Chapter 11. Security: protecting data in your NoSQL systems


This chapter covers

  • NoSQL database security model
  • Security architecture
  • Dimensions of security
  • Application versus database-layer security trade-off analysis

Security is always excessive until it’s not enough.

Robbie Sinclair

If you’re using a NoSQL database to power a single application, strong security at the database level probably isn’t necessary. But as the NoSQL database becomes popular and is used by multiple projects, you’ll cross departmental trust boundaries and should consider adding database-level security.

Organizations must comply with governmental regulations that dictate systems, and applications need detailed audit records anytime someone reads or changes data. For example, US health care records, governed by the Health Information Privacy Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH Act) regulations, require audits of anyone who has accessed personally identifiable patient data.

11.1. A security model for NoSQL databases

11.2. Gathering your security requirements

11.3. Case Study: access controls on key-value store—Amazon S3

11.4. Case study: using key visibility with Apache Accumulo

11.5. Case study: using MarkLogic’s RBAC model in secure publishing

11.6. Summary

11.7. Further reading