Security Comparison Between Relational databases and NoSQL Databases

Source: Internet
Author: User
Tags mongodb documentation

[TechTarget Chinese original] Q: I am studying various types of database architectures. Can you tell me the security of non-SQL databases (NoSQL) and mainstream commercial relational databases?

 

For a database that stores information securely, it must provide confidentiality, integrity, and availability (CIA ). When necessary, data must be available (availability), but limited to authorized individuals or systems (confidentiality), and data can only be modified (integrity) by authorized persons ).

 

Relational databases include integrated functions such as role-based security, encrypted communication, and support for row and field access control, as well as user-level access control over stored procedures. Enterprise relational databases (RDBMS), such as Oracle and Microsoft SQL Server, and ACID (atomicity, consistency, isolation, durability: atomicity, consistency, isolation, and durability) properties to ensure that database transactions are processed reliably; Data Replication and logging ensure durability and data integrity. However, these functions are generally cost-effective, primarily license fees and data access speeds.

 

For social network applications like Facebook and e-commerce sites like Amazon, they need to process massive data. scalability and availability are key database requirements. Data can be distributed across hundreds or even thousands of servers. Now, many companies have switched to non-relational database management systems or non-SQL databases (NoSQL ). However, the security of NoSQL databases is far less powerful than that of relational databases.

 

Non-SQL databases (NoSQL) have attributes called BASE (based on available, soft state, and eventually consistent), so consistency is not required after each transaction, this attribute is sufficient for the database to eventually remain in the consistent state. This means that the user may not be able to see the latest data, but the data from the last snapshot, such as the item number in the inventory. Because transactions are not written to the database immediately, other transactions may interfere with the synchronization. This inherent race condition means that not all users will view the same data at the same time, which is a real risk for database processing, such as shared transactions.

 

NoSQL databases also lack confidentiality and integrity. For example, NoSQL databases do not have schema. You cannot separate permissions from tables, rows, or columns and maintain quick access to data. They rarely have built-in security mechanisms. The popular non-relational database MongoDB documentation writes, "One way to verify Mongo database running is in a trusted environment without security and authentication ...... Of course, in this configuration, you must ensure that only trusted machines can access the TCP port of the database ". The NoSQL database Riak does not support authentication or authorization.

 

This means that the confidentiality and integrity must be completely provided by the data access application. It sounds unrealistic to put the last line of defense for any extremely valuable data at the application level. Application developers do not work on implementing security functions, let alone coding from the beginning. In this case, you only have a firewall to protect your data.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.