How to Keep 3D Models From Bypassing Your Fabric Governance Rules

1
00:00:00,000 --> 00:00:01,640
You think spreadsheets are messy?

2
00:00:01,640 --> 00:00:02,280
Cute.

3
00:00:02,280 --> 00:00:05,680
3D photorealistic objects and digital twins are data on nightmare mode,

4
00:00:05,680 --> 00:00:08,640
multi-gigabyte textures, meshes, materials, physics,

5
00:00:08,640 --> 00:00:11,680
versions, user trites, and lineage that spans cameras,

6
00:00:11,680 --> 00:00:13,960
lidar, GPUs, and clouds.

7
00:00:13,960 --> 00:00:16,360
If your governance breaks here, it will break everywhere.

8
00:00:16,360 --> 00:00:16,920
The truth?

9
00:00:16,920 --> 00:00:19,200
3D assets expose every week assumption

10
00:00:19,200 --> 00:00:21,880
you've made about identity, security, life cycle,

11
00:00:21,880 --> 00:00:22,720
and compliance.

12
00:00:22,720 --> 00:00:24,240
And that's why they're the perfect stress

13
00:00:24,240 --> 00:00:25,520
test for Microsoft Fabric.

14
00:00:25,520 --> 00:00:28,760
Handle the heaviest, weirdest data in a single architecture

15
00:00:28,760 --> 00:00:31,040
with consistent policy, and suddenly everything else

16
00:00:31,040 --> 00:00:32,760
in your enterprise looks trivial.

17
00:00:32,760 --> 00:00:35,800
So today, I'm going to show you why Fabric's unified governance

18
00:00:35,800 --> 00:00:37,400
isn't nice to have.

19
00:00:37,400 --> 00:00:39,400
It's the difference between scalable reality

20
00:00:39,400 --> 00:00:41,520
and an expensive art project.

21
00:00:41,520 --> 00:00:43,920
Defining Fabric governance, the foundation of trust.

22
00:00:43,920 --> 00:00:45,640
Let's get precise, governance in fabric

23
00:00:45,640 --> 00:00:47,960
isn't a stack of policies you forget to enforce.

24
00:00:47,960 --> 00:00:50,560
It's the operating system for your data life, identity,

25
00:00:50,560 --> 00:00:53,880
permissioning, lineage, classification, policy, and monitoring,

26
00:00:53,880 --> 00:00:56,920
wired into one-lake, workspaces, items, and compute,

27
00:00:56,920 --> 00:00:59,680
not duct taped after the fact is not just a database,

28
00:00:59,680 --> 00:01:01,240
it's the spine of your data estate.

29
00:01:01,240 --> 00:01:02,760
Why this matters with 3D?

30
00:01:02,760 --> 00:01:04,520
A single asset isn't a file.

31
00:01:04,520 --> 00:01:07,240
It's a constellation, high-res photo-grammetry images,

32
00:01:07,240 --> 00:01:09,640
point clouds, meshes, textures, materials,

33
00:01:09,640 --> 00:01:11,840
rigging metadata, simulation parameters,

34
00:01:11,840 --> 00:01:15,400
and derived variance for AR, robotics, and training.

35
00:01:15,400 --> 00:01:17,880
Each piece has different sensitivity, owners, licenses,

36
00:01:17,880 --> 00:01:19,200
and allowable uses.

37
00:01:19,200 --> 00:01:21,200
The average user tries to shove that into folders

38
00:01:21,200 --> 00:01:24,480
you need deterministic control, enter Fabric's core.

39
00:01:24,480 --> 00:01:27,240
Security starts with Microsoft Entra ID,

40
00:01:27,240 --> 00:01:30,680
consistent identity across producers, processes, and consumers.

41
00:01:30,680 --> 00:01:34,040
That means when an artist, a data engineer, or a robotics team

42
00:01:34,040 --> 00:01:37,680
touches an object, access is role-bound and auditable.

43
00:01:37,680 --> 00:01:40,600
No mystery shares, no who sent me this zip, chaos.

44
00:01:40,600 --> 00:01:42,760
Row and column security isn't the hero here.

45
00:01:42,760 --> 00:01:44,720
Object level and workspace scoping are.

46
00:01:44,720 --> 00:01:47,000
You gate entire artifacts in their derivatives

47
00:01:47,000 --> 00:01:49,080
with the same identity fabric.

48
00:01:49,080 --> 00:01:51,400
Now, the thing most people miss, governance without lineage

49
00:01:51,400 --> 00:01:52,440
is theater.

50
00:01:52,440 --> 00:01:55,360
Fabric's built-in lineage maps how a raw capture

51
00:01:55,360 --> 00:01:58,360
flowed into a processed mesh into a compressed LOD set

52
00:01:58,360 --> 00:01:59,800
into a robot training simulation

53
00:01:59,800 --> 00:02:02,720
and finally into a KPI dashboard showing training efficiency.

54
00:02:02,720 --> 00:02:05,960
You see sources, transformations, and downstream consumers.

55
00:02:05,960 --> 00:02:08,200
If a source scan is recalled due to rights restrictions,

56
00:02:08,200 --> 00:02:09,160
you don't guess where it went.

57
00:02:09,160 --> 00:02:11,120
You follow the lineage and revoke, reprocess,

58
00:02:11,120 --> 00:02:12,840
or quarantine, everything it contaminated.

59
00:02:12,840 --> 00:02:14,200
That's trust you can act on.

60
00:02:14,200 --> 00:02:16,560
Classification and labels are your next lever.

61
00:02:16,560 --> 00:02:19,320
Sensitive, licensed, export-controlled, internal only.

62
00:02:19,320 --> 00:02:21,600
The tag follows the asset as it moves.

63
00:02:21,600 --> 00:02:24,640
Not as a sticky note as metadata the platform respects.

64
00:02:24,640 --> 00:02:27,680
Policy enforces labels, share blocks, cross-gear controls,

65
00:02:27,680 --> 00:02:29,640
retention, and encryption at rest in transit.

