Analysis on Database Security Model Against NOSQL Injection

Authors(2) :-S. Priyadharshini, R. Rajmohan

Nowadays, Attackers analyse the NOSQL data structure and inject malicious code as well as perform cross-site request forgery attacks. Study a Database Protection System which is used between the dynamic application and database. The Data centric security model is used for encrypting data before storing into database repository. Mobile users across an untrusted network are authenticated through Kerberos. The testing on NOSQL injections performed with JavaScript and PHP is studied.

Authors and Affiliations

S. Priyadharshini
Computer science and engineering, Anna University/IFET College of Engineering, Villupuram, Tamil Nadu, India
R. Rajmohan
Computer science and engineering, Anna University/IFET College of Engineering, Villupuram, Tamil Nadu, India

NOSQL, Mongo DB, Security, Kerberos.

  1. Suna Yin, Dehua Chen, Jiajin Le,China, 2016 IEEE,"STNOSQL Creating NOSQL Database on the SensibleThings Platform.
  2. Boyu Hou, Kai Qian, Lei Li, Yong Shi, Lixin Tao, Jigang Liu, USA, 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing ,"Mongo Database NOSQL Injection Analysis and Detection".
  3. Anam Zahid, Rahat Masood, Muhammad Awais Shibli, 2014 Conference on Information Assurance and Cyber Security (CIACS)," Security of Sharded NOSQL Databases"
  4. Aviv Ron, Alexandra Shulman-Peleg, Emanuel Bornstein, "NO SQL, NO Injection-Examining NOSQL".
  5. Loir Okman, Nurit Gal-Oz, Yaron Gonen, Ehud Gudes, Jenny Abramov, 2011 International Joint Conference of IEEE TrustCom-11/IEEE-11/FCST-11, "Security issues in NOSQL Databases ".
  6. Preecha Noiumkar and Tawatchai Chomsiri "A Comparison the Level of Security on Top 5 Open Source NOSQL Databases".
  7. NOSQL Injection for Mongodb: https://github.com/cr0hn/nosqlinjection_wordlists
  8. Injection attacks on Mongodb: https://www.quora.com/Why-are-injection-attacks-not-possible-on-MongoDB

Publication Details

Published in : Volume 2 | Issue 2 | March-April 2017
Date of Publication : 2017-04-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 168-171
Manuscript Number : CSEIT172229
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

S. Priyadharshini, R. Rajmohan, "Analysis on Database Security Model Against NOSQL Injection", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 2, Issue 2, pp.168-171, March-April.2017
URL : http://ijsrcseit.com/CSEIT172229

Follow Us

Contact Us