• No results found

NoSQL Database Systems and their Security Challenges

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "NoSQL Database Systems and their Security Challenges"

Copied!
59
0
0

Loading.... (view fulltext now)

Download now ( 59 Page )

Full text

(1)NoSQL Database Systems and their Security Challenges Morteza Amini [email protected]. Data & Network Security Lab (DNSL) Department of Computer Engineering Sharif University of Technology. September 2015 12th ISC International Conference on Information Security and Cryptology (ISCISC’15) NoSQL Database Systems and their Security Challenges ISCISC 2015.

(2) Talk Outline. Introduction NoSQL vs. Relational Databases Types of NoSQL Databases NoSQL Security Challenges 2 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(3) Introduction. 3 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(4) Current Trends  The new generation of applications like cloud or Grid apps,. Business Intelligence, Web 2.0, Social networking requires storing and processing of terabytes and even petabytes of data. 4 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(5) Today  We have…   . More users More data Interactive apps. 1 0 1 1 0 0. 5 / 59. ISCISC 2015. 1 0 1 1 0 0. 1 0 1 0 0 1 0. 0 01 10 11 01 10 10 0. 1 0 1 1 1 0 0. 1 0 10 10 00 01 01 0. 1 1 0 1 1 1 1 0 0 0 1. NoSQL Database Systems and their Security Challenges.

(6) Today  The requirements of storage database systems is. changed. 1 0 1 1 0 0. 1 0 1 0 0 1 0. 0 01 10 11 01 10 10 0. 1 0 1 1 1 0 0. 1 0 10 10 00 01 01 0. Relational Database is10 1not suitable 1 1 Distributed Storage and 1 Processing 1 0 0 NoSQL = Not Only SQL 0. 6 / 59. ISCISC 2015. 1 0 1 1 0 0. 1. NoSQL Database Systems and their Security Challenges.

(7) NoSQL vs. Relational Databases. 7 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(8) Why relational database is not suitable ?  A relational database is a data structure that allows. you to link information from different ‘tables’. 8 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(9) Why relational database is not suitable ? . 9 / 59. Pros . Have been well-developed to meet confidentiality, availability and integrity. . Work best with structured data. . Use standard query language. . ACID. . Very good for small dataset ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(10) Why relational database is not suitable ?  Cons  Scaling. . 10 / 59. Relied on scale up rather than scale out. . Large feature set. . Non-linear query execution time. . Static schema ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(11) Reasons for Distributed Storage and Processing  Take advantage of multiple systems as well as multi-core CPU. architectures  Servers have to be globally distributed for low latency and. failover. 11 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(12) Characteristics of NoSQL Databases  NoSQL databases have been designed for solving the Big. Data issue by utilizing distributed, collaborating hosts to achieve satisfactory performance in data storage and retrieval.  Mostly being non-relational . No join / Unstructured data.  Provide great performance, availability, scalability and. flexibility  Distribution, Replication, Failover. 12 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(13) NoSQL Trend  The term NoSQL was first used in 1998. Relational databases.  As. name of file-based database that NoSQL omitted the databases. use of SQL.  The term was picked up again in 2009.  It became a serious competitor to the term RDB. Google Trend 13 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(14) Characteristics of NoSQL Databases  Provide BASE (Basically Available, Soft state,. Eventual consistent) system, but not ACID as a Relational Database Management System.  Schema-free  Easy replication support and running well on. clusters  Simple API 14 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(15) CAP Theorem  Any shared-data system can have at most two of these. properties AP.    . . CA   . . Consistency. Relational databases Vertica (column-oriented) GreenPlum (Relational). CP  . 15 / 59. Voldemart (Key-value) CouchDB (Document), Riak(Document). All nodes always have the same view of the data.. Every request (read and write) receives response.. Availability The system works well despite physical network partitions.. Partition Tolerance. BigTable (Column Oriented), MongoDB(Document) ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(16) Types of NoSQL Databases. 16 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(17) NoSQL Data Models  There are more than 150 NoSQL databases. 17 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(18) Major Companies using NoSQL Databases. © Fidelis Cybersecurity, 2014 18 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(19) NoSQL Data Models. Graph. Key-value. Data Model. document. Columwide. 19 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(20) Key-value Stores  Work by matching keys with values, similar to a dictionary . very fast. . very scalable. . simple model. . able to distribute horizontally.  Cons: many data structures (objects) can't be easily. modeled key value pairs 20 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(21) Key-value Stores. © http://www.thoughtworks.com/insights/blog/nosql-databases-overview. 21 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(22) NoSQL Data Models. Graph. Key-value. Data Model. document. Columwide. 22 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(23) Column-Wide Stores  Similar to relational database but not alike.  Each KEY is associated with one or more columns (Row key).  A Column stores their data in such way that can be. efficiently aggregated, reducing the I/O activity.  it is suitable for data mining and analytic systems. © http://www.thoughtworks.com/insights/blog/nosql-databases-overview. 23 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(24) NoSQL Data Models. Graph. Key-value. Data Model. document. Columwide. 24 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(25) Document Stores  The data is stored in the form of documents . in a standard format (xml,pdf, json, etc)..  More flexible because of their lack of schema  The documents may have only the filled and. important fields, letting the empty and null out, saving some storage space. 25 / 59. http://www.thoughtworks.com/insights/blog/nosql-databases-overview NoSQL Database Systems and their Security Challenges ISCISC 2015.

