TY - JOUR
T1 - Mitigating Risks in the Cloud-Based Metaverse Access Control Strategies and Techniques
AU - Upadhyay, Utsav
AU - Kumar, Alok
AU - Sharma, Gajanand
AU - Saini, Ashok Kumar
AU - Arya, Varsha
AU - Gaurav, Akshat
AU - Chui, Kwok Tai
N1 - Publisher Copyright:
© 2023 The Author(s).
PY - 2023/12/1
Y1 - 2023/12/1
N2 - The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.
AB - The advent of the metaverse has revolutionized virtual interactions and navigation, introducing intricate access control challenges. This paper addresses the need for effective access control models in the cloud-based metaverse. It explores its distinct characteristics, including its dynamic nature, diverse user base, and shared spaces, highlighting privacy concerns and legal implications. The paper analyzes access control principles specific to the cloud-based metaverse, emphasizing least privilege, separation of duties, RBAC, defense-in-depth, and auditability/accountability. It delves into identity verification and authorization methods, such as biometrics, multi-factor authentication, and role-based/attribute-based authorization. Advanced access control technologies for the cloud-based metaverse are examined, including SSO solutions, blockchain-based access control, ABAC, adaptive access control, and VMI for isolation. Risk mitigation strategies encompass IDS/IPS, SIEM, and user education programs.
KW - Access Control
KW - Authorization
KW - Blockchain
KW - Cloud
KW - Metaverse
KW - Verification
UR - http://www.scopus.com/inward/record.url?scp=85179395075&partnerID=8YFLogxK
U2 - 10.4018/IJCAC.334364
DO - 10.4018/IJCAC.334364
M3 - Article
AN - SCOPUS:85179395075
SN - 2156-1834
VL - 14
JO - International Journal of Cloud Applications and Computing
JF - International Journal of Cloud Applications and Computing
IS - 1
ER -