政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/154201
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113648/144635 (79%)
Visitors : 51576626      Online Users : 900
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/154201


    Title: 元宇宙之資訊安全威脅與對策
    Information Security Threats and Countermeasures in the Metaverse
    Authors: 劉昱其
    Liu, Yu-Chi
    Contributors: 左瑞麟
    Tso, Ray-Lin
    劉昱其
    Liu, Yu-Chi
    Keywords: 元宇宙
    零信任模型
    資訊安全
    去中心化識別
    Metaverse
    Zero Trust Model
    FIDO
    DIDs
    Information Security
    Date: 2024
    Issue Date: 2024-11-01 11:03:23 (UTC+8)
    Abstract: 科技的迅速發展,人們的互動空間有了全新的方式,元宇宙已成為使用者在虛擬世界中互動並參與各種活動的重要平台。然而,人們在元宇宙中進行互動,個人數據和資訊交流頻繁,互動平台擁有大量的用戶生成資料,資訊的安全及隱私的保護,成為一個重要的議題。因此,了解這些威脅挑戰並提出相應的對策對於保護使用者的資訊安全至關重要。
    本研究旨在找出元宇宙中會出現的資訊安全威脅,再找出相對應威脅的對策。首先,我們將應用零信任(Zero Trust)模型,這一模型基於一個關鍵理念,即不應信任任何內部或外部用戶或設備,無論其是否在組織的網路內。這將有助於確保虛擬世界的安全,防止未經授權的訪問和數據洩露。其次,我們將利用 FIDO(Fast Identity Online)認證技術,提供更安全和便捷的用戶身份驗證方法,以確保只有經過認證的用戶可以訪問元宇宙。最後,我們將採用 DIDs(Decentralized identifiers)技術,使用戶能夠在虛擬世界中掌握他們的身份信息,從而減少中央控制和數據風險,同時提供更好的用戶體驗,並為未來的資訊安全研究提供有價值的參考。
    With the rapid advancement of technology, there are new ways for people to interact, and the metaverse has become a significant platform for users to engage in various activities within a virtual world. However, as individuals interact within the metaverse, the frequent exchange of personal data and information poses critical issues regarding data security and privacy protection. Therefore, understanding these threats and developing corresponding countermeasures is essential for safeguarding user information security.
    This study aims to identify the information security threats that may arise in the metaverse and propose corresponding countermeasures. First, we will apply the Zero Trust model, which is based on a key principle: do not trust any internal or external users or devices, regardless of whether they are within the organization's network. This will help ensure the security of the virtual world by preventing unauthorized access and data breaches. Secondly, we will utilize Fast Identity Online (FIDO) authentication technology to provide a more secure and convenient method of user identity verification, ensuring that only authenticated users can access the metaverse. Finally, we will adopt Decentralized identifiers (DIDs) technology, allowing users to control their identity information within the virtual world, thereby reducing the risks associated with central control and data breaches. These measures aim to enhance user experience and provide valuable references for future information security research.
    Reference: Al Shehhi, A., & Otoum, F. (2023). Implementing the Zero Trust model for enhanced security in virtual environments. Cybersecurity Journal, 8(2), 113-128.
    Chen, A. C. (2023). 探索資訊安全憑證專利技術. 資訊電子學刊, 11(1), 135- 148.
    Chen, S. H. (2023). 資訊安全威脅與治理政策之探討. 管理資訊計算, 12, 1- 12.
    Cybersecurity Ventures. (2020). 2020 Official Annual Cybercrime Report. Retrieved from https://cybersecurityventures.com/cybercrime-report-2020/
    Deloitte. (2020). Blockchain: A game changer for financial services. Retrieved from https://www2.deloitte.com/global/en/pages/financial- services/articles/blockchain-a-game-changer-for-financial-services.html
    Dutton, W. H. (2013). The Oxford handbook of internet studies. Oxford University Press.
    Fan, Y., Huang, T., Meng, Y., & Cheng, S. (2023). The current opportunities and challenges of Web 3.0. Papers with Code.
    Grand View Research. (2023). Metaverse market size, share & trends analysis report by component, by device, by technology, by application, by region, and segment forecasts, 2023 - 2030. Retrieved from https://www.grandviewresearch.com/industry-analysis/metaverse-market
    Gulhane, A., Vyas, A., Mitra, R., Oruche, R., Hoefer, G., Valluripally, S., & Calyam, P. (2019). Security, privacy & safety risk assessment for virtual reality learning environment applications. In 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1-9).
    Vinod John. (2021). Interoperability in the metaverse: Challenges and opportunities. Retrieved from https://ieeexplore.ieee.org/document/9445638
