An Access Control Model for Dynamic VR Applications

An Access Control Model for Dynamic VR Applications

Adam Wójtowicz, Wojciech Cellary
DOI: 10.4018/978-1-4666-2919-6.ch039
(Individual Chapters)
No Current Special Offers


There is a need for refining data security and privacy protection in virtual reality systems which are interactive, creative and dynamic, i.e. where at run-time mutually interactive objects can be added or removed in different contexts while their behavior can be modified. In virtual worlds of this kind, operations on particular objects either should or shouldn’t be allowed to users playing different roles with respect to inter-object interactions. In the VR-PR method presented in this chapter, where VR-PR stands for “Virtual Reality–Privilege Representation”, privileges are represented by pairs, each comprising an object and a meta-operation. Meta-operations are induced automatically from possible object interactions, i.e. generated using automatic analysis of the object method call graphs. Meta-operations reflect the method call scope admitted and are used in the process of creating and modifying privileges, which in turn is controlled by a validation mechanism. Expressive and flexible, privileges based on meta-operations are consistent with a set of objects composing a virtual world, as well as with the interactions between those objects, both interactions and objects permanently evolving. In this chapter it is shown in a series of use cases how the VR-PR approach can be applied to various types of object-oriented virtual worlds. The examples are followed by a broader discussion of the privilege lifecycle in the same virtual environment.
Chapter Preview


Modern virtual worlds constitute interactive environments where interactions take place not only between a user and multiple virtual objects but also among the objects themselves, calling methods in reaction to internal and external events. Virtual worlds are also dynamic and creative – users create new objects at run-time, modify them, assemble them into more complex objects, extend their functionality, etc. Multi-access virtual worlds promoting user creativity and sociability cannot impose too many restrictions in the phase of creation of users’ objects. One way of doing this is providing effective but unobtrusive data privacy protection, for example flexible access control using privileges based on interactions between objects in a persistently running virtual world. Possible interactions could be thoroughly analyzed by taking into account the call range of object methods, whereas the privilege system should automatically encompass newly created objects. It should also be expressive enough to handle various dependencies, as objects are created not only from scratch by a user playing the content creator role but also as compositions of preexisting objects coming from different sources.

Here it must be stressed that methods of privilege modeling developed so far are not sufficient for highly dynamic, creative virtual worlds. They are either geometry-centric with no advanced interaction support or coarse-grained with flexible privilege modeling capabilities.

In this chapter a new method called VR-PR (Virtual Reality–Privilege Representation) is proposed of flexible user privilege representation for virtual world objects, maintaining compatibility with access control standards and the data model. The VR-PR method consists of automatic analysis of relationships and interactions between objects of a dynamic virtual world constructed according to an object-oriented data model, like the one presented by Walczak (2008; 2006). To achieve this, a meta-operation layer is inserted between the extended access control mechanism and the object-oriented virtual world data model. The layer reflects real interactions between objects, where the interactions are represented by a set of meta-operations aggregating similar call graphs. A set of meta-operations may evolve over time–however, its evolution is typically much slower than transformations of virtual world objects, interactions and structure changes. The VR-PR method is composed of two main steps that are alternately performed during virtual world run-time: the first one is automatic generation of meta-operations and the other one is privilege creation and modification. To guarantee consistency of meta-operations used during the second step, meta-operations created in the first step are based on automatic analysis of call graph of methods implementing interactions between objects.

This chapter is organized as follows. In Section 2 the state of the art in the field of access control models which can be applied to multiuser virtual worlds is presented, followed by critical remarks and an exemplary data model for the VR-PR approach, i.e. the object-oriented Beh-VR approach to constructing dynamic virtual worlds. In Section 3 the VR-PR approach to privilege modeling and validation is proposed, based on the induction of meta-operations used to express privileges. To illustrate this it is described in a set of use cases how the approach can be applied to various types of object-oriented virtual worlds. The last part of Section 3 is a discussion providing context of the approach. In Section 4 it is shown how the VR-PR method of representing user privileges is applied to object-oriented virtual worlds designed according to the Beh-VR method. In Section 5 future research directions related to the VR-PR approach are discussed. Section 6 concludes the chapter.

Complete Chapter List

Search this Book: