Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/154201
|
| Title: | 元宇宙之資訊安全威脅與對策
Information Security Threats and Countermeasures in the Metaverse |
| Authors: | 劉昱其
Liu, Yu-Chi |
| Contributors: | 左瑞麟
Tso, Ray-Lin
劉昱其
Liu, Yu-Chi |
| Keywords: | 元宇宙
零信任模型
資訊安全
去中心化識別
Metaverse
Zero Trust Model
FIDO
DIDs
Information Security |
| Date: | 2024 |
| Issue Date: | 2024-11-01 11:03:23 (UTC+8) |
| Abstract: | 科技的迅速發展,人們的互動空間有了全新的方式,元宇宙已成為使用者在虛擬世界中互動並參與各種活動的重要平台。然而,人們在元宇宙中進行互動,個人數據和資訊交流頻繁,互動平台擁有大量的用戶生成資料,資訊的安全及隱私的保護,成為一個重要的議題。因此,了解這些威脅挑戰並提出相應的對策對於保護使用者的資訊安全至關重要。
本研究旨在找出元宇宙中會出現的資訊安全威脅,再找出相對應威脅的對策。首先,我們將應用零信任(Zero Trust)模型,這一模型基於一個關鍵理念,即不應信任任何內部或外部用戶或設備,無論其是否在組織的網路內。這將有助於確保虛擬世界的安全,防止未經授權的訪問和數據洩露。其次,我們將利用 FIDO(Fast Identity Online)認證技術,提供更安全和便捷的用戶身份驗證方法,以確保只有經過認證的用戶可以訪問元宇宙。最後,我們將採用 DIDs(Decentralized identifiers)技術,使用戶能夠在虛擬世界中掌握他們的身份信息,從而減少中央控制和數據風險,同時提供更好的用戶體驗,並為未來的資訊安全研究提供有價值的參考。
With the rapid advancement of technology, there are new ways for people to interact, and the metaverse has become a significant platform for users to engage in various activities within a virtual world. However, as individuals interact within the metaverse, the frequent exchange of personal data and information poses critical issues regarding data security and privacy protection. Therefore, understanding these threats and developing corresponding countermeasures is essential for safeguarding user information security.
This study aims to identify the information security threats that may arise in the metaverse and propose corresponding countermeasures. First, we will apply the Zero Trust model, which is based on a key principle: do not trust any internal or external users or devices, regardless of whether they are within the organization's network. This will help ensure the security of the virtual world by preventing unauthorized access and data breaches. Secondly, we will utilize Fast Identity Online (FIDO) authentication technology to provide a more secure and convenient method of user identity verification, ensuring that only authenticated users can access the metaverse. Finally, we will adopt Decentralized identifiers (DIDs) technology, allowing users to control their identity information within the virtual world, thereby reducing the risks associated with central control and data breaches. These measures aim to enhance user experience and provide valuable references for future information security research. |
| Reference: | Al Shehhi, A., & Otoum, F. (2023). Implementing the Zero Trust model for enhanced security in virtual environments. Cybersecurity Journal, 8(2), 113-128.
Chen, A. C. (2023). 探索資訊安全憑證專利技術. 資訊電子學刊, 11(1), 135- 148.
Chen, S. H. (2023). 資訊安全威脅與治理政策之探討. 管理資訊計算, 12, 1- 12.
Cybersecurity Ventures. (2020). 2020 Official Annual Cybercrime Report. Retrieved from https://cybersecurityventures.com/cybercrime-report-2020/
Deloitte. (2020). Blockchain: A game changer for financial services. Retrieved from https://www2.deloitte.com/global/en/pages/financial- services/articles/blockchain-a-game-changer-for-financial-services.html
Dutton, W. H. (2013). The Oxford handbook of internet studies. Oxford University Press.
Fan, Y., Huang, T., Meng, Y., & Cheng, S. (2023). The current opportunities and challenges of Web 3.0. Papers with Code.
Grand View Research. (2023). Metaverse market size, share & trends analysis report by component, by device, by technology, by application, by region, and segment forecasts, 2023 - 2030. Retrieved from https://www.grandviewresearch.com/industry-analysis/metaverse-market
Gulhane, A., Vyas, A., Mitra, R., Oruche, R., Hoefer, G., Valluripally, S., & Calyam, P. (2019). Security, privacy & safety risk assessment for virtual reality learning environment applications. In 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1-9).
Vinod John. (2021). Interoperability in the metaverse: Challenges and opportunities. Retrieved from https://ieeexplore.ieee.org/document/9445638
IDC. (2019). Worldwide spending on augmented and virtual reality forecast to deliver strong growth through 2023, according to a new IDC spending guide. Retrieved from https://www.idc.com/getdoc.jsp?containerId=prUS45679219
Kim, J., & Park, H. (2023). Decentralized identification (DID) technology for secure virtual worlds. Journal of Blockchain Research, 12(4), 221-234.
