Open AccessSecurity Testing Tool for NoSQL Systems
Author(s) -
Muhammad A. Lawal and Mostaf A. Saleh Muhammad A. Lawal and Mostaf A. Saleh
Publication year - 2019
Language(s) - English
Resource type - Journals
ISSN - 1658-6336
DOI - 10.4197/comp.8-1.8
Subject(s) - nosql , computer science , encryption , authentication (law) , database , computer security , scalability
NoSQL systems are becoming more popular due to their inherent advantages andsolutions it provides to the limits of a relational database. However, despite its benefits, it comeswith security challenges. In this paper, an input validation mechanism architecture is proposed forMongo DB to detect and prevent NoSQL injection attacks, the mechanism employs aDeterministic Finite Automaton (DFA) approach to detect and prevent attacks on NoSQLsystems. Furthermore, a security comparison of some NoSQL systems is provided based on recentliterature. The security features compared are authentication, authorization, data encryption andinput validation. The proposed mechanism will improve the security of Mongo DB systembecause invalid inputs requests will be detected and prevented from being processed.