Security and Performance Analysis of (Encrypted) NoSQL Databases

From Master Projects
Jump to: navigation, search


About Security and Performance Analysis of (Encrypted) NoSQL Databases


Description

It has been shown that encryption over SQL data gives a performance penalty of the range 6-26% [1,2]. In return, the SQL databases ensures confidentiality/privacy against malicious users such as "curious database admins" by protecting not only data but also the logs [3]. In this thesis, we will look at the same problems from the window of NoSQL databases. NoSQL databases are frequently used in Big Data applications thanks to their scalability in certain types of data (often less structured) [4]. There are many freely available NoSQL databases such as MongoDB[5] and Cassandra[6] that support "encryption at rest". We will try to answer the following questions over the selected databases in this thesis: - What are the possible weaknesses and strengths in terms of security? - What is the performance of the selected databases over a variety of encryption schemes? - What are the possible remedies/optimizations to the first two questions?

References: [1] http://www.databasejournal.com/features/mssql/article.php/3815501/Performance-Testing-SQL-2008146s-Transparent-Data-Encryption.htm [2] Raluca A. Popa, Catherine M. S. Redfield, Nickolai Zeldovich, Hari Balakrishnan: CryptDB: protecting confidentiality with encrypted query processing. SOSP 2011: 85-100 [3] https://en.wikipedia.org/wiki/NoSQL [4] https://www.mongodb.org/ [5] http://cassandra.apache.org/