66
00:02:29,640 --> 00:02:31,560
With 3D, this is non-negotiable.

67
00:02:31,560 --> 00:02:32,720
That free texture pack?

68
00:02:32,720 --> 00:02:34,960
If it's not licensed for commercial digital twins,

69
00:02:34,960 --> 00:02:36,600
your policy should stop it at the gate.

70
00:02:36,600 --> 00:02:39,240
Yes, proactively, because you like not getting sued.

71
00:02:39,240 --> 00:02:41,560
Storage gravity kills most architectures.

72
00:02:41,560 --> 00:02:43,640
One-lake flips it, a single logical data

73
00:02:43,640 --> 00:02:46,120
lake with open formats and shortcut semantics,

74
00:02:46,120 --> 00:02:47,920
so you don't spawn 15 brittle copies.

75
00:02:47,920 --> 00:02:50,880
For 3D, that means canonical assets live once

76
00:02:50,880 --> 00:02:53,600
with derived views for teams and tools.

77
00:02:53,600 --> 00:02:56,320
Compute comes to the data, spark for processing, pipelines

78
00:02:56,320 --> 00:02:58,680
for orchestration, notebooks for transformation,

79
00:02:58,680 --> 00:03:00,640
while governance remains consistent.

80
00:03:00,640 --> 00:03:03,000
Compare that to download, edit locally, re-upload,

81
00:03:03,000 --> 00:03:04,680
hope nobody else changed it now.

82
00:03:04,680 --> 00:03:08,000
Amateur hour, and yes, monitoring, activity logs, access

83
00:03:08,000 --> 00:03:10,120
audits, data movement reports.

84
00:03:10,120 --> 00:03:12,840
If a 90-gigabyte mesh starts exfiltrating

85
00:03:12,840 --> 00:03:15,840
to an unknown region, you don't wait for a quarterly review,

86
00:03:15,840 --> 00:03:17,440
alerts fire, policy's trigger.

87
00:03:17,440 --> 00:03:19,800
The platform behaves like it knows your risk tolerance

88
00:03:19,800 --> 00:03:20,680
because you taught it.

89
00:03:20,680 --> 00:03:23,040
Let me show you exactly how this lands in a real workflow.

90
00:03:23,040 --> 00:03:26,040
Captured teams dump raw scans into an ingestion workspace

91
00:03:26,040 --> 00:03:29,160
with strict contributor roles and automatic classification,

92
00:03:29,160 --> 00:03:31,840
licensed, source, region, and EU.

93
00:03:31,840 --> 00:03:34,440
Pipelines validate schema and rights metadata.

94
00:03:34,440 --> 00:03:36,520
Anything non-compliant gets quarantined.

95
00:03:36,520 --> 00:03:39,480
Processing runs on governed compute, spark jobs,

96
00:03:39,480 --> 00:03:42,600
tag outputs with lineage, versioning, and usage rights.

97
00:03:42,600 --> 00:03:44,640
Publishing promotes approved derivatives

98
00:03:44,640 --> 00:03:47,120
to a shared product workspace via shortcuts.

99
00:03:47,120 --> 00:03:48,120
No duplication.

100
00:03:48,120 --> 00:03:51,240
Consumers, robotics, training analytics, get red access

101
00:03:51,240 --> 00:03:53,840
to only the derivatives their roles allow.

102
00:03:53,840 --> 00:03:56,320
If legal updates a policy say no export of assets

103
00:03:56,320 --> 00:03:59,640
with origin, citer, fabric retroactively blocks share links,

104
00:03:59,640 --> 00:04:01,320
marks affected items, and surfaces

105
00:04:01,320 --> 00:04:04,360
the dependency graph so owners patch or replace.

106
00:04:04,360 --> 00:04:05,560
The reason this works is simple.

107
00:04:05,560 --> 00:04:07,280
Governance isn't separate from productivity.

108
00:04:07,280 --> 00:04:08,560
It's fused to it.

109
00:04:08,560 --> 00:04:10,040
People do the right thing by default

110
00:04:10,040 --> 00:04:11,800
because the platform translates policy

111
00:04:11,800 --> 00:04:13,400
into the path of least resistance.

112
00:04:13,400 --> 00:04:15,760
When the hardest data type you own 3D twins

113
00:04:15,760 --> 00:04:18,720
flows cleanly through identity, lineage, classification,

114
00:04:18,720 --> 00:04:21,320
policy, and monitoring every spreadsheet, CSV,

115
00:04:21,320 --> 00:04:23,400
and parquet file falls in line.

116
00:04:23,400 --> 00:04:26,120
Refusing unified governance is like refusing updates.

117
00:04:26,120 --> 00:04:27,760
And yes, they require restarts.

118
00:04:27,760 --> 00:04:30,320
And because Microsoft is not performing magic tricks,

119
00:04:30,320 --> 00:04:34,000
the complexity barrier, why 3D data breaks traditional systems.

120
00:04:34,000 --> 00:04:35,240
Here's the uncomfortable truth.

121
00:04:35,240 --> 00:04:37,560
Traditional data stacks were built for rows and columns

122
00:04:37,560 --> 00:04:39,720
and at their most adventurous a few chunky files

123
00:04:39,720 --> 00:04:40,640
in a shared drive.

124
00:04:40,640 --> 00:04:41,920
3D data laughs at that.

125
00:04:41,920 --> 00:04:44,320
A single photo-real object is not a file.

126
00:04:44,320 --> 00:04:47,000
It's a high poly mesh, multiple levels of detail,

127
00:04:47,000 --> 00:04:50,440
displacement, and normal maps, PBR material graphs,

128
00:04:50,440 --> 00:04:54,040
HDRI lighting references, thousands of source photos,

129
00:04:54,040 --> 00:04:57,280
LiDAR point clouds, rigging metadata, physics constraints,

130
00:04:57,280 --> 00:05:00,800
simulation parameters, and half a dozen derivative exports

131
00:05:00,800 --> 00:05:03,080
for game engines, robotics, and AR.

132
00:05:03,080 --> 00:05:05,000
That's not storage, that's a supply chain.

