Title: Enhancing NoSQL datastores with fine-grained context-aware access control: a preliminary study on MongoDB

Authors: Pietro Colombo; Elena Ferrari

Addresses: Dipartimento di Scienze Teoriche e Applicate, Università degli Studi dell'Insubria, Varese, Italy ' Dipartimento di Scienze Teoriche e Applicate, Università degli Studi dell'Insubria, Varese, Italy

Abstract: NoSQL datastores are getting increasing attention by companies and organisation for the ease and efficiency of handling high volumes of heterogeneous and unstructured data. Nowadays, as majority of these systems are available as cloud based services, this potentially favours their use even among small companies that could not afford the management of server farms for local cluster based solutions. However, besides all their benefits in terms of performance, availability and scalability as well as support for advanced analysis forms, NoSQL datastores also have some weaknesses, such as poor natively provided support for data protection. Recent surveys show that several companies consider the poor support for security features of NoSQL databases as a valid reason not to use them (Intel Co., 2013). In this paper, we do a first step to overcome these weaknesses by first proposing a roadmap to enhance the data protection functionalities of NoSQL datastores. Then, we illustrate our preliminary experience of designing an enhanced access control mechanism for MongoDB (http://www.mongodb.org), which, according to recent surveys (DB-Engines Ranking, 2017) ranks as the most popular NoSQL database.

Keywords: NoSQL datastores; context awareness; fine grained access control; FGAC; MongoDB.

DOI: 10.1504/IJCC.2017.090197

International Journal of Cloud Computing, 2017 Vol.6 No.4, pp.292 - 305

Available online: 23 Feb 2018 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article