Research Article
BibTex RIS Cite

Cassandra ve MongoDB NoSQL Veri Tabanlarının Karşılaştırmalı Güvenlik Analizi

Year 2019, Volume: 5 Issue: 2, 1 - 11, 30.12.2019

Murat Saran Nurdan Saran

https://doi.org/10.18640/ubgmd.655489
Cited By: 1

Abstract

Bu çalışmada, MongoDB (sürüm 3.6.3) ve Cassandra (sürüm 3.11.1) NoSQL veri tabanlarının güvenliğinin çok düğümlü yapılandırmada ve iki adımda karşılaştırılmalı analiz sonuçları sunulmaktadır. İlk adımda, her iki veritabanının güvenlik özelliklerinin literatürden seçilen on farklı kritere göre karşılaştırmalı bir analizi gerçekleştirilmiştir. İkinci adımda ise, Yahoo Cloud Serving Benchmark aracını kullanarak her iki NoSQL veri tabanının veri şifreleme ve şifre çözümleme performansları karşılaştırılmıştır. Bu çalışma ile karar vericilere ve araştırmacılara NoSQL veri tabanlarının güvenlik özellikleriyle ilgili analiz sürecinde yol göstermek ve NoSQL veri tabanlarıyla ilgili en önemli güvenlik özelliklerini ortaya çıkarmak amaçlanmıştır. Güvenlik karşılaştırma sonuçları, her iki NoSQL veri tabanının da kayda değer güvenlik özelliklerine sahip olduğunu göstermektedir. Bununla birlikte, Cassandra’nın daha fazla güvenlik kriterini desteklediği ortaya çıkmıştır. Ayrıca, çalışma zamanı ve performans ile ilgili yapılan karşılaştırmada MongoDB kurumsal sürümünün şifreleme/şifre çözümleme performansının Cassandra kurumsal sürümünden ortalama %53 daha hızlı olduğu ve dakikada işleyebildiği veri miktarının ortalama %45 daha fazla olduğu bulunmuştur; bu da şifrelemenin bir gereklilik olduğu ortamlarda MongoDB’nin kullanılmasının daha uygun olduğunu göstermektedir.