133
00:05:05,000 --> 00:05:06,600
Now, tri-versioning it.

134
00:05:06,600 --> 00:05:08,240
V2 final final dies here.

135
00:05:08,240 --> 00:05:11,200
You need semantic versioning across interdependent components.

136
00:05:11,200 --> 00:05:16,200
Mesh V3.4 compatible with texture set, V2.1, and rig V1.9

137
00:05:16,200 --> 00:05:18,400
plus a provenance trail back to source captures.

138
00:05:18,400 --> 00:05:20,320
Without lineage, you're shipping franken assets

139
00:05:20,320 --> 00:05:23,520
that render beautifully until a robot arm clips through a hinge

140
00:05:23,520 --> 00:05:26,120
because the collision mesh didn't update with the material.

141
00:05:26,120 --> 00:05:28,240
The average user shrugs your safety team doesn't.

142
00:05:28,240 --> 00:05:31,680
Identity and permissioning folder ACLs crumble.

143
00:05:31,680 --> 00:05:34,840
Artists, scan, text, simulation engineers, ML teams,

144
00:05:34,840 --> 00:05:36,480
and legal all need different rights

145
00:05:36,480 --> 00:05:39,400
on different parts of the same object at different times.

146
00:05:39,400 --> 00:05:42,080
Write on staging, read on published, deny export

147
00:05:42,080 --> 00:05:44,200
from restricted Geos allow parameter edits,

148
00:05:44,200 --> 00:05:45,320
but not texture swaps.

149
00:05:45,320 --> 00:05:47,520
This is policy as graph, not policy as folder.

150
00:05:47,520 --> 00:05:49,320
Anything less, and you'll either block the work

151
00:05:49,320 --> 00:05:52,040
or leak the crown jewels, usually both.

152
00:05:52,040 --> 00:05:54,480
Licensing and compliance are where most organizations

153
00:05:54,480 --> 00:05:56,240
quietly set themselves on fire.

154
00:05:56,240 --> 00:05:59,280
Third party scans, museum collections, prop houses,

155
00:05:59,280 --> 00:06:01,720
and open libraries come with usage clauses,

156
00:06:01,720 --> 00:06:04,640
non-commercial attribution geo-restricted time bound

157
00:06:04,640 --> 00:06:06,360
or export controlled.

158
00:06:06,360 --> 00:06:09,480
Glue that to every derivative and enforce it across tools.

159
00:06:09,480 --> 00:06:12,520
Or watch an innocent test render wander into an ad campaign.

160
00:06:12,520 --> 00:06:14,680
With 3D downstream misuse isn't theoretical,

161
00:06:14,680 --> 00:06:17,320
it's embedded into pipelines, previews, and caches.

162
00:06:17,320 --> 00:06:19,920
If your platform doesn't carry rights metadata end-to-end,

163
00:06:19,920 --> 00:06:21,480
you've built a lawsuit generator.

164
00:06:21,480 --> 00:06:23,560
Performance and scale add insult to injury.

165
00:06:23,560 --> 00:06:24,880
These assets are heavy.

166
00:06:24,880 --> 00:06:27,040
Moving gigabytes across regions to placate

167
00:06:27,040 --> 00:06:28,760
a tool that insists on local copies

168
00:06:28,760 --> 00:06:30,600
is a cost and risk multiplier.

169
00:06:30,600 --> 00:06:33,360
Traditional copy to project workflows explode storage,

170
00:06:33,360 --> 00:06:34,960
fragment, truth, and bury governance

171
00:06:34,960 --> 00:06:36,320
under duplicate snow drifts.

172
00:06:36,320 --> 00:06:37,720
You think you have three bus models,

173
00:06:37,720 --> 00:06:41,040
you have 19 all slightly wrong, then there's temporal truth.

174
00:06:41,040 --> 00:06:44,560
Digital twins aren't static museum pieces, they change.

175
00:06:44,560 --> 00:06:47,280
Where patents, replaced parts, sensor calibrations,

176
00:06:47,280 --> 00:06:50,840
environment updates, time becomes a first class dimension.

177
00:06:50,840 --> 00:06:52,680
Traditional systems fake this with folders

178
00:06:52,680 --> 00:06:55,440
named archive, 2020 407.

179
00:06:55,440 --> 00:06:55,960
Cute.

180
00:06:55,960 --> 00:06:58,480
Real governance tracks state changes as lineage events

181
00:06:58,480 --> 00:07:01,320
preserve historical queries and allows conditional policy,

182
00:07:01,320 --> 00:07:05,800
allow export of pre-2023 variants, quarantine post-2023

183
00:07:05,800 --> 00:07:07,800
scans from side B pending audit.

184
00:07:07,800 --> 00:07:10,360
Tool diversity is the final nail reality capture,

185
00:07:10,360 --> 00:07:13,840
DCC tools, game engines, simulation frameworks, ML training

186
00:07:13,840 --> 00:07:15,720
rigs, each speaks its own file dialect

187
00:07:15,720 --> 00:07:16,760
and metadata religion.

188
00:07:16,760 --> 00:07:18,920
If your governance requires every tool to behave,

189
00:07:18,920 --> 00:07:20,240
you've already lost.

190
00:07:20,240 --> 00:07:22,480
The platform must standardize identity policy

191
00:07:22,480 --> 00:07:23,960
and lineage above the tool layer.

192
00:07:23,960 --> 00:07:26,040
So blender, omniverse, unity, and spark

193
00:07:26,040 --> 00:07:28,320
can disagree about everything except who can do what,

194
00:07:28,320 --> 00:07:30,640
to which asset, where, and when.

195
00:07:30,640 --> 00:07:33,120
This clicked for me when a team tried to go fast

196
00:07:33,120 --> 00:07:35,520
by bypassing policy to meet a demo date.

197
00:07:35,520 --> 00:07:36,880
They shipped a gorgeous model.

198
00:07:36,880 --> 00:07:40,560
Then legal discovered the base scan carried a non export license.

199
00:07:40,560 --> 00:07:42,280
The fix wasn't an apology.

