Professional Documents
Culture Documents
-2022
http://iraj.in
INCREASING SECURITY IN MONGO DB BY USING PERCONA
SERVER
1
NAZREE NADHIR, 2THEODORE JOSEPH SIAHAYA, 3RAKA KALBU IMAJI, 4JAMES PURNAMA,
5
CHRISTIAN JOSEPH DE SILVA TAN
1,2,3,5
Bachelor of Information Technology Swiss German University, Tangerang, Indonesia
4
Head of Information Technology, Swiss German University Tangerang, Indonesia
E-mail: 1nazree.nadhir@student.sgu.ac.id, 2theodore.siahaya@student.sgu.ac.id, 3raka.imaji@student.sgu.ac.id,
4
james.purnama@sgu.ac.id, 5christian.tan@student.sgu.ac.id
Abstract - MongoDB is a non-relational database that is usually used for many types of organizations such as business,
government, and many more. However, every system will always have flaws inside which is usually known as its weakness.
One of the weaknesses that existed inside MongoDB is related to the security inside the database such as the encryption.
MongoDB does not have any encryption which means that the database inside will not be secure. Every database should be
able to encrypt the data inside for the purpose of security. If not, attacks like data breach will reach the database and all data
will be leaked. With this research paper that aims to increase the security in MongoDB by using Percona Server, it is certain
that security inside the database could be implemented for further use inside the MongoDB database.
Keywords - Security, Network Security, MongoDB, NoSQL, Encryption, Database, Collections, Documents, Non-
Relational Database, Percona Server
I. INTRODUCTION
II. LITERATURE REVIEW
MongoDB is a document-oriented non-relational
database. It is one of the most popular NoSQL A. MongoDB Security
databases used in a lot of countries, because it has MongoDB is a fairly new database management
many interesting features such as it’s unique data system. It’s default security system allows everyone
model, availability, and it’s scalability. It is different to access the database. This means that the default
from the usual SQL database which is a relational security requirements of MongoDB is pretty low, and
database. MongoDB database has been implemented it needs an extra security system to make the database
on many applications such as E-commerce more secure. There are multiple aspects of the
applications, Social Media Applications, and many security of a database, there are confidentiality,
other applications as well. MongoDB has many integrity, and availability. Confidentiality is when we
advantages which are, Mongo-DB is an open source give authorization to which gives restricted access to
document based tool and it can be used to store a a file/information. Integrity is when we protect the
huge volume of data. MongoDB uses document- files from improper modification to ensure credible
oriented data and it also uses an unstructured query information so that such attacks such as data
language which makes it scalable and flexible for modification or even data theft will not happen.
users to learn and use the tool. Availability is when we ensure the access and to the
use of information. With all the securing data ways,
Security of a database is one of the most important MongoDB usually lacks security , especially to
factors in setting up a database. Without a good encryption which means that applying encryption for
security system, a database will be vulnerable to the data inside the database is the best option in order
attacks, such as SQL injection attacks, and breached to protect the MongoDB database inside.
databases. In a big company, database security is very
important to ensure that the data of employees, B. NoSQL Database
customers, and everything in between is secured and NoSQL Database is a non-tabular database and stores
can only be accessed by authorized people. One of data differently than relational tables. These data are
the best ways to protect data in a database is by stored in documents. NoSQL databases are usually
encrypting it. used for modern applications like mobile apps, web
and gaming that need flexible, scalable, high
The importance of securing data is that the database performance and highly functional databases to
could avoid risks from third parties which could provide great user experience. There are several types
damage or slow down the process of the organization of NoSQL databases which are document database,
such as the company or even the government. With key value database, wide column stores, and graph
the encrypted data it is sure that attacks such as data database. Document databases usually store data in
modification or data theft will not happen when the documents which are similar to JSON objects. Key
data are established. value database is a database where each item contains
9
International Journal of Advances in Electronics and Computer Science, ISSN (p): 2394-2835 Volume-9, Issue-2, Feb.-2022
http://iraj.in
keys and values. Wide column stores usually store who had the authority to access which means that
data in tables, rows and columns. Graph databases with the encrypted database will authenticate the
usually store data in nodes and edges. users in order to decrypt the data inside the
MongoDB database. Other than that, confidentiality
C. File Encryption should also be achieved throughout the usage of
File encryption protects individual files or file MongoDB database so that there will be secrecy of
systems by encrypting them with a specific key. The the stored data inside the database.
encrypted content is then decrypted using a key
provided by the sender of the message. By using the IV. RESEARCH FINDINGS
specific key that is provided by the sender, the
authorized parties or the receiver will have access to Encryption is an important part of data security
the encrypted content. This is so that the encrypted because it is needed to protect other people’s privacy,
content will remain confidential to unwanted parties. because if a company cannot protect their customer’s
Encryption uses an algorithm to scramble, randomize privacy and the data got breached, it means that they
or encrypt data, files, contents, etc. This process will are not a credible company. The MongoDB Data at
change messages, data, files, contents from human Rest Encryption will give the encryption of the data
readable text and convert them into incomprehensible needed to protect classified data. It uses what is called
text which is called cipher text. The goal is to prevent the envelope encryption model, which is where each
malicious or unauthorized parties from accessing files database is encrypted with different keys. The key
that are stored on the disk. Support for file encryption will be stored in the internal mongoDB key store
can be built into an operating system or file system. which is encrypted on the disk.
10
International Journal of Advances in Electronics and Computer Science, ISSN (p): 2394-2835 Volume-9, Issue-2, Feb.-2022
http://iraj.in
The picture above is what is added into the mongod the appropriate keys to decrypt the database then it is
configuration file. This is to enable encryption for the safe. The second advantage is that all database
key encryption, we do this on the 2 VMs that hold the features are still retained. When we accessed an
databases. encrypted database, all functionality still remains.
The third advantage is it has a low performance
overhead. Performance overhead is any combination
of excess or indirect computation time, memory,
bandwidth that are used to perform a specific task.
The usage of data at rest encryption is very low
around 5-10%.
Disadvantages
As there are an abundance of advantages, there are
also disadvantages. The first one being malicious root
user threat. Once a hacker gets access to the root user
(The data before encrypted) then he can change all the permissions and get access
into the encrypted database. The hacker will be able
to gain access to the key vault and extract the primary
key’s used for encryption. The next disadvantage is if
a database user is misconfigured, it can cause a threat.
If someone who does not need the permission to
access the encrypted database accidentally gets
permission, it is a data risk as someone with no
permission can access the sensitive data and use it for
other purposes. The third disadvantage is the risk of
losing keys.
V. CONCLUSION
(After)
After we added security to the database configuration, In conclusion, MongoDB Data at Rest Encryption is
we will then see that the tables in the database will beneficial for securing data in databases but with
turn into a collection of encrypted data. At this point some drawbacks. It is very useful to protect data in
the data is not in a form of plaintext anymore. databases so that even if a computer/system is
hacked, the attackers still couldn’t get the data that
they want because the data is in an encrypted form
which can only be accessed when it is decrypted by
the correct key. This can be a very good last line of
defense to protect important data from being read by
the attackers. By using the Data at Rest Encryption,
we can make sure that the important data is turned
into another form other than plain text, which anyone
except the person holding the key will be able to see
the data.
REFERENCE
Increasing Security in Mongo DB by using Percona Server
11