The European Network and Information Security Agency (ENISA) released an interesting position paper on some of the concerns associated with virtual worlds.
A summary of the position paper’s recommendations:
- Governments and policy making bodies:
- An industrywide forum for sharing of info on security vulnerabilities
- Fund work on clarifying legal issues around IP and personal info in VWs
- Encourage independent dispute resolution for player-to-player issues
- New financial procedures to prevent item theft using chargebacks
- Investigate the issues around conflicts between legislation & common carrier status for VWs
- MMO/VW operators:
- Deal with item duping, end-to-end secuity, and DOS attacks
- Clear privacy policies
- Charge a token returnable fee for for all ODR complaints (to prevent false complaints)
- Improve user authentication
- A standard set of governing documents and terms, built with user input
- Provide bootable CD images for critical operations such as online banking
- Awareness and research
- Run campaigns on account theft detection, how to handle bad behavior, in-world property risks, etc
- Research future trends with security concenrs, such as content filtering, security and reliability of open world formats, etc