200
00:07:42,280 --> 00:07:45,080
It was a full asset recall across four regions,

201
00:07:45,080 --> 00:07:47,840
retraining of a model that had ingested previews

202
00:07:47,840 --> 00:07:49,440
and purging every derivative.

203
00:07:49,440 --> 00:07:52,000
Days lost because governance was optional.

204
00:07:52,000 --> 00:07:54,840
The thing most people miss is that 3D doesn't tolerate optional.

205
00:07:54,840 --> 00:07:56,800
Either your platform enforces identity,

206
00:07:56,800 --> 00:07:59,360
lineage, classification, and policy by default,

207
00:07:59,360 --> 00:08:02,080
or the complexity will enforce chaos for you.

208
00:08:02,080 --> 00:08:04,000
Versioning and provenance, tracking the lifecycle

209
00:08:04,000 --> 00:08:05,120
of a digital twin.

210
00:08:05,120 --> 00:08:07,880
Versioning 3D twins isn't renaming folders and hoping.

211
00:08:07,880 --> 00:08:09,800
It's a governed narrative of cause and effect.

212
00:08:09,800 --> 00:08:11,440
The truth, without tight provenance,

213
00:08:11,440 --> 00:08:13,560
you're not iterating, you're randomizing.

214
00:08:13,560 --> 00:08:15,400
So let's wire this properly in fabric,

215
00:08:15,400 --> 00:08:17,640
where identity, lineage, and policy

216
00:08:17,640 --> 00:08:20,440
ride along every change like a black box flight recorder.

217
00:08:20,440 --> 00:08:22,360
Start with a canonical object definition.

218
00:08:22,360 --> 00:08:23,640
Call it the twin manifest.

219
00:08:23,640 --> 00:08:24,880
It's not a pretty PDF.

220
00:08:24,880 --> 00:08:26,600
It's structured metadata in one lake

221
00:08:26,600 --> 00:08:29,040
that references components by immutable IDs,

222
00:08:29,040 --> 00:08:31,360
source captures, mesh textures, materials,

223
00:08:31,360 --> 00:08:33,840
rig, physics, and simulation parameters.

224
00:08:33,840 --> 00:08:36,080
Each component gets semantic versioning

225
00:08:36,080 --> 00:08:39,080
major for breaking changes, minor for compatible improvements,

226
00:08:39,080 --> 00:08:41,120
build metadata for environment and toolchain.

227
00:08:41,120 --> 00:08:44,920
Mesh 3.4 works with material graph 2.1 and collider 1.9.

228
00:08:44,920 --> 00:08:46,840
That compatibility table lives in the manifest,

229
00:08:46,840 --> 00:08:47,800
not in someone's memory.

230
00:08:47,800 --> 00:08:49,960
Yes, average user, this is more work upfront.

231
00:08:49,960 --> 00:08:51,120
It's called engineering.

232
00:08:51,120 --> 00:08:52,960
Now the provenance chain, fabric lineage,

233
00:08:52,960 --> 00:08:55,080
captures ingestion events from capture rigs

234
00:08:55,080 --> 00:08:57,840
into the raw workspace, tagged with capture method,

235
00:08:57,840 --> 00:09:01,720
LiDAR, photogrammetry, device IDs, operator, location,

236
00:09:01,720 --> 00:09:02,960
and rights metadata.

237
00:09:02,960 --> 00:09:04,000
That's your origin story.

238
00:09:04,000 --> 00:09:06,160
Processing pipelines promote two staging

239
00:09:06,160 --> 00:09:07,760
with deterministic transformations,

240
00:09:07,760 --> 00:09:12,640
decimation, retopology, UV unwrap, baking, and LOD generation.

241
00:09:12,640 --> 00:09:16,720
Every step emits lineage edges, raw scan V1.2, mesh V1.9,

242
00:09:16,720 --> 00:09:18,000
a lot set, Vi.3.

243
00:09:18,000 --> 00:09:20,960
When you publish, the manifest pins the exact graph state.

244
00:09:20,960 --> 00:09:24,320
If you rebuild with a new retopo algorithm, you don't overwrite.

245
00:09:24,320 --> 00:09:27,240
You branch, you compare, you decide, here's the shortcut,

246
00:09:27,240 --> 00:09:28,280
nobody teaches.

247
00:09:28,280 --> 00:09:30,000
Treat rights as version state, too.

248
00:09:30,000 --> 00:09:34,280
The license you captured under at site AV-2023.10 is a component.

249
00:09:34,280 --> 00:09:37,520
When legal updates terms, you don't scramble through drives.

250
00:09:37,520 --> 00:09:39,720
You query fabric, show me all manifests,

251
00:09:39,720 --> 00:09:42,000
referencing license site A-2310.

252
00:09:42,000 --> 00:09:43,240
The dependency graph lights up.

253
00:09:43,240 --> 00:09:44,640
You bulked the mode affected twins

254
00:09:44,640 --> 00:09:45,840
from published to quarantine,

255
00:09:45,840 --> 00:09:48,720
trigger reprocessing with allowed substitutions and republish.

256
00:09:48,720 --> 00:09:50,160
Governance didn't slow you down.

257
00:09:50,160 --> 00:09:52,320
It prevented weeks of forensic archaeology.

258
00:09:52,320 --> 00:09:54,520
Let me show you exactly how teams work with this.

259
00:09:54,520 --> 00:09:57,280
Artists open the staging shortcut in their DCC tool.

260
00:09:57,280 --> 00:09:59,560
They can bump texture 2.1 to 2.2,

261
00:09:59,560 --> 00:10:02,760
but policy blocks changing the collision mesh in published.

262
00:10:02,760 --> 00:10:05,160
Simulation engineers can tweak physics parameters

263
00:10:05,160 --> 00:10:06,560
within guarded ranges.

264
00:10:06,560 --> 00:10:08,800
Crossing a threshold forces a new minor version

265
00:10:08,800 --> 00:10:10,560
with an approval workflow.