Keywords

NoSQL Veri Tabanı

References

  • [1] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications,” IEEE Commun. Surv. Tutorials, vol. 17, no. 4, pp. 2347–2376, 2015.
  • [2] T. R. Rao, P. Mitra, R. Bhatt, and A. Goswami, The big data system, components, tools, and technologies: a survey, vol. 60, no. 3. Springer London, 2018.
  • [3] “List of NoSQL Database Management Systems.” [Online]. Available: https://nosql-database.org. [Accessed: 27-Nov-2019].
  • [4] Y. Abubakar, T. Sani Adeyi, and I. Gambo Auta, “Performance Evaluation of NoSQL Systems using YCSB in a Resource Austere Environment,” Int. J. Appl. Inf. Syst., vol. 7, no. 8, pp. 23–27, 2014.
  • [5] J. Klein, I. Gorton, N. Ernst, P. Donohoe, K. Pham, and C. Matser, “Performance evaluation of NoSQL databases: A case study,” in PABS 2015 - Proceedings of the 1st ACM/SPEC International Workshop on Performance Analysis of Big Data Systems, 2015, pp. 5–10.
  • [6] V. A. A, J. B. A, and P. F. B, “Which NoSQL Database? A Performance Overview,” Open J. Databases, vol. 1, no. 2, pp. 17–24, 2014.
  • [7] “DB-Engines Ranking.” [Online]. Available: https://db-engines.com/en/ranking. [Accessed: 27-Nov-2019].
  • [8] L. Okman, N. Gal-Oz, Y. Gonen, E. Gudes, and J. Abramov, “Security issues in NoSQL databases,” in Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011, 2011, pp. 541–547.
  • [9] E. Sahafizadeh and M. A. Nematbakhsh, “Advances in Computer Science ACSIJ ; an International Journal.,” Adv. Comput. Sci. an Int. J., vol. 4, no. 4, pp. 68–72, 2015.
  • [10] D. Chahal, L. Kharb, and M. Gupta, “Challenges and Security Issues of NOsql Databases,” Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol., vol. 2, no. 5, pp. 976–982, 2017.
  • [11] M.W. Grim and A.t. Wiersma, “Security and Performance Analysis of Encrypted NoSQL Databases,” University of Amsterdam, 2017.
  • [12] H. Shahriar and H. M. Haddad, “Security Vulnerabilities of NoSQL and SQL Databases for MOOC Applications Department of Information Technology Department of Computer Science,” vol. 8, no. 1, pp. 1244–1250, 2017.
  • [13] B. F. Cooper, A. Silberstein, E. Tam, R. Ramakrishnan, and R. Sears, “Benchmarking cloud serving systems with YCSB,” in Proceedings of the 1st ACM Symposium on Cloud Computing, SoCC ’10, 2010, pp. 143–154.
  • [14] E. Sahafizadeh and M. A. Nematbakhsh, “A Survey on Security Issues in Big Data and NoSQL,” Adv. Comput. Sci. an Int. J., vol. 4, no. 4, pp. 68–72, 2015.
  • [15] S. Srinivas and A. Nair, “Security maturity in NoSQL databases - Are they secure enough to haul the modern IT applications?,” 2015 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2015, pp. 739–744, 2015.
  • [16] A. Cuzzocrea and H. Shahriar, “Data masking techniques for NoSQL database security: A systematic review,” Proc. - 2017 IEEE Int. Conf. Big Data, Big Data 2017, vol. 2018-Janua, pp. 4467–4473, 2017.
  • [17] M. S. Gharajeh, “Security Issues and Privacy Challenges of NoSQL Databases,” in NoSQL Database for Storage and Retrieval of Data in Cloud, Ganesh Chandra Deka, Ed. Boca Raton: CRC Press, 2017, pp. 271–289.
  • [18] “What is MongoDB?” [Online]. Available: https://www.mongodb.com/what-is-mongodb. [Accessed: 02-May-2019].
  • [19] “What is Cassandra?” [Online]. Available: http://cassandra.apache.org/. [Accessed: 02-May-2019].
  • [20] “DataStax Enterprise.” [Online]. Available: https://docs.datastax.com/en/landing_page/doc/landing_page/current.html. [Accessed: 02-May-2019].
  • [21] R. Cattell, “Scalable SQL and NoSQL Data Stores,” SIGMOD Rec., vol. 39, no. 4, pp. 12–27, May 2011.
  • [22] “MongoDB official website - Security Checklist.” [Online]. Available: https://docs.mongodb.com/manual/administration/security-checklist/. [Accessed: 02-May-2019].
  • [23] “Cassandra official website - Security.” [Online]. Available: http://cassandra.apache.org/doc/latest/operating/security.html. [Accessed: 02-May-2019].
  • [24] “DataStax official website - DataStax 5.1 Security Guide.” [Online]. Available: https://docs.datastax.com/en/security/5.1/index.html. [Accessed: 02-May-2019].
  • [25] R. Kumar and R. R. Mary, “Comparative Performance Analysis of various NoSQL Databases : MongoDB , Cassandra and HBase on Yahoo Cloud Server,” Imp. J. Interdiscip. Res., vol. 3, no. 4, pp. 265–269, 2017.
  • [26] A. Zahid, R. Masood, and M. A. Shibli, “Security of sharded NoSQL databases: A comparative analysis,” in Conference Proceedings - 2014 Conference on Information Assurance and Cyber Security, CIACS 2014, 2014, pp. 1–8.

