{"id":"https://openalex.org/W4417025505","doi":"https://doi.org/10.1145/3756884.3766045","title":"Beyond the Headset: A Systematization of Knowledge on Extended Reality Privacy and Security in Healthcare","display_name":"Beyond the Headset: A Systematization of Knowledge on Extended Reality Privacy and Security in Healthcare","publication_year":2025,"publication_date":"2025-11-12","ids":{"openalex":"https://openalex.org/W4417025505","doi":"https://doi.org/10.1145/3756884.3766045"},"language":null,"primary_location":{"id":"doi:10.1145/3756884.3766045","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3756884.3766045","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3756884.3766045","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 31st ACM Symposium on Virtual Reality Software and Technology","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3756884.3766045","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Nafisa Anjum","orcid":"https://orcid.org/0009-0001-8655-130X"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nafisa Anjum","raw_affiliation_strings":["Dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA"],"raw_orcid":"https://orcid.org/0009-0001-8655-130X","affiliations":[{"raw_affiliation_string":"Dept. of Computer Science, Kennesaw State University, Marietta, Georgia, USA","institution_ids":["https://openalex.org/I172980758"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5069998359","display_name":"M. Rasel Mahmud","orcid":"https://orcid.org/0000-0003-2094-8192"},"institutions":[{"id":"https://openalex.org/I172980758","display_name":"Kennesaw State University","ror":"https://ror.org/00jeqjx33","country_code":"US","type":"education","lineage":["https://openalex.org/I172980758"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M Rasel Mahmud","raw_affiliation_strings":["Assistant Professor Computer Science, Kennesaw State University, MARIETTA, Georgia, USA"],"raw_orcid":"https://orcid.org/0000-0003-2094-8192","affiliations":[{"raw_affiliation_string":"Assistant Professor Computer Science, Kennesaw State University, MARIETTA, Georgia, USA","institution_ids":["https://openalex.org/I172980758"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I172980758"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.19716837,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.18850000202655792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.18850000202655792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.07329999655485153,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.07039999961853027,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6592000126838684},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5983999967575073},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.555400013923645},{"id":"https://openalex.org/keywords/artifact","display_name":"Artifact (error)","score":0.5253999829292297},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.47119998931884766},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.3928000032901764},{"id":"https://openalex.org/keywords/transformative-learning","display_name":"Transformative learning","score":0.3846000134944916}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6592000126838684},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6502000093460083},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5983999967575073},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.555400013923645},{"id":"https://openalex.org/C2779010991","wikidata":"https://www.wikidata.org/wiki/Q2720909","display_name":"Artifact (error)","level":2,"score":0.5253999829292297},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.47119998931884766},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3928000032901764},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.388700008392334},{"id":"https://openalex.org/C70587473","wikidata":"https://www.wikidata.org/wiki/Q7834111","display_name":"Transformative learning","level":2,"score":0.3846000134944916},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.38100001215934753},{"id":"https://openalex.org/C2779965156","wikidata":"https://www.wikidata.org/wiki/Q5227350","display_name":"Data sharing","level":3,"score":0.36320000886917114},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3447999954223633},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.3091000020503998},{"id":"https://openalex.org/C2778464652","wikidata":"https://www.wikidata.org/wiki/Q309849","display_name":"Open research","level":2,"score":0.29840001463890076},{"id":"https://openalex.org/C2989086416","wikidata":"https://www.wikidata.org/wiki/Q15067276","display_name":"Healthcare industry","level":3,"score":0.2953999936580658},{"id":"https://openalex.org/C150594956","wikidata":"https://www.wikidata.org/wiki/Q1334829","display_name":"Wearable computer","level":2,"score":0.29350000619888306},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.2928999960422516},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.27390000224113464},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.2565000057220459}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3756884.3766045","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3756884.3766045","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3756884.3766045","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 31st ACM Symposium on Virtual Reality Software and Technology","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3756884.3766045","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3756884.3766045","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3756884.3766045","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 31st ACM Symposium on Virtual Reality Software and Technology","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4417025505.pdf"},"referenced_works_count":86,"referenced_works":["https://openalex.org/W1600319694","https://openalex.org/W2136928336","https://openalex.org/W2162003954","https://openalex.org/W2173536757","https://openalex.org/W2566568033","https://openalex.org/W2697842147","https://openalex.org/W2751179444","https://openalex.org/W2777848512","https://openalex.org/W2785355036","https://openalex.org/W2789713441","https://openalex.org/W2789825598","https://openalex.org/W2794421626","https://openalex.org/W2794478211","https://openalex.org/W2801319966","https://openalex.org/W2885553494","https://openalex.org/W2903918834","https://openalex.org/W2933955319","https://openalex.org/W2934604820","https://openalex.org/W2941915966","https://openalex.org/W2943320313","https://openalex.org/W2944869487","https://openalex.org/W2947079594","https://openalex.org/W2952077627","https://openalex.org/W2969788497","https://openalex.org/W2985508139","https://openalex.org/W3004004481","https://openalex.org/W3005890490","https://openalex.org/W3007364799","https://openalex.org/W3028219535","https://openalex.org/W3041682367","https://openalex.org/W3048173041","https://openalex.org/W3049568452","https://openalex.org/W3081954960","https://openalex.org/W3111064981","https://openalex.org/W3127185310","https://openalex.org/W3147181238","https://openalex.org/W3160773084","https://openalex.org/W3161847995","https://openalex.org/W3162266527","https://openalex.org/W3163818328","https://openalex.org/W3195424280","https://openalex.org/W3210626783","https://openalex.org/W3215995064","https://openalex.org/W4221029209","https://openalex.org/W4224213238","https://openalex.org/W4224236909","https://openalex.org/W4224246934","https://openalex.org/W4224265009","https://openalex.org/W4225393380","https://openalex.org/W4252476960","https://openalex.org/W4281661267","https://openalex.org/W4290739304","https://openalex.org/W4297156468","https://openalex.org/W4297156538","https://openalex.org/W4297358933","https://openalex.org/W4307472776","https://openalex.org/W4308935891","https://openalex.org/W4309505364","https://openalex.org/W4311693894","https://openalex.org/W4312805612","https://openalex.org/W4313187564","https://openalex.org/W4320002781","https://openalex.org/W4380551840","https://openalex.org/W4385187265","https://openalex.org/W4387319104","https://openalex.org/W4387793613","https://openalex.org/W4388856881","https://openalex.org/W4389314124","https://openalex.org/W4391316879","https://openalex.org/W4392806456","https://openalex.org/W4395029081","https://openalex.org/W4400314968","https://openalex.org/W4400410444","https://openalex.org/W4400487859","https://openalex.org/W4400993336","https://openalex.org/W4401169938","https://openalex.org/W4402111012","https://openalex.org/W4402351317","https://openalex.org/W4404914771","https://openalex.org/W4404915114","https://openalex.org/W4404915671","https://openalex.org/W4405181812","https://openalex.org/W4405642326","https://openalex.org/W4408626118","https://openalex.org/W4409129991","https://openalex.org/W4410568714"],"related_works":[],"abstract_inverted_index":{"Extended":[0],"reality":[1],"(XR)":[2],"systems":[3],"offer":[4],"transformative":[5],"potential":[6],"for":[7,76,185,216],"healthcare":[8,77,223],"in":[9],"domains":[10],"ranging":[11],"from":[12],"surgical":[13],"planning":[14],"to":[15,55,137,166],"remote":[16],"rehabilitation":[17],"and":[18,27,38,42,52,92,98,111,122,134,144,170,197,200,220],"mental\u2010health":[19],"therapy.":[20],"The":[21],"rich":[22],"streams":[23],"of":[24,70,142,154],"sensor,":[25],"biometric,":[26],"environmental":[28],"data":[29],"that":[30,73,106],"enable":[31],"these":[32],"applications,":[33],"however,":[34],"also":[35],"create":[36],"novel":[37],"poorly":[39],"understood":[40],"privacy":[41,99,145],"security":[43,143],"vulnerabilities:":[44],"adversaries":[45],"can":[46],"exploit":[47],"unencrypted":[48],"signaling,":[49],"sensor":[50],"side\u2010channels,":[51],"application\u2010layer":[53],"flaws":[54],"infer":[56],"sensitive":[57],"patient":[58],"information":[59],"or":[60],"disrupt":[61],"clinical":[62],"workflows.":[63],"Nevertheless,":[64],"there":[65],"aren\u2019t":[66],"many":[67],"thorough":[68],"Systematization":[69],"Knowledge":[71],"(SoK)":[72],"examine":[74],"XR":[75,222],"at":[78],"the":[79,140],"moment.":[80],"In":[81],"this":[82,210],"SoK,":[83],"we":[84,179],"survey":[85],"65":[86],"peer\u2010reviewed":[87],"works":[88],"published":[89],"between":[90],"2017":[91],"2024":[93],"across":[94],"leading":[95],"XR,":[96],"security,":[97],"venues,":[100],"synthesizing":[101],"a":[102,116,181,213],"unified":[103],"threat":[104],"taxonomy":[105],"spans":[107],"device,":[108],"network,":[109],"user":[110],"cloud":[112],"layers.":[113],"We":[114],"introduce":[115],"quantitative":[117],"evaluation":[118],"framework":[119],"XR-PRISM":[120],"(Privacy":[121],"Risk":[123],"Impact":[124],"Scoring":[125],"Metric),":[126],"drawing":[127],"on":[128],"adapted":[129],"risk":[130,158],"scores,":[131],"detection":[132,199],"performance,":[133],"usability":[135],"assessments":[136],"rigorously":[138],"assess":[139],"level":[141],"risks.":[146],"Our":[147],"analysis":[148],"reveals":[149],"critical":[150],"gaps:":[151],"over":[152],"70%":[153],"countermeasures":[155],"lack":[156],"standardized":[157],"evaluations,":[159],"fewer":[160],"than":[161],"15%":[162],"include":[163],"high":[164],"prerequisites":[165],"launch":[167],"an":[168],"attack,":[169],"reproducibility":[171],"is":[172],"hampered":[173],"by":[174,207],"scarce":[175],"artifact":[176,192],"releases.":[177],"Finally,":[178],"chart":[180],"research":[182],"roadmap":[183],"advocating":[184],"open":[186],"benchmark":[187],"suites":[188],"with":[189],"shared":[190],"datasets,":[191],"disclosure":[193],"policies,":[194],"cloud\u2010layer":[195],"protections,":[196],"robust":[198],"recovery":[201],"mechanisms.":[202],"By":[203],"quantifying":[204],"\u201cwhat":[205],"works\u2014and":[206],"how":[208],"much,\u201d":[209],"SoK":[211],"provides":[212],"data\u2010driven":[214],"foundation":[215],"developing":[217],"secure,":[218],"privacy\u2010preserving,":[219],"usable":[221],"technologies.":[224]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-12-05T00:00:00"}