266
00:10:10,560 --> 00:10:13,080
Robotics consumes a frozen manifest via a shortcut,

267
00:10:13,080 --> 00:10:16,040
no downloading 90-git-et locally, so their build is reproducible.

268
00:10:16,040 --> 00:10:18,800
Analytics pulls lineage to explain why training performance

269
00:10:18,800 --> 00:10:21,880
jumped on twin 3.4, the decimator improved edge preservation,

270
00:10:21,880 --> 00:10:22,760
not magic.

271
00:10:22,760 --> 00:10:23,760
Common mistakes?

272
00:10:23,760 --> 00:10:24,560
Two classics.

273
00:10:24,560 --> 00:10:27,000
First, final render without pinning sources.

274
00:10:27,000 --> 00:10:29,720
You ship a published twin pointing at latest meshes.

275
00:10:29,720 --> 00:10:32,560
Later, a mesh update breaks a compatibility contract.

276
00:10:32,560 --> 00:10:34,840
Result, beautiful demo, broken production.

277
00:10:34,840 --> 00:10:36,520
Pin exact versions in the manifest.

278
00:10:36,520 --> 00:10:38,360
Latest is a ticking bomb.

279
00:10:38,360 --> 00:10:39,960
Second, silent tool chain drift.

280
00:10:39,960 --> 00:10:41,880
Someone updates a plug-in, exports change,

281
00:10:41,880 --> 00:10:44,080
embed tool chain hashes in build metadata

282
00:10:44,080 --> 00:10:45,640
and enforce them at pipeline time.

283
00:10:45,640 --> 00:10:48,040
If hashes don't match, the job fails loudly.

284
00:10:48,040 --> 00:10:49,600
Painful now, cheaper than a recall.

285
00:10:49,600 --> 00:10:50,880
Temporal reality matters.

286
00:10:50,880 --> 00:10:53,240
Twins age, replace a part in the physical asset.

287
00:10:53,240 --> 00:10:54,520
You branch the digital twin.

288
00:10:54,520 --> 00:10:56,680
Fabric lets you annotate the manifest

289
00:10:56,680 --> 00:11:00,000
with effective dates and states, pre-repair, post-repair.

290
00:11:00,000 --> 00:11:02,160
Policies can then allow downstream use only

291
00:11:02,160 --> 00:11:03,720
for time-appropriate variance.

292
00:11:03,720 --> 00:11:05,360
Training models don't accidentally learn

293
00:11:05,360 --> 00:11:06,320
obsolete geometry.

294
00:11:06,320 --> 00:11:08,360
Finally, auditability.

295
00:11:08,360 --> 00:11:10,800
Fabric activity logs plus lineage produce

296
00:11:10,800 --> 00:11:13,640
a human readable provenance who changed what, when, why,

297
00:11:13,640 --> 00:11:14,960
and with which inputs.

298
00:11:14,960 --> 00:11:18,160
That's defensible compliance and frankly professional hygiene.

299
00:11:18,160 --> 00:11:19,760
If you remember, nothing else version

300
00:11:19,760 --> 00:11:21,800
the manifest pin dependencies and treat rights

301
00:11:21,800 --> 00:11:24,080
as first class versioned components.

302
00:11:24,080 --> 00:11:25,480
The rest of your governance will stop

303
00:11:25,480 --> 00:11:28,240
feeling like theater and start behaving like engineering.

304
00:11:28,240 --> 00:11:30,880
Interoperability and rights management in the metaverse.

305
00:11:30,880 --> 00:11:32,320
Let's address the fantasy first.

306
00:11:32,320 --> 00:11:34,040
You think the metaverse is one place.

307
00:11:34,040 --> 00:11:34,560
Incorrect.

308
00:11:34,560 --> 00:11:37,680
It's a patchwork of engines, viewers, devices, file dialects

309
00:11:37,680 --> 00:11:39,920
and business models that barely agree on gravity.

310
00:11:39,920 --> 00:11:42,200
Interoperability isn't a feature, it's survival.

311
00:11:42,200 --> 00:11:44,440
And rights management isn't a footer on a contract.

312
00:11:44,440 --> 00:11:46,240
It's the guardrail that keeps your assets

313
00:11:46,240 --> 00:11:49,080
from being cloned, remixed, and monetized by everyone

314
00:11:49,080 --> 00:11:49,920
except you.

315
00:11:49,920 --> 00:11:50,680
The truth?

316
00:11:50,680 --> 00:11:53,960
If your 3D twin can't move between omniverse, unity,

317
00:11:53,960 --> 00:11:56,880
unreal, web GL viewers and downstream analytics

318
00:11:56,880 --> 00:11:59,320
without breaking identity, lineage or licensing,

319
00:11:59,320 --> 00:12:01,120
you don't have a metaverse strategy,

320
00:12:01,120 --> 00:12:03,400
you have vendor lock-in with extra steps.

321
00:12:03,400 --> 00:12:05,520
Fabrics job is not to make blender behave.

322
00:12:05,520 --> 00:12:08,280
Fabrics job is to standardize identity, policy,

323
00:12:08,280 --> 00:12:09,720
and provenance above the two layers

324
00:12:09,720 --> 00:12:12,040
so any engine can render, simulate, or stream

325
00:12:12,040 --> 00:12:13,600
while governance remains intact.

326
00:12:13,600 --> 00:12:15,960
Enter open formats and logical storage.

327
00:12:15,960 --> 00:12:17,720
Keep canonical assets in one lake.

328
00:12:17,720 --> 00:12:20,240
Expose them through shortcuts and governed APIs.

329
00:12:20,240 --> 00:12:22,360
Use interoperable scene descriptions.

330
00:12:22,360 --> 00:12:25,000
Open USD, where appropriate, so you exchange structure,

331
00:12:25,000 --> 00:12:27,400
materials and references without exporting chaos.

332
00:12:27,400 --> 00:12:29,320
But remember, format doesn't equal governance.

333
00:12:29,320 --> 00:12:31,800
The platform must inject labels, license terms,

334
00:12:31,800 --> 00:12:34,600
and usage constraints as first class meta data

335
00:12:34,600 --> 00:12:37,480
that writes with the asset is queryable and is enforceable.

336
00:12:37,480 --> 00:12:39,120
Not a readme, enforceable.

337
00:12:39,120 --> 00:12:41,600
Here's the shortcut nobody teaches, writes as code.

338
00:12:41,600 --> 00:12:43,880
Model writes as machine readable policies.

339
00:12:43,880 --> 00:12:48,040
Who, where, when, how long, and for which derivative purposes?

340
00:12:48,040 --> 00:12:50,120
Tag the asset, license, commercial, territory,

341
00:12:50,120 --> 00:12:53,920
U+US duration 2025, 1231, derivatives, render plus

342
00:12:53,920 --> 00:12:55,880
in prohibit resale per re-host.

343
00:12:55,880 --> 00:12:57,920
Fabrics evaluates those claims at access time.

344
00:12:57,920 --> 00:13:00,320
Unity scene wants to pull the textures from Japan?

345
00:13:00,320 --> 00:13:02,720
Denied, a web viewer requests a downsample stream

346
00:13:02,720 --> 00:13:05,680
for public display, allowed if watermarking is enabled

347
00:13:05,680 --> 00:13:07,440
and attribution is injected.

348
00:13:07,440 --> 00:13:09,520
The policy isn't a PDF that humans ignore,

349
00:13:09,520 --> 00:13:10,960
it's a runtime decision.

350
00:13:10,960 --> 00:13:12,240
Now, the interrupt dance.

351
00:13:12,240 --> 00:13:13,680
Engines expect local files.

352
00:13:13,680 --> 00:13:17,480
We don't copy 90 gigabyte to every workstation like its 2012.

353
00:13:17,480 --> 00:13:20,240
Use cloud mounts, signed URLs and streaming decoders

354
00:13:20,240 --> 00:13:22,600
that fetch only the needed LODs and tiles.

355
00:13:22,600 --> 00:13:26,280
Fabric issues time-bound tokens tied to identity and policy.

356
00:13:26,280 --> 00:13:28,280
When the token expires the faucet closes,

357
00:13:28,280 --> 00:13:30,400
if legal revokes a license, lineage identifies

358
00:13:30,400 --> 00:13:32,640
every manifest and scene using that asset,

359
00:13:32,640 --> 00:13:35,320
the tokens are invalidated, previews are purged,

360
00:13:35,320 --> 00:13:38,680
and CI pipelines fail fast with human readable reasons.

361
00:13:38,680 --> 00:13:41,000
Compare that to, we'll fix it next sprint.

362
00:13:41,000 --> 00:13:42,200
Lawyers love that phrase.

363
00:13:42,200 --> 00:13:44,120
Attribution is not optional.

364
00:13:44,120 --> 00:13:46,840
Embed creator, source, and license in the manifest

365
00:13:46,840 --> 00:13:49,560
and enforce overlay attribution in viewers that support it.

366
00:13:49,560 --> 00:13:52,240
For engines that don't, gate distribution behind a renderer

367
00:13:52,240 --> 00:13:54,600
or packaging step that bakes in credits or watermarks

368
00:13:54,600 --> 00:13:56,040
at the edges of allowed use.

369
00:13:56,040 --> 00:13:57,400
Fragyle, no, pragmatic.

370
00:13:57,400 --> 00:13:59,680
The average user thinks attribution is a checkbox.

371
00:13:59,680 --> 00:14:01,920
It's a write cross-platform identity is next.

372
00:14:01,920 --> 00:14:03,800
You authenticate with Entra ID.

373
00:14:03,800 --> 00:14:06,000
External partners federate via B2B,

374
00:14:06,000 --> 00:14:08,120
get scoped access to specific workspaces

375
00:14:08,120 --> 00:14:10,320
and never see raw canonical stores.

376
00:14:10,320 --> 00:14:12,840
Platform-level scopes map to engine-level roles,

377
00:14:12,840 --> 00:14:15,080
viewer, scene-author, asset-publisher.

378
00:14:15,080 --> 00:14:16,840
If a contractor leaves, access disappears

379
00:14:16,840 --> 00:14:19,280
without scrubbing shared drives for zombie files.

380
00:14:19,280 --> 00:14:21,040
Common mistakes, three favorites.

381
00:14:21,040 --> 00:14:25,040
One, exporting just for a demo, forgetting that demo's leak.

382
00:14:25,040 --> 00:14:28,600
Two, handing partners zips because the pipeline is complicated,

383
00:14:28,600 --> 00:14:30,160
which is how you lose control.

384
00:14:30,160 --> 00:14:32,680
Three, assuming OpenUSD alone solves rights.

385
00:14:32,680 --> 00:14:33,520
It doesn't.

386
00:14:33,520 --> 00:14:35,120
It carries structure, fabric carries law.

387
00:14:35,120 --> 00:14:36,520
Finally, future-proofing.

388
00:14:36,520 --> 00:14:39,160
Your asset will live longer than any engine you use today.

389
00:14:39,160 --> 00:14:40,200
Keep truth in one leg.

390
00:14:40,200 --> 00:14:42,520
Treat engines as a femoral clients and codify rights.

391
00:14:42,520 --> 00:14:43,920
So when the next platform arrives,

392
00:14:43,920 --> 00:14:45,680
you don't re-litigate your library.

393
00:14:45,680 --> 00:14:46,920
If you remember nothing else,

394
00:14:46,920 --> 00:14:49,200
interrupt without rights is piracy with better UX.

395
00:14:49,200 --> 00:14:50,680
Rights without interrupt is a museum.

396
00:14:50,680 --> 00:14:53,280
Fabric gives you both the ultimate test.

397
00:14:53,280 --> 00:14:56,200
Applying governance frameworks to real-time 3D assets.

398
00:14:56,200 --> 00:14:58,520
Let's graduate from theory to stress test.

399
00:14:58,520 --> 00:15:00,680
Real-time 3D isn't nice renders.

