{"title":"选定NoSQL系统的标准安全特性分析","authors":"Wilhelm Zugaj, A. Beichler","doi":"10.11648/J.AJIST.20190302.12","DOIUrl":null,"url":null,"abstract":"NoSQL solutions have recently been gaining significant attention because they address some of the inefficiencies of traditional database management systems. NoSQL databases offer features such as performant distributed architecture, flexibility and horizontal scaling. Despite these advantages, there is a vast quantity of NoSQL systems available, which differ greatly from each other. The resulting lack of standardization of security features leads to a questionable maturity in terms of security. What is therefore much needed is a systematic lab research of the availability and maturity of the implementation of the most common standard database security features in NoSQL systems, resulting in a NoSQL security map. This paper summarizes the first part of our research project trying to outline such a map. It documents the definition of the standard security features to be investigated based on a literature review in the area of standard database security. After selection of OrientDB, Redis, Cassandra and MongoDB as initial representatives of commonly used NoSQL systems, a description of systematic investigation of standard database security features for each of these four systems is given. All findings are summarized in tables for quick and easy comparison. We conclude that systems investigated need better default configurations and should enable their security features per default. Finally, we provide an outlook to the next steps of researching a security map for NoSQL systems.","PeriodicalId":50013,"journal":{"name":"Journal of the American Society for Information Science and Technology","volume":"71 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Analysis of Standard Security Features for Selected NoSQL Systems\",\"authors\":\"Wilhelm Zugaj, A. Beichler\",\"doi\":\"10.11648/J.AJIST.20190302.12\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"NoSQL solutions have recently been gaining significant attention because they address some of the inefficiencies of traditional database management systems. NoSQL databases offer features such as performant distributed architecture, flexibility and horizontal scaling. Despite these advantages, there is a vast quantity of NoSQL systems available, which differ greatly from each other. The resulting lack of standardization of security features leads to a questionable maturity in terms of security. What is therefore much needed is a systematic lab research of the availability and maturity of the implementation of the most common standard database security features in NoSQL systems, resulting in a NoSQL security map. This paper summarizes the first part of our research project trying to outline such a map. It documents the definition of the standard security features to be investigated based on a literature review in the area of standard database security. After selection of OrientDB, Redis, Cassandra and MongoDB as initial representatives of commonly used NoSQL systems, a description of systematic investigation of standard database security features for each of these four systems is given. All findings are summarized in tables for quick and easy comparison. We conclude that systems investigated need better default configurations and should enable their security features per default. Finally, we provide an outlook to the next steps of researching a security map for NoSQL systems.\",\"PeriodicalId\":50013,\"journal\":{\"name\":\"Journal of the American Society for Information Science and Technology\",\"volume\":\"71 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of the American Society for Information Science and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.11648/J.AJIST.20190302.12\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of the American Society for Information Science and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11648/J.AJIST.20190302.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Analysis of Standard Security Features for Selected NoSQL Systems
NoSQL solutions have recently been gaining significant attention because they address some of the inefficiencies of traditional database management systems. NoSQL databases offer features such as performant distributed architecture, flexibility and horizontal scaling. Despite these advantages, there is a vast quantity of NoSQL systems available, which differ greatly from each other. The resulting lack of standardization of security features leads to a questionable maturity in terms of security. What is therefore much needed is a systematic lab research of the availability and maturity of the implementation of the most common standard database security features in NoSQL systems, resulting in a NoSQL security map. This paper summarizes the first part of our research project trying to outline such a map. It documents the definition of the standard security features to be investigated based on a literature review in the area of standard database security. After selection of OrientDB, Redis, Cassandra and MongoDB as initial representatives of commonly used NoSQL systems, a description of systematic investigation of standard database security features for each of these four systems is given. All findings are summarized in tables for quick and easy comparison. We conclude that systems investigated need better default configurations and should enable their security features per default. Finally, we provide an outlook to the next steps of researching a security map for NoSQL systems.