NoSQL datastores are getting increasing attention by companies and organisation for the ease and efficiency of handling high volumes of heterogeneous and unstructured data. Nowadays, as majority of these systems are available as cloud based services, this potentially favours their use even among small companies that could not afford the management of server farms for local cluster based solutions. However, besides all their benefits in terms of performance, availability and scalability as well as support for advanced analysis forms, NoSQL datastores also have some weaknesses, such as poor natively provided support for data protection. Recent surveys show that several companies consider the poor support for security features of NoSQL databases as a valid reason not to use them (Intel Co., 2013). In this paper, we do a first step to overcome these weaknesses by first proposing a roadmap to enhance the data protection functionalities of NoSQL datastores. Then, we illustrate our preliminary experience of designing an enhanced access control mechanism for MongoDB (http://www.mongodb.org), which, according to recent surveys (DB-Engines Ranking, 2017) ranks as the most popular NoSQL database.
Enhancing NoSQL datastores with fine-grained context-aware access control: A preliminary study on MongoDB
Colombo, P.;Ferrari, E.
2017-01-01
Abstract
NoSQL datastores are getting increasing attention by companies and organisation for the ease and efficiency of handling high volumes of heterogeneous and unstructured data. Nowadays, as majority of these systems are available as cloud based services, this potentially favours their use even among small companies that could not afford the management of server farms for local cluster based solutions. However, besides all their benefits in terms of performance, availability and scalability as well as support for advanced analysis forms, NoSQL datastores also have some weaknesses, such as poor natively provided support for data protection. Recent surveys show that several companies consider the poor support for security features of NoSQL databases as a valid reason not to use them (Intel Co., 2013). In this paper, we do a first step to overcome these weaknesses by first proposing a roadmap to enhance the data protection functionalities of NoSQL datastores. Then, we illustrate our preliminary experience of designing an enhanced access control mechanism for MongoDB (http://www.mongodb.org), which, according to recent surveys (DB-Engines Ranking, 2017) ranks as the most popular NoSQL database.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
