A vital component of any application or environment is security, and yet this is often one of the lower priorities, losing out to performance and functionality issues, if it is considered at all. This paper considers a spatial approach to enabling, understanding and managing access control that is generally applicable across a range of collaborative environments and applications. Access control is governed according to the space within which subjects and objects reside, and the ability to traverse space to get close to an object. We present a framework that enables the SPACE access model [4], previously presented as an access model solely for collaborative virtual environments, to be applied across a number of collaborative systems. This framework is exemplified through mappings of the model to 3D and 2D collaborative environments, namely Spline [1], TeamRooms [19] and Orbit [16]. One particularly interesting feature of the model is the way in which it handles group access by considering how group credentials are determined. These credentials are presented to the model in the usual manner. We conclude by presenting some limitations of our approach, and workarounds.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	John W. Barrus , Richard C. Waters , David B. Anderson, Locales and Beacons: Efficient and Precise Support for Large Multi-User Virtual Environments, Proceedings of the 1996 Virtual Reality Annual International Symposium (VRAIS 96), p.204, March 30-April 03, 1996
	2	Bell, D. E. and LaPadula, L. J., "Secure computer systems: Mathematical foundations", ESD-TR-73-278, Vol.1, ESD/AFSC, Hanscom AFB, Bedford, MA, November 1973.
	3	Bowers, J., "Modelling Awareness and Interaction in Virtual Spaces", in supplement to Proc. 6th MultiG Workshop, Stockholm, Sweden, May 1993.
	4	Adrian Bullock , Steve Benford, Access control in virtual environments, Proceedings of the ACM symposium on Virtual reality software and technology, p.29-35, September 1997, Lausanne, Switzerland  [doi>10.1145/261135.261142]
	5	Bullock A., "SPACE: SPatial Access Control for collaborative virtual Environments", PhD thesis, Department of Computer Science, University of Nottingham, October 1998.
	6	Comic, CSEG at Lancaster University, http ://www.comp.lancs.ac. uk/computing/rese arch/c seg/ comic The COMIC Project {Accessed 29th July 1999}.
	7	Cooper, R., "Organisatiort/Disorganisation", Organisation Studies, 1990.
	8	Prasun Dewan , Honghai Shen, Controlling access in multiuser interfaces, ACM Transactions on Computer-Human Interaction (TOCHI), v.5 n.1, p.34-62, March 1998  [doi>10.1145/274444.274446]
	9	Prasun Dewan , HongHai Shen, Flexible meta access-control for collaborative applications, Proceedings of the 1998 ACM conference on Computer supported cooperative work, p.247-256, November 14-18, 1998, Seattle, Washington, United States  [doi>10.1145/289444.289499]
	10	Clarence A. Ellis , Simon J. Gibbs , Gail Rein, Groupware: some issues and experiences, Communications of the ACM, v.34 n.1, p.39-58, Jan. 1991  [doi>10.1145/99977.99987]
	11	Fr6con, E. and Stenius, M., "Dive: a scaleable network architecture for distributed virtual environments", Distributed Systems Engineering Journal (5), pp.91- 100, 1998.
	12	Fr6hlich, M., Werner, M., "Demonstration of the interactive Graph Visualization System daVinci", in: R. Tamassia, I. Tollis (Eds.), Proceedings of DIMACS Workshop on Graph Drawing "94, Princeton (USA), 1994, Lecture Notes in Computer Science No. 894; Springer Verlag; January 1995.
	13	Irene Greif , Sunil Sarin, Data sharing in group work, Proceedings of the 1986 ACM conference on Computer-supported cooperative work, December 03-05, 1986, Austin, Texas  [doi>10.1145/637069.637092]
	14	Larnpson, B. W., "Protection", in Proc. Fifth Princeton Symposium on Information Sciences and Systems, Princeton University, March 1971, pp. 437--443, reprinted in Operating Systems Review, 8, 1, pp. 18- 24, January 1974.
	15	M. R. Macedomia , M. J. Zyda , D. R. Pratt , D. P. Brutzman , P. T. Barham, Exploiting reality with multicast groups: a network architecture for large-scale virtual environments, Proceedings of the Virtual Reality Annual International Symposium (VRAIS'95), p.2, March 11-15, 1995
	16	Tim Mansfield , Simon Kaplan , Geraldine Fitzpatrick , Ted Phelps , Mark Fitzpatrick , Richard Taylor, Evolving Orbit: a process report on building locales, Proceedings of the international ACM SIGGROUP conference on Supporting group work: the integration challenge, p.241-250, November 16-19, 1997, Phoenix, Arizona, United States  [doi>10.1145/266838.266919]
	17	Neuman, B. C. and Ts'o T., "Kerberos: An Authentication Service for Computer Networks", IEEE Communications, 32(9) pp. 33-38. September 1994.
	18	Tom Rodden, Populating the application: a model of awareness for cooperative applications, Proceedings of the 1996 ACM conference on Computer supported cooperative work, p.87-96, November 16-20, 1996, Boston, Massachusetts, United States  [doi>10.1145/240080.240200]
	19	Mark Roseman , Saul Greenberg, TeamRooms: network places for collaboration, Proceedings of the 1996 ACM conference on Computer supported cooperative work, p.325-333, November 16-20, 1996, Boston, Massachusetts, United States  [doi>10.1145/240080.240319]
	20	HongHai Shen , Prasun Dewan, Access control for collaborative environments, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.51-58, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143461]
	21	Sikkel, K., "A Group-based Authorization Model for Cooperative Systems", ECSCW'97, pp. 345-360, Lancaster, UK, September 1997.
	22	Weigang Wang, Team-and-role-based organizational context and access control for cooperative hypermedia environments, Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots, p.37-46, February 21-25, 1999, Darmstadt, Germany  [doi>10.1145/294469.294480]