Year 2019, Volume: 5 Issue: 2, 1 - 11, 30.12.2019

Murat Saran Nurdan Saran

https://doi.org/10.18640/ubgmd.655489
Cited By: 1

Abstract

References

  • [1] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications,” IEEE Commun. Surv. Tutorials, vol. 17, no. 4, pp. 2347–2376, 2015.
  • [2] T. R. Rao, P. Mitra, R. Bhatt, and A. Goswami, The big data system, components, tools, and technologies: a survey, vol. 60, no. 3. Springer London, 2018.
  • [3] “List of NoSQL Database Management Systems.” [Online]. Available: https://nosql-database.org. [Accessed: 27-Nov-2019].
  • [4] Y. Abubakar, T. Sani Adeyi, and I. Gambo Auta, “Performance Evaluation of NoSQL Systems using YCSB in a Resource Austere Environment,” Int. J. Appl. Inf. Syst., vol. 7, no. 8, pp. 23–27, 2014.
  • [5] J. Klein, I. Gorton, N. Ernst, P. Donohoe, K. Pham, and C. Matser, “Performance evaluation of NoSQL databases: A case study,” in PABS 2015 - Proceedings of the 1st ACM/SPEC International Workshop on Performance Analysis of Big Data Systems, 2015, pp. 5–10.
  • [6] V. A. A, J. B. A, and P. F. B, “Which NoSQL Database? A Performance Overview,” Open J. Databases, vol. 1, no. 2, pp. 17–24, 2014.
  • [7] “DB-Engines Ranking.” [Online]. Available: https://db-engines.com/en/ranking. [Accessed: 27-Nov-2019].
  • [8] L. Okman, N. Gal-Oz, Y. Gonen, E. Gudes, and J. Abramov, “Security issues in NoSQL databases,” in Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on FCST 2011, 2011, pp. 541–547.
  • [9] E. Sahafizadeh and M. A. Nematbakhsh, “Advances in Computer Science ACSIJ ; an International Journal.,” Adv. Comput. Sci. an Int. J., vol. 4, no. 4, pp. 68–72, 2015.
  • [10] D. Chahal, L. Kharb, and M. Gupta, “Challenges and Security Issues of NOsql Databases,” Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol., vol. 2, no. 5, pp. 976–982, 2017.
  • [11] M.W. Grim and A.t. Wiersma, “Security and Performance Analysis of Encrypted NoSQL Databases,” University of Amsterdam, 2017.
  • [12] H. Shahriar and H. M. Haddad, “Security Vulnerabilities of NoSQL and SQL Databases for MOOC Applications Department of Information Technology Department of Computer Science,” vol. 8, no. 1, pp. 1244–1250, 2017.
  • [13] B. F. Cooper, A. Silberstein, E. Tam, R. Ramakrishnan, and R. Sears, “Benchmarking cloud serving systems with YCSB,” in Proceedings of the 1st ACM Symposium on Cloud Computing, SoCC ’10, 2010, pp. 143–154.
  • [14] E. Sahafizadeh and M. A. Nematbakhsh, “A Survey on Security Issues in Big Data and NoSQL,” Adv. Comput. Sci. an Int. J., vol. 4, no. 4, pp. 68–72, 2015.
  • [15] S. Srinivas and A. Nair, “Security maturity in NoSQL databases - Are they secure enough to haul the modern IT applications?,” 2015 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2015, pp. 739–744, 2015.
  • [16] A. Cuzzocrea and H. Shahriar, “Data masking techniques for NoSQL database security: A systematic review,” Proc. - 2017 IEEE Int. Conf. Big Data, Big Data 2017, vol. 2018-Janua, pp. 4467–4473, 2017.
  • [17] M. S. Gharajeh, “Security Issues and Privacy Challenges of NoSQL Databases,” in NoSQL Database for Storage and Retrieval of Data in Cloud, Ganesh Chandra Deka, Ed. Boca Raton: CRC Press, 2017, pp. 271–289.
  • [18] “What is MongoDB?” [Online]. Available: https://www.mongodb.com/what-is-mongodb. [Accessed: 02-May-2019].
  • [19] “What is Cassandra?” [Online]. Available: http://cassandra.apache.org/. [Accessed: 02-May-2019].
  • [20] “DataStax Enterprise.” [Online]. Available: https://docs.datastax.com/en/landing_page/doc/landing_page/current.html. [Accessed: 02-May-2019].
  • [21] R. Cattell, “Scalable SQL and NoSQL Data Stores,” SIGMOD Rec., vol. 39, no. 4, pp. 12–27, May 2011.
  • [22] “MongoDB official website - Security Checklist.” [Online]. Available: https://docs.mongodb.com/manual/administration/security-checklist/. [Accessed: 02-May-2019].
  • [23] “Cassandra official website - Security.” [Online]. Available: http://cassandra.apache.org/doc/latest/operating/security.html. [Accessed: 02-May-2019].
  • [24] “DataStax official website - DataStax 5.1 Security Guide.” [Online]. Available: https://docs.datastax.com/en/security/5.1/index.html. [Accessed: 02-May-2019].
  • [25] R. Kumar and R. R. Mary, “Comparative Performance Analysis of various NoSQL Databases : MongoDB , Cassandra and HBase on Yahoo Cloud Server,” Imp. J. Interdiscip. Res., vol. 3, no. 4, pp. 265–269, 2017.
  • [26] A. Zahid, R. Masood, and M. A. Shibli, “Security of sharded NoSQL databases: A comparative analysis,” in Conference Proceedings - 2014 Conference on Information Assurance and Cyber Security, CIACS 2014, 2014, pp. 1–8.
There are 26 citations in total.

Details

Primary Language Turkish
Subjects Computer Software
Journal Section Makaleler
Authors

Murat Saran

Nurdan Saran

Publication Date December 30, 2019
Submission Date December 5, 2019
Published in Issue Year 2019 Volume: 5 Issue: 2

Cite

IEEE M. Saran and N. Saran, “Cassandra ve MongoDB NoSQL Veri Tabanlarının Karşılaştırmalı Güvenlik Analizi”, UBGMD, vol. 5, no. 2, pp. 1–11, 2019, doi: 10.18640/ubgmd.655489.

Cited By

Performance Evaluation of Face Recognition System (FRS) Developed with Haar Cascade and MongoDB Integration in Recognition of Covered Faces
Bilgisayar Bilimleri ve Teknolojileri Dergisi
https://doi.org/10.54047/bibted.1339699