Developing Effective Mitigation Strategies for Data Privacy in the Metaverse
DOI:
https://doi.org/10.29070/9zdvqv35Keywords:
Virtual reality, privacy, DevSecOps, threat modelling, metaverseAbstract
As powerful head-mounted displays (HMDs) have become widely available, virtual reality (VR) has entered the mainstream and the concept Delivering fully immersive virtual reality adventures inside the Metaverse, a system that permanent and communal virtual world, has been proposed. Businesses are rushing to purchase virtual reality (VR) gear in the hopes of becoming early adopters and capitalizing on the industry's enthusiasm for VR and the Metaverse. Virtual reality (VR) applications and peripherals collect data, which raises unique privacy and security issues. Now that virtual reality head-mounted displays (HMDs) with intrusive sensors are available, it is more important than ever to include security and privacy considerations into the application development lifecycle to prevent the collection of sensitive biometric data, such as eye movements and facial expressions. As this case study shows, we assume that a tech company has lately turned its focus to the Metaverse, and that a group of cybersecurity specialists and programmers have been assigned the duty of creating new virtual reality apps for this company. This case study takes a page out of the development, security, and operations (DevSecOps) playbook by having participants think about how to build virtual reality (VR) applications securely, model potential threats, and implement privacy and security measures. By highlighting possible privacy and security concerns linked to this quickly developing technology, The findings of this study contribute to the existing literature on IS education. It also demonstrates how DevSecOps methods may deal with software development security challenges.
References
Pietro, Roberto & Cresci, Stefano. (2021). Metaverse: Security and Privacy Issues. 10.1109/TPSISA52974.2021.00032.
Bhongade, Ashvini & Dargad, Sweta & Dixit, Asheesh & Mali, Yogesh & Kumari, Barkha & Shende, Ashwini. (2024). Cyber Threats in Social Metaverse and Mitigation Techniques. 10.1007/978-981-97-3690-4_34.
Parlar, Tuba. (2023). Data Privacy and Security in the Metaverse. 10.1007/978-981-99-4641-9_8.
ZHAO, Ruoyu & Zhang, Yushu & ZHU, Youwen & LAN, Rushi & Hua, Zhongyun. (2023). Metaverse: Security and Privacy ConcernsMetaverse: Security and Privacy Concerns. Journal of Metaverse. 3. 93-99. 10.57019/jmv.1286526.
Chen, Zefeng & Wu, Jiayang & Gan, Wensheng & Qi, Zhenlian. (2022). Metaverse Security and Privacy: An Overview. 2950-2959. 10.1109/BigData55660.2022.10021112.
Abouelmehdi, K., Beni-Hssane, A., Khaloufi, H., & Saadi, M. (2017). Big data security and privacy in healthcare: A review. Procedia Computer Science, 113, 73–80. doi: 10.1016/j.procs.2017.08.292
Abraham, S., & Chengalur-Smith, I. (2010). An overview of social engineering malware: Trends, tactics, and implications. Technology in Society, 32(3), 183–196. doi: 10.1016/j.techsoc.2010.07.001
Ahmad, A., Saad, M., & Mohaisen, A. (2019). Secure and transparent audit logs with blockaudit. Journal of Network and Computer Applications, 145, 102406. doi: 10.1016/j.jnca.2019.102406
Alahmad, Alkandari, & Alawadhi. (2022). Survey of broken authentication and session management of web application vulnerability attack. Journal of Engineering Science and Technology, 17, 874–882.
Ali, R. (2022). The video gamer’s dilemmas. Ethics and Information Technology, 24(2), 18. doi:10.1007/ s10676-022-09638-x
This work is licensed under a 