(26) NoSQL Data Models. Graph. Key-value. Data model. document. Columwide. 26 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(27) Graph Stores  Save the data in a form of graph  The nodes are object and the edges relations between the. objects.  The main goal of graph store is to know the relations. between nodes and how the nodes are inter-connected.. © http://scraping.pro/where-nosql-practically-used/ 27 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(28) Which one is the best?  It depends on the application requirements. Size of data  Complexity  CAP theory  Format of data . © Fidelis Cybersecurity, 2014. 28 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(29) NoSQL Security Challenges. 29 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(30) NoSQL Security  Most of NoSQL databases do not provide any feature of. embedding security in the database itself. . Developers need to impose security in the middleware..  Security issues that affected RDBMSs were also. inherited in the NoSQL databases as well as new ones imposed by their new features.. 30 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(31) NoSQL Security  Security may be difficult . Owing to the unstructured (dynamic) nature of the data stored in these databases. 31 / 59. . Distributed environment. . Cost of security in contrast to prformance. . No strong consistency ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(32) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 32 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(33) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 33 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(34) Threats Posed By Distributed Environments  Distributed Environments increase attack surface. across several distributed nodes  Compromised Clients . . . 34 / 59. Malicious data gets propagated from a single compromised location Protecting nodes, name servers and those clients becomes difficult especially when there is no central management security point. Vulnerabilities of Gossip based membership protocol in Cassandra and Dynamo [Aniello, et al. 2013] ISCISC 2015. Zombie node Ghost node. NoSQL Database Systems and their Security Challenges.

(35) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 35 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(36) Authorization and Access Control  Two important challenges:. Possibility: how to define security policies for schema-less or dynamic-schema databases?  Performance: availability vs. access control overhead: how to manage cost of access control? . 36 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(37) Authorization and Access Control  Fine-grained (row or column level) access control: . . . heterogeneous data is stored together in one database as opposed to relational models which conform to defined schemas and tables that store only related data. Schema-less nature of NoSQL DBs does not allow finegrained access control. We need Looking Forward Security Most of them allow Column Family level authorization.. NoSQL DBMS. 37 / 59. Granularity. Explanation. BigTable. Column Family. Using ACL. Cassandra. Column Family. Using IAuthorizer API. HBase. Column Family / Cell. Group-based authorization. Accumulo. Cell. Using Visibility field. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(38) Authorization and Access Control  Fine-grained (row or column level) access control:. Using top-level ontology for access policy specification. . 38 / 59. . . Secret heterogeneous data is stored together in one database as opposed to relational models which conform to defined Unclassified schemas and tables that store only related data. Schema-less nature of NoSQL DBs does not Confidential allow finegrained access control. We need Looking Forward Security Most of them allow Column Family level authorization. Confidential. NoSQL DBMS. Granularity. Unclassified Explanation. BigTable. Column Family. Using ACL. Cassandra. Column Family. Using IAuthorizer API Secret. HBase. Column Family / Cell. Group-based authorization. Accumulo. Cell. Using Visibility field. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(39) Authorization and Access Control  Fine-grained (row or column level) access control:. Grouping data with the same security level (node level).. . 39 / 59. . . heterogeneous data is stored together in one database as Secret opposed to relational models which conform to defined schemas and tables that store only related data. Unclassified Schema-less nature of NoSQL DBs does not allow fineConfidential Security grained access control. We need Looking Forward Most of them allow Column Family level authorization.. Confidential NoSQL DBMS BigTable. Column Family. Explanation Unclassified Using ACL. Cassandra. Column Family. Using IAuthorizer API. HBase. Column Family / Cell. Group-based authorization Secret. Accumulo. Cell. Using Visibility field. ISCISC 2015. Granularity. NoSQL Database Systems and their Security Challenges.

(40) Authorization and Access Control  Inference Control: Access control on aggregated. data, especially in Column-Wide databases and Time-Series databases.. ,22. 40 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(41) Authorization and Access Control  Administration / Access Control Management:. how and where to grant database accesses . . . . 41 / 59. Local vs. Global access policies and their possible conflicts. Centralized approach: single-point-of-failure, availability issues Distributed approach: consistency of distributed access rules Semidistributed approach:. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(42) Authorization and Access Control.  By default, there is no authorization.  Privileged admins can grant the privileges on resources to a selected user.  By default, there is no authorization. Provisions authorization on a per-‐database level by using a role-‐based approach. 42 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(43) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 43 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(44) Safeguarding Integrity  Enforcing integrity constraints is much harder in NoSQL. database system . Consistency is in contrast with availability and performance. . Transactional integrity is in contrast with its soft nature.  How to define integrity constraints? [its schema-less nature]  Which types of integrity constraints can be defined?  How to control? [there is absence of central control/. performance and availability issues] 44 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(45) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 45 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(46) Protection of Data at Rest  Encryption is widely regarded as the defacto. standard for safeguarding data in storage.  Most industry solutions offering encryption services lack horizontal scaling and transparency required in the NoSQL environment.  Only a few categories of NoSQL databases provide. mechanisms to protect data at rest by employing encryption techniques. We need Light Weight Cryptography! 46 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(47) Protection of Data at Rest.  Use Transparent Data Encryption (TDE) to protect data that is written to disk.  The commit log is not encrypted at all..  Data files in MongoDB are never encrypted.. 47 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(48) NoSQL Major Security Challenges • Threats Posed By Distributed Environments • Authorization and Access Control • Safeguarding Integrity • Protection of Data at Rest • User Data Privacy 48 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(49) Users Data Privacy  Privacy, main challenge of Web 2.0 and Virtual. Social Networks.  Large amounts of user- related sensitive information in NoSQL databases.  Which kinds of methods is applicable in practice for NoSQL databases?  Access Control  Encryption  Anonymization  ... 49 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(50) NoSQL Minor Security Challenges • Authentication (Users and Clients) • Audit And Logging • Protection of Data at Motion • API Security. 50 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(51) Authentication . Some NoSQL databases enforce authentication  By default, there is no authentication.. mechanism at local node level, but fail to enforce  Has Password Authenticator. authentication all commodity servers.  Canacross further provide Kerberos authentication.  By default, there is no authentication.  Support for authentication on a per-‐database level.. 51 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(52) Audit and Logging  NoSQL databases has poor logging and log analysis. methods  Auditing is available in Enterprise Cassandra.  Filters are available for logging  MongoDB is far behind in implementing the desired security logging and monitoring.. 52 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(53) Protection of Data in Motion  Communication between clients and nodes. (traditional issue)  Communication between nodes  RPC over TCP/IP. 53 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(54) Protection of Data in Motion  Communications should be encrypted Client-Node Communications: By default, is not encrypted. SSL can be configured.. . Client-Node Communications. . SSL can be configured. Inter-Node Communications. Inter-Node Communications: By default, is not encrypted..  Client-Node Communications: it is required to either recompile MongoDB with the "-‐ssl" option.  Inter-Node Communications: is not supported.. 54 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(55) API Security  APIs can be subjected to several attacks such as Code. injection, buffer over flows, command injection as they access the NoSQL databases.  Server Side JavaScript Injection (SSJS)  Schema injection / Query injection / JSON injection  In PHP: $query = 'function() {var search_year = \'' .$_GET['year'] . '\';' . 'return this.publicationYear == search_year || ' . ' this.filmingYear == search_year || ' . ' this.recordingYear == search_year;}'; $cursor = $collection->find(array('$where' => $query));.  DoS Attacks http://server/app.php?year=1995';while(1);var%20foo='bar 55 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(56) API Security.  Is vulnerable to injection.  MongoDB, $where operator can be used for injection.. 56 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(57) Summary  NoSQL Database Systems for unstructured and big data. Main features: Performance, Availability, Scalability  NoSQL Security Challenges:  Threats posed by their distributed nature  Fine-grained authorization and inference control  Integrity constraint definition and control  Light weight transparent encryption of data in rest  Users’ privacy  ... . 57 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(58) Some References . . .  .   . [Aniello, et al. 2013] L. Aniello, S. Bonomi, M. Breno, R. Baldoni, “Assessing Data Availability of Cassandra in the Presence of non-accurate Membership”, The 2nd International Workshop on Dependability Issues in Cloud Computing, 2013. [Kadebu , et al. 2014] P. Kadebu, I. Mapanga, A Security Requirements Perspective towards a Secured NOSQL Database Environment, International Conference of Advance Research and Innovation, 2014. [Noiumkar, et al. 2014] P. Noiumkar, and T. Chomsiri, A Comparison the Level of Security on Top 5 Open Source NoSQL Databases, The 9th International Conference on Information Technology and Applications, 2014. [Fidelis Cybersecurity 2014] Current Data Security Issues of NoSQL Databases, Fidelis Cybersecurity, 2014. [Okman, et al. 2011] L. Okman, N. Gal-Oz, Y. Gonen, E. Gudes, and J. Abramov, Security Issues in NoSQL Databases, International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST11, 2011. [Shermin 2013] M. Shermin, An Access Control Model for NoSQL Databases, M.Sc. thesis, The University of Western Ontario, 2013. [Ron, et al. 2015] A. Ron, A. Shulman-Peleg, E. Bronshtein, No SQL, No Injection? Examining NoSQL Security, The 9th Workshop on Web 2.0 Security and Privacy, 2015. [Rong, et al. 2013] C. Rong, Z. Quan, A. Chakravorty, On Access Control Schemes for Hadoop Data Storage, International Conference on Cloud Computing and Big Data, 2013.. 58 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(59) Thanks for your attention ... Any Question? [email protected] Thank Ms Dolatnezhad for helping in preparing this presentation. 59 / 59. ISCISC 2015. NoSQL Database Systems and their Security Challenges.

