Virtual environments are widely used for training, gaming, and other purposes. Such virtual environments usually feature a computer-generated landscape that may represent an actual or imaginary location in a past, present, or future time. Users can create computer-generated virtual objects, referred to as avatar virtual objects, and control the avatars in the landscape through client software that runs on a computing device. Avatars can typically roam the landscape and interact with other users' avatars and with other computer-generated virtual objects. Typically, a virtual environment is generated and implemented by a single entity, and any computing devices that participate in the virtual environment are either owned or controlled by the entity that implements the virtual environment, or execute proprietary software provided by the entity. Due to the control inherent in proprietary software, the ability for a third party to compromise, or ‘hack,’ such a virtual environment is limited.
There is increasing interest in distributed virtual environments, where different regions of a virtual environment are implemented on different computing devices, or hosts. Disparate entities might generate and own different regions within such a virtual environment. In order for such a virtual environment to effectively operate, architectural information must be made available regarding how hosts communicate with each other and how client software communicates with hosts. Moreover, for many such virtual environments, there must be a set of rules governing behavior of the host and client computing devices. One disadvantage of making such architectural information generally available is that it eases the development by third parties of compromising software that does not abide by the rules of the virtual environment. Conventional firewall software focuses on viruses and network attacks, and would be unable to detect errant behavior associated with a virtual environment. Thus, there is a need for an application-layer virtual environment firewall that protects the virtual environment from virtual entities, such as hosts, clients, and virtual objects, that either intentionally or unintentionally do not abide by the rules of the virtual environment.