1.1 KiB
1.1 KiB
Lab 1: Security Requirements
Metaverse User Stories
Metaverse Users are referred to as users here.
| User | Task | Goal | Context | Action | Outcomes |
|---|---|---|---|---|---|
| User | perform authorized payment transactions | only I can make transactions in my name | An adversary knows my payment information | he tries to pay with my info | the payment is declined if not authorized by me |
| Developer | access user configurations (avatars, config) | personalize the user experience of my applications | |||
| Teacher | make physical course material available in the metaverse | students can see them in virtual reality | |||
| User | have a unique identification key in bound to my avatar | everyone can recognize my avatar | my avatar is public | my avatar is used by another user | the user cannot impersonate my identity because he doesn't know the key |
| User | virtual home to be self or zero knowledge hosted | my privacy can not be intruded |
Corrections:
- User stories are more non-functional and should not contain less security aspects, rather the use-case functionality
| User | Task | Goal |
|---|---|---|
| User | perform a payment | i can acquire an virtual/physical asset |