(60)

References

Download now ( PDF - 59 Page - 2.66 MB )

Related documents

TEXAS COURT OF CRIMINAL APPEALS CASE NO. WR-83, IN RE STATE OF TEXAS EX REL. ABELINO REYNA Relator. Trial Cause No.

Clendennen’s arrest, into perspective, a review of the docket sheets in the other infamous Waco case- the Branch Davidian case- reveals that a “gag order” was not entered

Chapter 7 Lab - Decimal, Binary, Octal, Hexadecimal Numbering Systems

Chapter 7 Lab - Decimal, Binary, Octal, Hexadecimal Numbering Systems This assignment is designed to familiarize you with different numbering systems, specifically: binary,

Ole Jonny Klakegg. Governance of Major Public Investment Projects In Pursuit of Relevance and Sustainability

(attitudes, communication, and knowledge) and structure (process, roles, methods, and control). This is also necessary to achieve the intended improvement. Thus far the

Urban Housing Patterns in a tide of change:

To summarise the outline of the study: Chapter 2 presents the methodolo- gy; Chapter 3 describes the study area; Chapters 4 and 5 deal with urban eco- nomic residential

Non-pronominal uses of it: a case study in women’s fashion magazines

On the contrary, they not only are highly and increasingly numerous in Spanish but also “the forerunners” which explain, on the one hand, similar forms in Spanish,

Sedation options for the morbidly obese intensive care unit patient: a concise survey and an agenda for development

Perceived versus actual sedation practices in adult intensive care unit patients receiving mechanical ventilation. The use of propofol for medium and long-term sedation in

LocalAnesthetics:Uses andtoxicities

Further peak concentrations from the neck infusion were reached much earlier (5.8 hours) than those from the lower-extremity infusion (12.8 hours). Studies have shown that

Take a closer look at fast-installing Pin & Sleeve products that work for you.

Arrives ready to wire, with cord grip open and cable- ready; terminal screws come.. backed out and ready to wire; front and back body require no disassembly prior