partners including AMA, APX Labs, Augmate, Augmedix, CrowdOptic, GuidiGo, Interapt, Pristine, Wearable Intelligence, and Ubimax. These companies are developing enterprise-class solutions for Glass including those for the medical field, telemedicine, live-surgery demonstrations, and remote medical training; these provide real-time access to enterprise data; analytics applications; secure video communications; and more. By using the Glass hardware along with the appropriate applications and enterprise-level information, and providing it to our employees along with appropriate training, this tool can be used as a security control to mitigate information security risk within our organization, as well as a business-enhancing tool to build new relationships, obtain and retain new customers.
Recommendation
Considering the research and professional literature, wearable OHMD computing technology such as Glass, paired with back-end computing and applications, could be used today by business organizations such as our own, and government organizations, as well as others with a strong need to protect the confidentiality and integrity of sensitive information and facilities. It is recommended that our institution fit all receptionists with Glass technology, to use the OHMD technology to detect and recognize all customers entering our facilities. This, when paired with appropriate response procedures, will help to mitigate common physical and logical vulnerabilities dealing with existing limitations in people, processes, and technology, thereby increasing the confidentiality and integrity of the confidential information stored and processed by our organization.
Costs and Benefits
The overall expense related to OHMD technology is miniscule considering the potential benefits such as the increased security capabilities, increased confidentiality and integrity. As the expense related to incident response and recovery can be very high (approximately $154 per record, according to IBM and Ponemon, (Ponemon, 2015)), the initial outlay will be paid for with each breach that is successfully mitigated. The battery life of OHMD is also currently very limited, and this means that we will need to continue researching and developing solutions to perform quick charging, or develop alternate methods to enhance the battery capacity for commercial use (LiKamWa, Wang, Carroll, Lin, and Zhong, 2014). This may add additional expense for deploying the technology, company-wide, and should be considered at the onset.
Glass technology has the appropriate sensors, such as a video camera and microphone, that when combined, will be used to detect and identify people initially entering into the field of view of the wearer (Templeman, Hoyle, Crandall, and Kapadia, 2014; Nguyen and Gruteser, 2015). These, when used together, can help to detect, prevent, and allow employees to respond to potential attacks. The software, when combined with the appropriate back-end hardware, could immediately detect a number of elements about the individual to include gender, age, height, and general emotional level (Tanveer and Hoque, 2014; Hernandez and Picard, 2014). All of this information could then be fed to in-house and online law enforcement databases to provide a full profile of the individual, which could then be used by the employee to determine a) if the individual is a customer of the institution or not, b) if the individual intends to potentially cause harm to the institution, and c) for cases where the individual is not a customer, determination as to whether the individual is wanted by law enforcement (Christian et al., 2014). Clearly, by pairing these detection capabilities with appropriate response procedures for each case, the confidentiality and integrity of company information and related systems will be significantly increased.
For cases where the individual is a customer, immediate recognition would greatly enhance the customer’s experience and overall relationship with the institution. For example, an employee could then greet the individual by name and ask about personal business items previously discussed and captured. Imagine a conversation between an employee wearing Glass and a customer: “Hello Mr. Warren! How is your brother Mark doing after his recent trip to Panama? Are you interested in opening that auto loan we discussed last month when you last visited? What about a property insurance policy to cover your new engagement bands?” On the contrary, for any criminals entering the facility claiming the identity of an existing customer, identified as having elevated levels of anger, OHMD can provide a warning flag and an appropriate response plan of notifying law enforcement (e.g., pressing the panic button) by simply swiping and tapping the side-mounted touch panel.
Receptionists and other front-line employees wearing Glass can also use this technology to log in and authenticate to the network, providing non-repudiation. They would do so by either looking at a virtual keyboard—blinking to select password letters—or by using the touch sensor on the right-hand side of the unit to select the characters (Ali, 2015). The built-in camera could also perform a retina scan of the wearer. This would help to thwart the risk of any would-be criminals from shoulder-surfing employees entering such credentials, thereby protecting sensitive access credentials. This clearly protects the confidentiality and data integrity of any information accessible to the actual employee.
Vulnerabilities and Risks
There may also be challenges with the implementation of this new technology. For one issue, customers wearing Glass may use it to steal information (e.g., sensitive information contained on papers on employee’s desks), or to monitor the security of the facility (i.e. cameras, lighting, etc.) for later nefarious use such as identity theft. This can be combatted with a sensor at the entrance and automatic ‘kill switch’ disabling the technology if not previously recognized as ‘trusted’ by our Information Technology team (Said, 2014). In addition, customers may have concerns about their own personal privacy (e.g., employees taking pictures or recording video of customers for later use) (Yus et al., 2014). With any new technology that will be worn and seen by others, due to simple human curiosity or other reasons, there may also be some disturbance issues, such as having to address and explain the technology and purpose to customers, and clearly this may take additional time and manpower (Xu et al., 2015). Also, some customers may find the wearers of OHMD technology to be abnormal or ‘weird’ and may treat them differently than others (Ware, 2014).
