Abstract
NoSQL databases outperform the traditional RDBMS due to their faster retrieval of large volumes of data, scalability, and high performance. The need for these databases has been increasing in recent years because data collection is growing tremendously. Structured, unstructured, and semi- structured data storage is allowed in NoSQL, which is not possible in a traditional database. NoSQL needs to compensate with its security feature for its amazing functionalities of faster data access and large data storage. The main concern exists in sensitive information stored in the data. The need to protect this sensitive data is crucial for confidentiality and privacy problems. To understand the severity of preserving sensitive data, recognizing the security issues is important. These security issues, if not resolved, will cause data loss, unauthorized access, database crashes by hackers, and security breaches. This paper investigates the security issues common to the top twenty NoSQL databases of the following types: document, key-value, column, graph, object- oriented, and multi-model. The top twenty NoSQL databases studied were MongoDB, Cassandra, CouchDB, Hypertable, Redis, Riak, Neo4j, Hadoop HBase, Couchbase, MemcacheDB, RavenDB, Voldemort, Perst, HyperGraphDB, NeoDatis, MyOODB, OrientDB, Apache Drill, Amazon, and Neptune. The comparison results show that there are common security issues among the databases. SQL injection security issues were detected in eight databases. The names of the databases were MongoDB, Cassandra, CouchDB, Neo4j, Couchbase, RavenDB, OrientDB, and Apache Drill.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.