Security issues in data at rest in a non-relational Document Database
Modern applications required global scope and continued availability. Distributed non-relational databases are used as backend of Big Data to store operational data. Non-relational document databases are designed for high performance, scalability and availability. As increasingly sensitive, confidential, private and personal identifiable information (PII) are being stored in databases server, security issues become growing concerns. Non-relational database document databases are lack of security mechanism and data is stored as plaintext, therefore, it is possible that private, confidential and personally identifiable information data are to be disclosed to insider and outsider including intruder and malicious administrators and it is also possible exposing PII on dark web as commit identity theft and may be victim at risk. In this paper, a secure Middleware is proposed to perform the required transformation of information using modern asymmetric cryptography to provide the level of security for secure storage and access Big Data operational semi-structured data on non-relational document database in public domain. The proposed system effectively protects private, sensitive and PII data by enforcing privacy, confidentiality, and integrity of data in data at rest in the public domain.