ALL COVERED TOPICS

NoSQL Benchmarks NoSQL use cases NoSQL Videos NoSQL Hybrid Solutions NoSQL Presentations Big Data Hadoop MapReduce Pig Hive Flume Oozie Sqoop HDFS ZooKeeper Cascading Cascalog BigTable Cassandra HBase Hypertable Couchbase CouchDB MongoDB OrientDB RavenDB Jackrabbit Terrastore Amazon DynamoDB Redis Riak Project Voldemort Tokyo Cabinet Kyoto Cabinet memcached Amazon SimpleDB Datomic MemcacheDB M/DB GT.M Amazon Dynamo Dynomite Mnesia Yahoo! PNUTS/Sherpa Neo4j InfoGrid Sones GraphDB InfiniteGraph AllegroGraph MarkLogic Clustrix CouchDB Case Studies MongoDB Case Studies NoSQL at Adobe NoSQL at Facebook NoSQL at Twitter

NAVIGATE MAIN CATEGORIES

Close

NoSQL Databases and Security: Cassandra and MongoDB Security Reviewed

Herman Stevens summarizes the findings of the paper “Security Issues in NoSQL Databases”:

The paper itself concluded that the main problems to both Cassandra and MongoDB are “the lack of encryption support for the data files, weak authentication both between the client and the servers and between server members, very simple authorization without support for RBAC or fine-grained authorization, and vulnerability to SQL Injection and Denial of Service attacks”

Cassandra security reviewed

Cassandra security

MongoDB security reviewed

MongoDB security

Even without the findings of Attacking NoSQL and Node.js: Server-Side JavaScript Injection (SSJS) things might be scary.

Original title and link: NoSQL Databases and Security: Cassandra and MongoDB Security Reviewed (NoSQL database©myNoSQL)

via: http://blog.astyran.sg/2011/11/there-is-no-security-in-nosql.html