The Community for Technology Leaders
Green Image
Issue No. 06 - Nov.-Dec. (2017 vol. 14)
ISSN: 1545-5971
pp: 591-604
Pietro Colombo , Dipartimento di Scienze Teoriche e Applicate UniversitÓ degli Studi dell?Insubria, Varese, Italy
Elena Ferrari , Dipartimento di Scienze Teoriche e Applicate UniversitÓ degli Studi dell?Insubria, Varese, Italy
ABSTRACT
Privacy has become a key requirement for data management systems. Nevertheless, NoSQL datastores, namely highly scalable non relational database management systems, which often support data management of Internet scale applications,still do not provide support for privacy policies enforcement. With this work, we begin to address this issue, by proposing an approach for the integration of purpose based policy enforcement capabilities into MongoDB, a popular NoSQL datastore. Our contribution consists of the enhancement of the MongoDB role based access control model with privacy concepts and related enforcement monitor. The proposed monitor is easily integrable into any MongoDB deployment through simple configurations. Experimental results show that our monitor enforces purpose-based access control with low overhead.
INDEX TERMS
Servers, Wires, Databases, Data models, Monitoring, Authorization
CITATION

P. Colombo and E. Ferrari, "Enhancing MongoDB with Purpose-Based Access Control," in IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 6, pp. 591-604, 2017.
doi:10.1109/TDSC.2015.2497680
203 ms
(Ver 3.3 (11022016))