MarketsandMarkets. (2021). Artificial intelligence market by offering, technology, deployment mode, organization size, vertical, and region - global forecast to 2026. Retrieved from https://www.marketsandmarkets.com/Market- Reports/artificial-intelligence-market-74851580.html
Mathis, F., Williamson, J. H., Vaniea, K., & Khamis, M. (2021). Fast & secure authentication in virtual reality using coordinated 3D manipulation & pointing. ACM Transactions on Computer-Human Interaction (ToCHI), 28(1), 1-44.
Metaverse. (2024). The future of digital interaction and commerce. Virtual Reality Magazine, 19(1), 15-27.
Miller, S., Jones, A., & Taylor, R. (2020). User authentication in virtual reality
environments. Journal of Virtual Reality Research, 15(4), 123-136.
Mitrushchenkova, M. (2023). FIDO authentication technology: Enhancing user security in the metaverse. International Journal of Information Security, 11(3), 145-160.
NonFungible.com. (2021). The NFT market report 2021. Retrieved from
https://nonfungible.com/reports/2021
Pew Research Center. (2015). Social media usage: 2005-2015. Retrieved from
https://www.pewresearch.org/internet/2015/10/08/social-networking-usage-2005- 2015/
Pew Research Center. (2021). Social media use in 2021. Retrieved from
https://www.pewresearch.org/internet/2021/04/07/social-media-use-in-2021/
PwC. (2019). Seeing is believing: How VR and AR will transform business and the economy. Retrieved from https://www.pwc.com/gx/en/issues/technology/seeing-is-believing.html
Saracoglu, A. (2023). The impact of cybersecurity threats on the metaverse. Cybersecurity Insights, 10(2), 98-112.
Smith, J., Jones, R., & Taylor, L. (2023). Foundational technology vulnerabilities: Securing the virtual infrastructure. Cybersecurity Journal, 14(2), 123-145.
SpringerLink. (2020). Security and privacy in virtual reality. SpringerLink. Retrieved from https://link.springer.com/article/10.1007/s11042-020-08921-4
Stephenson, N. (1992). Snow crash. Bantam Books.
Syal, S., & Mathew, R. (2020). Threats faced by mixed reality & countermeasures. Journal of Procedia Computer Science, 171(2), 2720-2728.
S&P Global Market Intelligence. (2023). Metaverse market analysis and revenue forecast 2023-2028. Retrieved from https://www.spglobal.com/marketintelligence/en/metaverse-market-analysis- 2023-2028
Viswanathan, K. (2022). Security considerations for virtual reality systems. arXiv preprint arXiv:2201.02563.
Wang, Y., Su, Z., Zhang, N., Liu, D., Xing, R., Luan, T. H., & Shen, X. (2022). A survey on metaverse: Fundamentals, security, and privacy. arXiv preprint arXiv:2203.02662.
World Economic Forum. (2020). The future of jobs report 2020. Retrieved from
https://www.weforum.org/reports/the-future-of-jobs-report-2020
Wu, X. M., Ku, W. C., & Yu, C. H. (2023). 以一次性密碼為基礎的雙因素身份 驗證應用程式之即時網路釣魚攻擊防禦能力的分析與強化. 資訊安全通訊, 29(1), 1-15.
余和謙. (2019). 人工智慧之治理-以深度偽造為例. 科技法律透析, 31(8), 52-72.
陳銘. (2022). 探討 Deepfake 深度造假對傳播的影響. 淡江大學大眾傳播 學系碩士班學位論文, 1-123.
Wang, W. C. (2022). 初探零信任網路架構與資安法之互動. 科技法律評析, (14), 185-231.
官玉蘭. (2023). 影響資安科技多元身份認證系統之使用意圖之研究 (淡江 大學管理科學學系企業經營碩士在職專班學位論文). 淡江大學.
Reed, D., Sporny, M., Longley, D., Allen, C., Grant, R., Sabadello, M., & Holt, J. (2020). Decentralized identifiers (DIDs) v1.0. Draft Community Group Report. |
| Description: | 碩士
國立政治大學
全球傳播與創新科技碩士學位學程
111ZM1013 |
| Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0111ZM1013 |
| Data Type: | thesis |
| Appears in Collections: | [全球傳播與創新科技碩士學位學程] 學位論文
|
Files in This Item:
| File |
Description |
Size | Format | |
|---|
| 101301.pdf | | 1031Kb | Adobe PDF | 0 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|
