Security of runtime extensible virtual environments

Abstract

Distributed, real-time virtual environment (VE) architectures have traditionally been driven by quality of service (QOS) considerations, with little or no concern paid to security issues. With recent advancements in functionality, computing power and network bandwidth it has become practical to use VEs in sensitive areas such as product development with proprietary information and visualization of classified information. Consequently, previously ignored aspects of security need to be made a primary concern at the outset of designing a VE. In this paper we explore security concerns associated with a subtype of VEs: Runtime Extensible VEs (RTEVEs). We introduce a taxonomy of security issues, derived from a case study of NPSNET-V, with the goal of using this taxonomy to guide the formulation of security policy, requirements, and architectures for RTEVEs.