Modeling Secure 3D Web Applications

Modeling Secure 3D Web Applications

Krzysztof Walczak
DOI: 10.4018/978-1-61520-891-3.ch012
(Individual Chapters)
No Current Special Offers


This chapter describes a novel approach to building 3D web applications, called Flex-VR, which can be used a basis for implementing security solutions. Two key elements of the approach are described: scene structuralization and content modeling. The scene structuralization enables decomposition of a 3D scene into independent geometrical and behavioral objects, called VR-Beans. Virtual scenes with rich interactivity and behavior can be dynamically created by combining sets of independent VR-Beans. The second element – the content model – is a generalized high-level description of the application content. The model enables efficient manipulation of content elements and dynamic composition of virtual scenes. Flex-VR provides a fine-grained semantically-rich content structure, which can be used as a basis for defining access privileges for users and groups. Five levels of user privileges definition in the Flex-VR approach are described. An application of Flex-VR in the cultural heritage domain is presented. Examples demonstrate how user privileges can be defined at all levels.
Chapter Preview


For more than a decade experts and standardization bodies have been working on standards, such as VRML/X3D and MPEG-4, which enable publication of three-dimensional (3D) content on the web. These standards – formally approved by ISO/IEC – have now reached the level of maturity that enables creation of appealing, high-quality, interactive 3D web content. Moreover, through continuous updates these standards incorporate recent advances in computer graphics, animation and interaction techniques.

During the same period we have observed remarkable progress in hardware performance, including cheap but powerful 3D accelerators available in most contemporary graphics cards, and rapid growth in the available network bandwidth, which is now sufficient to deliver the large amounts of data required by network-based 3D interactive multimedia applications. Therefore, technical problems related to the publication of 3D content on the web have now virtually disappeared.

Users are also prepared for this change. Popularity of 3D computer games, on-line communities and movies based on 3D computer graphics results in increasing familiarity of users with 3D graphics and – at the same time – is raising their expectations. E-commerce, education, training, entertainment and cultural heritage are notable examples of application domains that can largely benefit from the use of interactive 3D web technologies. Potentially viable business models accompany commercial exploitation of on-line 3D applications.

Despite these evident technical, social and economical prospects, the actual uptake of 3D applications on the web is still very low. Apparently, the sole ability to publish some pre-designed 3D content is not enough for wider deployment of 3D web applications. Such applications require enormous amounts of meaningful content, which must be highly dynamic, interactive and secure.

Lack of security in 3D web environments is one of important limitations of the current 3D web standards. This limitation is, to a large extent, a result of the currently used 3D data model. Web 3D content is typically stored in files – often textual. One scene usually corresponds to one file. The use of the “inline” feature to include other files is allowed, however, there are limitations on the available functionality. Privileges can be defined at the level of files – there is no way to define more fine-grained privileges to geometrical, functional or semantic elements of the 3D web environments.

A much more sophisticated and flexible security solution is necessary to support creation of complex 3D web applications in practice. The security system should enable definition of privileges, which could be used both at the content creation and at the content consumption phases. At the content creation phase, different users or groups may have different read or write privileges to spatial, temporal or logical parts of the 3D application content. At the content consumption phase, users may be granted privileges to access different parts of the content, to execute different operations within the content and to store results of their interactions.

In this chapter, we describe a generic approach to modeling 3D applications, called Flex-VR, which enables definition of fine-grained content access privileges, which can be used both at the content creation phase and at the content consumption phase. The approach consists of two main elements. The first element required to support creation of flexible secure 3D applications is an appropriate organization of the virtual scene content sent to the client browser. Traditional organization of virtual scenes based on a declarative scene graph with additional separate dataflow graph is not suitable for flexible modeling of application content, building highly dynamic systems and implementing security. Therefore a shift of paradigm towards a component based approach is required.

The second element is a high-level data model of the 3D application content. Such model is critical to enable efficient organization, manipulation and exchange of content between applications and to enable application of different access privileges to different parts of the content. Based on the generic model, particular virtual scenes are created dynamically as specific projections of the model based on the user’s privileges, preferences and interaction history.

Complete Chapter List

Search this Book: