Privacy has become a key requirement for data management systems. Nevertheless, NoSQL datastores, namely highly scalable non relational database management systems, which often support data management of Internet scale applications, still do not provide support for privacy policies enforcement. With this work, we begin to address this issue, by proposing an approach for the integration of purpose-based policy enforcement capabilities into MongoDB, one of the most popular NoSQL datastore. Our contribution consists of the enhancement of the MongoDB role based access control model with privacy concepts and related enforcement monitor. The proposed monitor is easily integrable into any MongoDB deployment through simple configurations. Experimental results show that our monitor enforces purpose-based access control with low overhead.

Enhancing MongoDB with Purpose based Access Control

COLOMBO, PIETRO;FERRARI, ELENA
2017-01-01

Abstract

Privacy has become a key requirement for data management systems. Nevertheless, NoSQL datastores, namely highly scalable non relational database management systems, which often support data management of Internet scale applications, still do not provide support for privacy policies enforcement. With this work, we begin to address this issue, by proposing an approach for the integration of purpose-based policy enforcement capabilities into MongoDB, one of the most popular NoSQL datastore. Our contribution consists of the enhancement of the MongoDB role based access control model with privacy concepts and related enforcement monitor. The proposed monitor is easily integrable into any MongoDB deployment through simple configurations. Experimental results show that our monitor enforces purpose-based access control with low overhead.
2017
MongoDB; NoSQL datastores; Privacy; Purpose-based access control
Colombo, Pietro; Ferrari, Elena
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11383/2024758
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 40
  • ???jsp.display-item.citation.isi??? 24
social impact