400
00:15:00,680 --> 00:15:03,200
It's dynamic-streamed multi-user policy-constrained

401
00:15:03,200 --> 00:15:04,960
interaction with high-fidelity objects

402
00:15:04,960 --> 00:15:07,680
inside engines that expect speed, not paperwork.

403
00:15:07,680 --> 00:15:09,920
If fabric governance holds here, it holds everywhere.

404
00:15:09,920 --> 00:15:11,640
Start with the ingestion frontier.

405
00:15:11,640 --> 00:15:13,600
Capture rigs land, thousands of images

406
00:15:13,600 --> 00:15:16,120
and light our scans into a raw workspace.

407
00:15:16,120 --> 00:15:17,680
Autoclassification applies.

408
00:15:17,680 --> 00:15:20,280
Source licensed region EU origin site B.

409
00:15:20,280 --> 00:15:22,600
A validation pipeline checks rights manifests,

410
00:15:22,600 --> 00:15:25,600
camera-exif, sensor IDs, and hash integrity.

411
00:15:25,600 --> 00:15:27,400
Anything missing goes to quarantine

412
00:15:27,400 --> 00:15:29,560
with a reason code humans can understand.

413
00:15:29,560 --> 00:15:31,880
That's your first gate, quality, legality,

414
00:15:31,880 --> 00:15:34,880
and provenance enforced before anyone even opens a viewer.

415
00:15:34,880 --> 00:15:36,520
Next, deterministic processing.

416
00:15:36,520 --> 00:15:38,600
Spark pipelines, retopologize measures,

417
00:15:38,600 --> 00:15:40,640
bake texture sets, generate LODs,

418
00:15:40,640 --> 00:15:42,160
and produce collider variants.

419
00:15:42,160 --> 00:15:45,320
Every step stamps lineage edges and pins tool chain hashes.

420
00:15:45,320 --> 00:15:47,880
Outputs are versioned, labeled internal only,

421
00:15:47,880 --> 00:15:49,240
until policy checks pass.

422
00:15:49,240 --> 00:15:51,360
The platform emits compatibility metadata,

423
00:15:51,360 --> 00:15:55,480
mesh 3.4, materials 2.1, collider 1.9, into the manifest.

424
00:15:55,480 --> 00:15:58,240
You don't rely on memory, you rely on metadata that compiles.

425
00:15:58,240 --> 00:16:00,520
Publishing isn't copying files to someone's desktop.

426
00:16:00,520 --> 00:16:02,680
The canonical asset stays in one lake.

427
00:16:02,680 --> 00:16:04,720
Teams get shortcuts into a product workspace

428
00:16:04,720 --> 00:16:06,040
with curated derivatives.

429
00:16:06,040 --> 00:16:09,320
Real-time ready meshes, texture atlases, simplified colliders,

430
00:16:09,320 --> 00:16:12,160
and a governance-friendly open USD scene.

431
00:16:12,160 --> 00:16:14,520
Access is roll-scoped, authors can update staging,

432
00:16:14,520 --> 00:16:16,960
consumers read published, partners get time-bound,

433
00:16:16,960 --> 00:16:19,240
region-bound reads via B2B Federation.

434
00:16:19,240 --> 00:16:21,480
No mystery zips, no al-weight rans for it,

435
00:16:21,480 --> 00:16:24,200
but you either pass through the gate or you wait outside.

436
00:16:24,200 --> 00:16:27,120
Now the real-time pivot, streaming, and tokens.

437
00:16:27,120 --> 00:16:29,520
Engines like Unity, Unreal, and Omniverse

438
00:16:29,520 --> 00:16:31,680
pull only what they need when they need it.

439
00:16:31,680 --> 00:16:35,280
Fabricments signed URLs tied to EntraID and policy claims

440
00:16:35,280 --> 00:16:38,200
who wear purpose, duration, derivative allowances,

441
00:16:38,200 --> 00:16:40,200
a scene request LOD1 for a close-up,

442
00:16:40,200 --> 00:16:43,400
allowed if attribution overlay is enabled and watermarked present.

443
00:16:43,400 --> 00:16:46,440
A texture request originates from a blocked region,

444
00:16:46,440 --> 00:16:49,120
denied with an explicit error and a lineage link,

445
00:16:49,120 --> 00:16:51,800
this is rights as code in motion, decisions at access time,

446
00:16:51,800 --> 00:16:54,400
not after compliance meeting, multi-user collaboration

447
00:16:54,400 --> 00:16:57,920
turns governance into choreography, two designers in different GOs,

448
00:16:57,920 --> 00:17:01,440
one robotics engineer in a lab, and a producer on a laptop,

449
00:17:01,440 --> 00:17:03,320
editing the same digital twin.

450
00:17:03,320 --> 00:17:05,480
Session orchestration checks compatibility locks

451
00:17:05,480 --> 00:17:07,040
at the manifest layer.

452
00:17:07,040 --> 00:17:08,920
You can tweak physics within guardrails,

453
00:17:08,920 --> 00:17:11,720
you can't swap a material that would violate export controls.

454
00:17:11,720 --> 00:17:13,720
If legal updates are licensed during the session,

455
00:17:13,720 --> 00:17:15,160
the change propagates.

456
00:17:15,160 --> 00:17:18,920
Token's expire, assets are demoted, and the UI surfaces are clear reason.

457
00:17:18,920 --> 00:17:21,800
Not a silent failure and enforced policy with receipts.

458
00:17:21,800 --> 00:17:24,320
Performance is not an excuse to break governance.

459
00:17:24,320 --> 00:17:27,960
Stream tile textures and mesh chunks don't duplicate canonical stores,

460
00:17:27,960 --> 00:17:30,040
cash with eviction and respect labels.

461
00:17:30,040 --> 00:17:32,760
Pre-big variance explicitly allowed by policy.

462
00:17:32,760 --> 00:17:38,200
If your scene creator needs a local copy of the 90 gear by source set to feel safe,

463
00:17:38,200 --> 00:17:39,200
the answer is no.

