From the time of clay tablets and abacuses, people have always sought new technological methods for supporting the organization and conduct of work. A new possibility in this realm has arisen over recent years in the form of three-dimensional immersive environments, or synthetic worlds. In a synthetic world, each user has a representation of the self, called an “avatar,” that can be used to navigate through a realistic 3D environment rendered on a display. Although the idea of using a synthetic world to organize a large-scale work activity might seem like anathema to those whose jobs involve mainly physical resources, consider that more than 99 percent of the information produced by the human race last year was originated in digital form. Many contemporary theories and models of organizations focus primarily on the information management and processing capabilities of the organization and consider the movement of physical materials an important, but secondary concern. In this regard, virtual spaces are plausible as a substrate for functioning organizations. Indeed virtual spaces are, in effect, constructed from information.
Whenever information is handled by humans, however, there is the possibility of mishandling and malfeasance. When appropriately motivated, people will hide information, corrupt information, send information to the wrong person, or otherwise misuse the information. In a synthetic world, which exists for exchange and manipulation of information, these possibilities for malfeasance could be devastating. Fortunately, we have a substantial history to draw upon because the creation of synthetic worlds predated the creation of the Internet. The first multi-user information interaction environments were developed in the 1970s, long before the Internet caught on as a public phenomenon. These early environments were called MUDs (multi-user dungeons) and almost from the start, security issues were an important consideration. This chapter reviews the history of MUDs, MOOs (MUDs object oriented) and MMOGs (massively multiplayer online games) for important clues about the future of security in virtual spaces. The chapter then provides an overview of areas where security researchers and practitioners should focus their efforts in these areas. As with other contributions to this volume, this chapter begins with a future scenario that highlights possible future security problems in virtual space.