Improving security in NoSQL document databases through model-driven modernization
Por favor, use este identificador para citar o enlazar este ítem:
http://hdl.handle.net/10045/116636
Título: | Improving security in NoSQL document databases through model-driven modernization |
---|---|
Autor/es: | Maté, Alejandro | Peral, Jesús | Trujillo, Juan | Blanco Bueno, Carlos | García-Saiz, Diego | Fernández-Medina Patón, Eduardo |
Grupo/s de investigación o GITE: | Lucentia |
Centro, Departamento o Servicio: | Universidad de Alicante. Departamento de Lenguajes y Sistemas Informáticos |
Palabras clave: | NoSQL databases | Security | Modernization process | Ontology |
Área/s de conocimiento: | Lenguajes y Sistemas Informáticos |
Fecha de publicación: | 13-jul-2021 |
Editor: | Springer Nature |
Cita bibliográfica: | Knowledge and Information Systems. 2021, 63: 2209-2230. https://doi.org/10.1007/s10115-021-01589-x |
Resumen: | NoSQL technologies have become a common component in many information systems and software applications. These technologies are focused on performance, enabling scalable processing of large volumes of structured and unstructured data. Unfortunately, most developments over NoSQL technologies consider security as an afterthought, putting at risk personal data of individuals and potentially causing severe economic loses as well as reputation crisis. In order to avoid these situations, companies require an approach that introduces security mechanisms into their systems without scrapping already in-place solutions to restart all over again the design process. Therefore, in this paper we propose the first modernization approach for introducing security in NoSQL databases, focusing on access control and thereby improving the security of their associated information systems and applications. Our approach analyzes the existing NoSQL solution of the organization, using a domain ontology to detect sensitive information and creating a conceptual model of the database. Together with this model, a series of security issues related to access control are listed, allowing database designers to identify the security mechanisms that must be incorporated into their existing solution. For each security issue, our approach automatically generates a proposed solution, consisting of a combination of privilege modifications, new roles and views to improve access control. In order to test our approach, we apply our process to a medical database implemented using the popular document-oriented NoSQL database, MongoDB. The great advantages of our approach are that: (1) it takes into account the context of the system thanks to the introduction of domain ontologies, (2) it helps to avoid missing critical access control issues since the analysis is performed automatically, (3) it reduces the effort and costs of the modernization process thanks to the automated steps in the process, (4) it can be used with different NoSQL document-based technologies in a successful way by adjusting the metamodel, and (5) it is lined up with known standards, hence allowing the application of guidelines and best practices. |
Patrocinador/es: | This work was supported in part by the Spanish Ministry of Science, Innovation and Universities through the Project ECLIPSE under Grants RTI2018-094283-BC31 and RTI2018-094283- B-C32. Furthermore, it has been funded by the AETHER-UA (PID2020-112540RB-C43) Project from the Spanish Ministry of Science and Innovation. |
URI: | http://hdl.handle.net/10045/116636 |
ISSN: | 0219-1377 (Print) | 0219-3116 (Online) |
DOI: | 10.1007/s10115-021-01589-x |
Idioma: | eng |
Tipo: | info:eu-repo/semantics/article |
Derechos: | © The Author(s) 2021. Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/. |
Revisión científica: | si |
Versión del editor: | https://doi.org/10.1007/s10115-021-01589-x |
Aparece en las colecciones: | INV - LUCENTIA - Artículos de Revistas |
Archivos en este ítem:
Archivo | Descripción | Tamaño | Formato | |
---|---|---|---|---|
Mate_etal_2021_KnowlInfSyst.pdf | 1,69 MB | Adobe PDF | Abrir Vista previa | |
Este ítem está licenciado bajo Licencia Creative Commons