Security of sharded NoSQL databases: A comparative analysis

Zahid, Anam; Masood, Rahat; Shibli, Muhammad Awais

doi:10.1109/ciacs.2014.6861323

Cited by 38 publications

(29 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…ElGamal Algorithms for Encrypting and Decrypting Messages between users consists the key generator. Standard security solution to data is done by encrypting the data [2]. NoSQL(MongoDB) for applying large-scale data that saves all personal CV job seeker details on our server, MongoDB are quickly grown to become a popular database for web applications and Mobile application, more importantly NoSQL is fast data access [3], [4].…”

Section: Introductionmentioning

confidence: 99%

NoSQL: Confidential on Data Security and Data Management by Using a Mobile Application

Abdalla¹,

Lin²,

Li³

et al. 2016

IJIEE

View full text Add to dashboard Cite

Abstract-CV data is one of the most precise forms of information for job seekers (or) employees details about personal, professional and both It manages and maintains any organization securely. Ensuring the security of data is, therefore, critical not only to preserve the data's of employees' highly personal information but also to minimize the legal risk to the organization as a whole. When some organizations do not see the full details of the job seekers CV, so for that we have to provide the security for this CV. When an organization takes care of reducing the manual workload, an organization performs; they choose to replace those processes with various levels of security systems. Data Security is the keeping data protected from corruption and unauthorized access and focuses beyond data security is to ensure the privacy while protecting personal or (business) corporate data. This paper will manage the complexity of CV data's. It's had a various process like employees develop their personal and organizational skills, knowledge, and abilities. Security is of high aspect when it comes to choosing a human resources management system, especially when it means keeping company (corporate) data and the privacy of employee records safe from hackers. Using a method of secure transmission of Encrypting and Decrypting Messages which encrypts the data as it transmits over the job portals with exchanging securely cryptographic keys over a public channel. An important is security is hiding of users particular details. Using NoSQL(MongoDB) for Saving and retrieve our data details.

show abstract

Section: Introductionmentioning

confidence: 99%

NoSQL: Confidential on Data Security and Data Management by Using a Mobile Application

Abdalla¹,

Lin²,

Li³

et al. 2016

IJIEE

View full text Add to dashboard Cite

show abstract

“…The first instance occurs when the user stores data in the database. This is referred to as "data at rest" [28]. If an attacker is able to gain access to the underlying system on which the DBMS is installed and read the data, then the data will be compromised if it is not encrypted.…”

Section: A Definition Of Encryptionmentioning

confidence: 99%

“…We define encryption as a means of ensuring confidentiality of data [28]. In regards to databases there are two instances where the user must apply encryption in order to protect data.…”

Section: A Definition Of Encryptionmentioning

confidence: 99%

“…This vulnerability includes both the encryption of data transmitting between two entities (e.g., client/server, node/node, etc.) and the encryption of data that is stored in the database [28].…”

Section: Encryptionmentioning

confidence: 99%

“…We define authentication as the process by which a computer system confirms whether or not a user is who he or she claims to be [28]. Authentication is based on the factors of an individual of which there are currently three: something you have, something you know, and something you are [40].…”

Section: A Definition Of Authentication and Authorizationmentioning

confidence: 99%

See 2 more Smart Citations

Methods to Secure Databases Against Vulnerabilities

Sloan¹

2015

View full text Add to dashboard Cite

Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to SPONSORING /MONITORING AGENCY NAME(S) AND ADDRESS(ES)N 12a. DISTRIBUTION / AVAILABILITY STATEMENTApproved for public release; distribution is unlimited 12b. DISTRIBUTION CODE ABSTRACT (maximum 200 words)Many commercial and government organizations utilize some form of proprietary or open source database management system. Recent history shows security incidents involving database management system vulnerabilities resulting in the compromise of personal information for millions of people. This thesis identifies common vulnerabilities affecting database management systems: injection, misconfigured databases, HTTP interfaces, encryption, and authentication and authorization. This thesis also examines three open source database management systems: MySQL, MongoDB, and Cassandra. We test each against the aforementioned vulnerabilities and provide recommendations to mitigate the vulnerabilities. SUBJECT TERMS

show abstract

Security assessment of data management systems for cyber physical system applications

Chaudhry

Yousaf

Khan

2019

J Software Evolu Process

View full text Add to dashboard Cite

Cyber physical system (CPS) applications are widely used to control critical infrastructure of various application domains, eg, medical health care, energy, and power, to name a few. Such applications usually take input data from sensors, estimate current state of the system, and then based on the estimation, make critical decisions to control the underlying infrastructure automatically. Therefore, security and integrity of the (system state) data are critically important to ensure safe operations of CPS. In this paper, we present a review of security of various data management systems used in CPS. Since CPS are composed of systems of (sub)systems that generate a huge amount of data (ie, periodical sensor input data), therefore, recently, NoSQL and NewSQL data management systems have emerged as popular data management systems to support efficient and scalable analysis of unstructured data. Unfortunately, these systems were not initially build for data security and thus are vulnerable to numerous security attacks. Considering flexible data model and efficient access methods in NoSQL and NewSQL, we discuss the security attacks on such data management systems and their corresponding solutions to mitigate them. In particular, we analyze the system and data security of popular NoSQL and NewSQL systems. To analyze that, we defined feature vectors for system and data security and compared the data systems against them. Finally, we propose security solutions for data management systems by identifying various security vulnerabilities in internal security algorithms of such systems. KEYWORDSaccess control security, CPS, data integrity, data security INTRODUCTIONIndustry 4.0 has led to the development of cyber physical systems (CPSs). A typical CPS consists of cyber and physical components, where cyber components are responsible for controlling physical components (respectively process) of an underlying critical infrastructure. The cyber components receive sensor data as an input to estimate current state of the physical components. Based on the state estimation, the cyber components make decisions (ie, issue commands) to change the state of the physical process. With the recent trend towards affordable sensors, fast communication networks, and better data acquisition methods, massive amount of data is generated by various sensors and autonomous resources in a CPS. This huge volume of data needs big data processing and management techniques. This introduces challenges related to the performance, security, reliability, scalability, and fault tolerance of a system. Since a CPS makes decision based on sensor input data, such data needs to be protected against various security attacks to ensure reliable and safe data operations. In this paper, we review the security of various data management systems that are used to store process data in a CPS. Modern CPS uses NoSQL and NewSQL systems to store data in order to assure reliable and efficient (ie, with strict time requirements) CPS operations. The increased data access has increa...

show abstract

Security of sharded NoSQL databases: A comparative analysis

Cited by 38 publications

References 7 publications

NoSQL: Confidential on Data Security and Data Management by Using a Mobile Application

NoSQL: Confidential on Data Security and Data Management by Using a Mobile Application

Methods to Secure Databases Against Vulnerabilities

Security assessment of data management systems for cyber physical system applications

Contact Info

Product

Resources

About