The Metaplace Security Model

  • Michael Roe
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7114)


As part of an ongoing project on the security of online games and virtual reality applications, we joined the open beta test of Metaplace, to carry out our own analysis of Metaplace’s security mechanisms, and to observe what went wrong in practise during the beta test.

The beta test version of Metaplace is particularly interesting because it went further than most online games in allowing “user generated content”. For example, users were able to customize the game (or effectively, build their own game) by writing code that was run on the game server. This clearly has serious security implications, and Metaplace had its own unique security mechanisms to address the resulting issues. At the end of the beta test, Metaplace (then renamed Island Life) was changed to be more modest in the forms of user generated content that were permitted. The beta test was therefore a one-off opportunity to see if these mechanisms worked in practise.

We found that some well-known operating systems security issues reappeared in new forms in Metaplace: anyone who in the future would like to build a game with this degree of user-generated content in their game would do well to be aware of these issues.

The obvious competitor to Metaplace was Linden Lab’s Second Life, which also permits advanced forms of user-generated content. Second Life’s approach to security is significantly different from Metaplace, and there both advantages and disadvantages: we give a more detailed comparison later in the paper.


Virtual World Security Model Online Game Shared State Real Money 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bartle, R.: Hearts, clubs, diamonds, spades: Players who suit MUDsGoogle Scholar
  2. 2.
    Hoare, C.A.: Monitors: An operating system structuring concept. Communications of the ACM 17(10) (October 1974)Google Scholar
  3. 3.
    Ierusalimschy, R., de Figueiredo, L.H., Celes, W.: Lua 5.1 Reference Manual. (2006)Google Scholar
  4. 4.
    Ludlow, P., Wallace, M.: The Second Life Herald. The MIT Press (2007)Google Scholar
  5. 5.
    Morningstar, C., Randall Farmer, F.: The Lessons of Lucasfilm’s Habitat. MIT Press (1991)Google Scholar
  6. 6.
    Saltzer, J.H.: Protection and the control of information sharing in Multics. Communications of the ACM 17(7) (July 1974)Google Scholar
  7. 7.
    Schroeder, M.D.: Cooperation of Mutually Suspicious Subsystems in a Computer Utility. PhD thesis, Massachusetts Institute of Technology (September 1972)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Michael Roe
    • 1
  1. 1.University of HertfordshireHatfieldUK

Personalised recommendations