Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Access Control on NoSQL Databases

Published

Author(s)

Vincent C. Hu

Abstract

NoSQL database systems and data stores often outperform traditional RDBMS in various aspects, such as data analysis efficiency, system performance, ease of deployment, flexibility/scalability of data management, and users' availability. However, with an increasing number of people storing sensitive data in NoSQL databases, security issues have become critical concerns. NoSQL databases suffer from vulnerabilities, particularly due to the lack of effective support for data protection, including weak authorization mechanisms. As access control is a fundamental data protection requirement of any database management system DBMS, this document focuses on access control on NoSQL database systems.
Citation
NIST Interagency/Internal Report (NISTIR) - 8504
Report Number
8504

Keywords

access control, attribute-based access control, authorization, database systems, No-SQL, SQL.

Citation

Hu, V. (2024), Access Control on NoSQL Databases, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8504, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957729 (Accessed October 12, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created May 7, 2024, Updated May 10, 2024