464
00:17:39,200 --> 00:17:42,000
You want real time, use streaming, you want compliance,

465
00:17:42,000 --> 00:17:44,720
use metadata and tokens, you want both fabric.

466
00:17:44,720 --> 00:17:45,960
Let's make it painfully specific.

467
00:17:45,960 --> 00:17:49,080
Safety training scenario, a digital twin of an electric bus,

468
00:17:49,080 --> 00:17:51,640
one-one fidelity with PPE inspection flow.

469
00:17:51,640 --> 00:17:54,960
The session pulls a published manifest pin to mesh 3.4 materials,

470
00:17:54,960 --> 00:17:58,560
2.1 collider, 1.9 physics, 1.2 license commercial territory,

471
00:17:58,560 --> 00:18:01,560
USBU duration, 2025, 12.31.

472
00:18:01,560 --> 00:18:04,000
A trainee in Europe authenticates via intra,

473
00:18:04,000 --> 00:18:06,000
the viewer requests needed assets.

474
00:18:06,000 --> 00:18:10,040
Fabric allows streaming with a public display subset if watermarking is enabled.

475
00:18:10,040 --> 00:18:12,720
The trainer in the US edits an annotation,

476
00:18:12,720 --> 00:18:14,520
which writes to a governed delta table,

477
00:18:14,520 --> 00:18:17,160
referenced by the scene lineage ties it to the session,

478
00:18:17,160 --> 00:18:20,920
and ordered a later queries who viewed post-repair variant in Q2,

479
00:18:20,920 --> 00:18:24,440
answer arrives in seconds with a lineage graph, not a forensics novel,

480
00:18:24,440 --> 00:18:26,120
common pitfalls and the fix.

481
00:18:26,120 --> 00:18:29,360
Pitfall one does preview assets that bypass manifests.

482
00:18:29,360 --> 00:18:33,960
Fix disable unsigned access require manifests for any published retrieval,

483
00:18:33,960 --> 00:18:37,920
and make the authoring tools fetch through the same APIs as viewers.

484
00:18:37,920 --> 00:18:42,160
Pitfall 2 partner handoffs via zip, fix provision B2B identities,

485
00:18:42,160 --> 00:18:45,320
scope workspaces, and require tokenized access.

486
00:18:45,320 --> 00:18:48,960
Build a one-click package that emits signed bundles with embedded licenses

487
00:18:48,960 --> 00:18:51,280
and timeouts if you truly need offline review.

488
00:18:51,280 --> 00:18:53,680
Pitfall 3 goes derivatives, fix.

489
00:18:53,680 --> 00:18:58,040
Pipelines must register outputs in a catalog item with retention and labels.

490
00:18:58,040 --> 00:19:01,120
Unregistered files are auto-deleted or quarantined by policy.

491
00:19:01,120 --> 00:19:03,360
Testing governance is non-negotiable.

492
00:19:03,360 --> 00:19:06,280
Build table top drills, revoke a license mid-sprint,

493
00:19:06,280 --> 00:19:09,520
rotate a region restriction, expire a token during a live session,

494
00:19:09,520 --> 00:19:11,080
push a breaking mesh update.

495
00:19:11,080 --> 00:19:13,000
Success isn't, we found the email.

496
00:19:13,000 --> 00:19:16,240
Success is the platform enforcing intent without heroics.

497
00:19:16,240 --> 00:19:17,600
Measure mean time to quarantine,

498
00:19:17,600 --> 00:19:19,960
percent of unauthorized requests correctly blocked,

499
00:19:19,960 --> 00:19:24,400
lineage completeness score and delta between published manifest and session resolved assets.

500
00:19:24,400 --> 00:19:28,240
If those numbers aren't boringly consistent, you're not production ready.

501
00:19:28,240 --> 00:19:31,480
Finally, the loop back to analytics, real-time scenes aren't black boxes.

502
00:19:31,480 --> 00:19:33,520
Usage logs feed fabrics monitoring workspace.

503
00:19:33,520 --> 00:19:36,160
You learn which allods cost you, which Geo's trigger denials,

504
00:19:36,160 --> 00:19:38,920
which partners push the limits and which policies cause friction.

505
00:19:38,920 --> 00:19:40,920
You adjust, not by whisper network,

506
00:19:40,920 --> 00:19:44,800
but by iterating policies, manifests, and pipelines with data.

507
00:19:44,800 --> 00:19:46,440
Essentially you govern the governance.

508
00:19:46,440 --> 00:19:48,080
You want the one sentence version?

509
00:19:48,080 --> 00:19:49,520
Stream the twin, not the chaos.

510
00:19:49,520 --> 00:19:52,240
Tokens, manifests, lineage, and labels do the heavy lifting.

511
00:19:52,240 --> 00:19:55,440
If the hardest, highest fidelity real-time use case runs clean,

512
00:19:55,440 --> 00:19:58,080
every lesser workload will obediently follow.

513
00:19:58,080 --> 00:19:59,760
The future of digital trust.

514
00:19:59,760 --> 00:20:01,040
Here's the blunt takeaway.

515
00:20:01,040 --> 00:20:02,880
Digital trust isn't a promise.

516
00:20:02,880 --> 00:20:05,040
It's enforcement at runtime with receipts.

517
00:20:05,040 --> 00:20:07,040
Real-time 3D just forces you to admit it.

518
00:20:07,040 --> 00:20:12,440
If identity lineage writes as code and streaming governance can hold a one-one digital twin together under load,

519
00:20:12,440 --> 00:20:15,040
everything else you run is trivial by comparison.

520
00:20:15,040 --> 00:20:16,240
So do the grown-up thing.

521
00:20:16,240 --> 00:20:19,360
Pin manifests, treat licenses as versioned components,

522
00:20:19,360 --> 00:20:22,880
stream with tokens, federate partners, drill revocations,

523
00:20:22,880 --> 00:20:26,480
and measure the boring metrics that prove policy isn't theatre.

524
00:20:26,480 --> 00:20:28,640
If this saved you time, repay the debt,

525
00:20:28,640 --> 00:20:31,680
subscribe, share this with the person still emailing zips,