Closing
In summary, wearable OHMD computing technology such as Glass will significantly improve the confidentiality and integrity of the stored and processed confidential information in our environment by reducing existing vulnerabilities in people, processes, and technology. Employees wearing the technology will be able to recognize customers and detect potential criminals, and, will be able to prevent potential attacks. In addition, they will be able to better protect their network access credentials from inadvertent loss. As with any new technology, there will be issues; however, nothing insurmountable, or not easily rectified by enhanced customer education and awareness programs. It is recommended that we begin performing additional research and development on Glass, reviewing power enhancements, and plan a future implementation, as the security of our customers’ sensitive information—and our company’s reputation—is at stake.
References
Ali, A. (2015). Sequential gestural passcodes on Google Glass. Proceedings of the 17th International ACM SIGACCESS Conference on Computers & Accessibility (ASSETS '15). ACM, New York, NY, USA, 359-360. DOI=http://dx.doi.org/10.1145/2700648.2811326
Christian, M., Depaz, A., Grimm, M., Lartigue, J. W., Sweatland, R., & Talley, C. (2014). Google glass for public safety: leveraging Google Glass for automatic information retrieval and notification by public safety officers in the field. Proceedings of the 2014 ACM Southeast Regional Conference (ACM SE '14). ACM, New York, NY, USA, , Article 34 , 3 pages. DOI=http://dx.doi.org/10.1145/2638404.2638501
Forinash, D. B. (2015). Google glass. CALICO Journal, (3), 609. Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edsgic&AN=edsgcl.430169028&site=eds-live&scope=site
Google. (2015). Glass at work: Glass certified partners [Web site]. Google Developers. Retrieved from https://developers.google.com/glass/distribute/glass-at-work?hl=en
Hernandez, J., & Picard, R. W. (2014). SenseGlass: Using google glass to sense daily emotions. Proceedings of the adjunct publication of the 27th annual ACM symposium on User interface software and technology (UIST'14 Adjunct). ACM, New York, NY, USA, 77-78. DOI=http://dx.doi.org/10.1145/2658779.2658784
Lewis, E. (1977). High-resolution vision system (Abstract). Retrieved from http://ezproxy.umuc.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edspgr&AN=edspgr.04028725&site=eds-live&scope=site
LiKamWa, R., Wang, Z., Carroll, A., Lin, F. X., & Zhong, L. (2014). Draining our glass: An energy and heat characterization of Google Glass. Proceedings of 5th Asia-Pacific Workshop on Systems (APSys '14). ACM, New York, NY, USA, Article 10, 7 pages. DOI=http://dx.doi.org/10.1145/2637166.2637230
National Institute of Standards and Technology (NIST) GCR 02-841. (2003, February 14). Between invention and innovation: An analysis of funding for early-stage technology development. Advanced Technology Program. Retrieved from http://www.atp.nist.gov/eao/gcr02-841/chapt2.htm
Neves, L. (2015, October 16). Sony sed-e1 smarteyeglass gives you a sneak peek into the future. Marketwired. Retrieved from http://www.marketwired.com/press-release/sony-sed-e1-smarteyeglass-gives-you-sneak-peek-into-future-more-info-available-b-h-2064602.htm
Nguyen, V., & Gruteser, M. (2015). First Experiences with GOOGLE GLASS in mobile research. GetMobile: Mobile Comp. and Comm. 18, 4 (January 2015), 44-47. DOI=http://dx.doi.org/10.1145/2721914.2721931
Ponemon, L. (2015, May 27). Cost of data breaches rising globally, says ‘2015 cost of a data breach study: global analysis’. Security Intelligence. Retrieved from https://securityintelligence.com/cost-of-a-data-breach-2015/
Said, C. (2014, April 16). Smartphone 'kill switches' on the way. SFGATE. Retrieved from http://www.sfgate.com/news/article/Smartphone-kill-switches-on-the-way-5405455.php
Tanveer, M. I., & Hoque, M. E. (2014). A google glass app to help the blind in small talk. Proceedings of the 16th international ACM SIGACCESS conference on Computers & accessibility (ASSETS '14). ACM, New York, NY, USA, 297-298. DOI=http://dx.doi.org/10.1145/2661334.2661338
Templeman, R., Hoyle, R., Crandall, D., & Kapadia, A. (2014). Reactive security: responding to visual stimuli from wearable cameras. Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication (UbiComp '14 Adjunct). ACM, New York, NY, USA, 1297-1306. DOI=http://dx.doi.org/10.1145/2638728.2641708
Ware, J. (2014). Social norms influence student journalists' perception of wearable technologies. Proceedings of the 32nd ACM International Conference on The Design of Communication CD-ROM (SIGDOC '14). ACM, New York, NY, USA, , Article 23 , 2 pages. DOI=http://dx.doi.org/10.1145/2666216.2666238
Xu, Q., Mukawa, M., Li, L., Lim, J. H., Tan, C., Chia, S. C., Gan, T., & Mandal, B. (2015). Exploring users' attitudes towards social interaction assistance on Google Glass. Proceedings of the 6th Augmented Human International Conference (AH '15). ACM, New York, NY, USA, 9-12. DOI=http://dx.doi.org/10.1145/2735711.2735831
Yus, R., Pappachan, P., Das, P. K., Mena, E., Joshi, A., & Finin, T. (2014). Demo: FaceBlock: privacy-aware pictures for google glass. Proceedings of the 12th annual international conference on Mobile systems, applications, and services (MobiSys '14). ACM, New York, NY, USA, 366-366. DOI=http://dx.doi.org/10.1145/2594368.2601473