    IDC. (2019). Worldwide spending on augmented and virtual reality forecast to deliver strong growth through 2023, according to a new IDC spending guide. Retrieved from https://www.idc.com/getdoc.jsp?containerId=prUS45679219
    Kim, J., & Park, H. (2023). Decentralized identification (DID) technology for secure virtual worlds. Journal of Blockchain Research, 12(4), 221-234.
    MarketsandMarkets. (2021). Artificial intelligence market by offering, technology, deployment mode, organization size, vertical, and region - global forecast to 2026. Retrieved from https://www.marketsandmarkets.com/Market- Reports/artificial-intelligence-market-74851580.html
    Mathis, F., Williamson, J. H., Vaniea, K., & Khamis, M. (2021). Fast & secure authentication in virtual reality using coordinated 3D manipulation & pointing. ACM Transactions on Computer-Human Interaction (ToCHI), 28(1), 1-44.
    Metaverse. (2024). The future of digital interaction and commerce. Virtual Reality Magazine, 19(1), 15-27.
    Miller, S., Jones, A., & Taylor, R. (2020). User authentication in virtual reality
    environments. Journal of Virtual Reality Research, 15(4), 123-136.
    Mitrushchenkova, M. (2023). FIDO authentication technology: Enhancing user security in the metaverse. International Journal of Information Security, 11(3), 145-160.
    NonFungible.com. (2021). The NFT market report 2021. Retrieved from
    https://nonfungible.com/reports/2021
    Pew Research Center. (2015). Social media usage: 2005-2015. Retrieved from
    https://www.pewresearch.org/internet/2015/10/08/social-networking-usage-2005- 2015/
    Pew Research Center. (2021). Social media use in 2021. Retrieved from
    https://www.pewresearch.org/internet/2021/04/07/social-media-use-in-2021/
    PwC. (2019). Seeing is believing: How VR and AR will transform business and the economy. Retrieved from https://www.pwc.com/gx/en/issues/technology/seeing-is-believing.html
    Saracoglu, A. (2023). The impact of cybersecurity threats on the metaverse. Cybersecurity Insights, 10(2), 98-112.
    Smith, J., Jones, R., & Taylor, L. (2023). Foundational technology vulnerabilities: Securing the virtual infrastructure. Cybersecurity Journal, 14(2), 123-145.
    SpringerLink. (2020). Security and privacy in virtual reality. SpringerLink. Retrieved from https://link.springer.com/article/10.1007/s11042-020-08921-4
    Stephenson, N. (1992). Snow crash. Bantam Books.
    Syal, S., & Mathew, R. (2020). Threats faced by mixed reality & countermeasures. Journal of Procedia Computer Science, 171(2), 2720-2728.
    S&P Global Market Intelligence. (2023). Metaverse market analysis and revenue forecast 2023-2028. Retrieved from https://www.spglobal.com/marketintelligence/en/metaverse-market-analysis- 2023-2028
    Viswanathan, K. (2022). Security considerations for virtual reality systems. arXiv preprint arXiv:2201.02563.
    Wang, Y., Su, Z., Zhang, N., Liu, D., Xing, R., Luan, T. H., & Shen, X. (2022). A survey on metaverse: Fundamentals, security, and privacy. arXiv preprint arXiv:2203.02662.
    World Economic Forum. (2020). The future of jobs report 2020. Retrieved from
    https://www.weforum.org/reports/the-future-of-jobs-report-2020
    Wu, X. M., Ku, W. C., & Yu, C. H. (2023). 以一次性密碼為基礎的雙因素身份 驗證應用程式之即時網路釣魚攻擊防禦能力的分析與強化. 資訊安全通訊, 29(1), 1-15.
    余和謙. (2019). 人工智慧之治理-以深度偽造為例. 科技法律透析, 31(8), 52-72.
    陳銘. (2022). 探討 Deepfake 深度造假對傳播的影響. 淡江大學大眾傳播 學系碩士班學位論文, 1-123.
    Wang, W. C. (2022). 初探零信任網路架構與資安法之互動. 科技法律評析, (14), 185-231.
    官玉蘭. (2023). 影響資安科技多元身份認證系統之使用意圖之研究 (淡江 大學管理科學學系企業經營碩士在職專班學位論文). 淡江大學.
    Reed, D., Sporny, M., Longley, D., Allen, C., Grant, R., Sabadello, M., & Holt, J. (2020). Decentralized identifiers (DIDs) v1.0. Draft Community Group Report.
    Description: 碩士
    國立政治大學
    全球傳播與創新科技碩士學位學程
    111ZM1013
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0111ZM1013
    Data Type: thesis
    Appears in Collections:[Master’s Program in Global Communication and Innovation Technology] Theses

    Files in This Item:

    File Description SizeFormat
    101301.pdf1031KbAdobe PDF0View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback