{"title":"降低云端元宇宙中的风险 访问控制策略与技术","authors":"Utsav Upadhyay, Alok Kumar, Gajanand Sharma, Ashok Kumar Saini, Varsha Arya, Akshat Gaurav, Kwok Tai Chui","doi":"10.4018/ijcac.334364","DOIUrl":null,"url":null,"abstract":"The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.","PeriodicalId":442336,"journal":{"name":"Int. J. Cloud Appl. Comput.","volume":"358 15","pages":"1-30"},"PeriodicalIF":0.0000,"publicationDate":"2023-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Mitigating Risks in the Cloud-Based Metaverse Access Control Strategies and Techniques\",\"authors\":\"Utsav Upadhyay, Alok Kumar, Gajanand Sharma, Ashok Kumar Saini, Varsha Arya, Akshat Gaurav, Kwok Tai Chui\",\"doi\":\"10.4018/ijcac.334364\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.\",\"PeriodicalId\":442336,\"journal\":{\"name\":\"Int. J. Cloud Appl. Comput.\",\"volume\":\"358 15\",\"pages\":\"1-30\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Cloud Appl. Comput.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijcac.334364\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Cloud Appl. Comput.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijcac.334364","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mitigating Risks in the Cloud-Based Metaverse Access Control Strategies and Techniques
The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
