Security and Privacy Requirements for the Metaverse: A Metaverse Applications Perspective

Abstract

The metaverse overcomes the time and space constraints of the real world and expands the physical world based on the Internet of Things, virtual reality, and digital twins. For this reason, interest in metaverse applications has recently increased because they can provide immersion and varied experiences similar to those in the real world. However, some security and privacy incidents are being encountered by these applications. Furthermore, users in the metaverse are concerned about personal data breaches, but metaverse studies on security and privacy are lacking. Thus, this study aims to propose security and privacy requirements for secure metaverse applications. To achieve this aim, we first analyze the existing metaverse-related studies and international standards from the perspective of security and privacy. We then present the security and privacy threats to the metaverse, which are identified by considering the characteristics of the applications. Finally, we propose security and privacy requirements and countermeasures to minimize these threats.