NoSQL DATABASES - KTH-SEECS Applied Information Security Lab

Download Report

Transcript NoSQL DATABASES - KTH-SEECS Applied Information Security Lab 

“INTEROPERABILITY AMONG
NoSQL DATABASES IN CLOUD”
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
AGENDA
1
Overview
2
Introduction
Challenges & Motivations
3
4
5
KTH
Applied
Information
Security
Lab
6
7
8
9
Literature Survey
Problem Statement
Architecture & Workflow
Standards & Technologies
Roadmap
References
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
OVERVIEW OF CLOUD
COMPUTING
On-demand
Self Services
Broad Network
Access
Rapid
Elasticity
Measured
Services
Resource Pooling
Software-as-aservice
KTH
Applied
Information
Security
Lab
Public
Platform-as-aservice
Private
Hybrid
Infrastructureas-a-service
Community
Reference: http://cloudblueprint.wordpress.com/cloud-taxonomy/
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
DBaaS
“A
managed service on cloud, offered on a pay-per-usage basis, that
provides on-demand access to a database for the storage of
application data”- Cloud Computing: Methodology, Systems, and
Applications by Lizhe Wang, Rajiv Ranjan, Jinjun Chen, Boualem
Benatallah..
DBMSs are extremely complex to deploy, setup, and maintain
Relieves
application developers from burden of managing and monitoring
performance
KTH
Applied
Information
Security
Lab
Physically launching a virtual machine instance is not needed
Installing and maintaining the database by application owners
required
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
is not
ADVANTAGES
Increased
Accessibility
Automatic
Failover
Fast Automated
Recovery From
Failures
Automated
on-the-go
Scaling
KTH
Applied
Information
Security
Lab
EXAMPLES
Amazon
SimpleDB
NoSQL key-value
stores
Amazon
Relational
Database
Minimal
Investment
DynamoDB
Potentially
Better
Performance
Google’s Big
Table
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
CLOUD DBaaS CHALLENGES
Data
Security
Network
Security
Heterogeneous
Environment
Multi-tenancy
KTH
Applied
Information
Security
Lab
Outside Attackers
Loss of Control
Data Replication
& Consistency
Management
Data
Sanitization
Auditing &
Monitoring
Scalability
Query and
Transactional
Loads
Interoperability
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
DATA INTEROPERABILITY
Ability of making systems and organizations to
work together (inter-operate)-Interoperability
Definition:
“A database front-end which communicates
with multiple heterogeneous databases and makes
them appear as a single homogenous entity with
semantic calls”- Encyclopedia
KTH
Applied
Information
Security
Lab
Data and queries of one database system made
usable by the users of another database system.
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
NoSQL DATABASES
•BIG data.
•Simplicity of design (Flexible data model)
•Horizontal scaling
•Finer control over availability
•Economics
Column
Value
Store
KTH
Applied
Information
Security
Lab
Document
Oriented
Key-value
stores
Graph
Database
CATEGORIES
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
INDUSTRIAL SURVEY
“It is possible we will see standards begin
to emerge, both in on-the-wire protocols
and perhaps in query languages, allowing
interoperability between NoSQL database
technologies similar to the kind of
interoperability we’ve seen with SQL and
relational database technology.”
KTH
Applied
Information
Security
Lab
Reference: http://www.odbms.org/blog/2011/03/the-evolving-market-for-nosql-databases-interview-with-james-phillips/
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
“Every week, I talk to people that
are considering replacing an
existing database infrastructure
with the NoSQL databases,” said
David Rosenthal, co-founder and
engineer at FoundationDB
KTH
Applied
Information
Security
Lab
“Companies have a desire to not
operate four or five or six
databases”
Reference: http://www.infoworld.com/t/nosql/nosqls-real-time-analytics-database-consolidation-entice-enterprises-225396
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
LITERATURE SURVEY
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
1. Cloud Databases: A Paradigm Shift in
Databases


Cloud computing has become a reality due to its lesser cost, scalability and pay-asyou-go model.
NoSQL databases have become synonym for Cloud databases.
Challenges
to develop
Cloud Databases
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
Amazon S3
/SimpleDB
Google
App’s
Bigtable
MongoDB
Cloud
Databases in
Industries
CoucheDB
KTH
Applied
Information
Security
Lab
Dynamo
MapReduce
Hadoop
Windows
Azure
Reference: Cloud Databases: A Paradigm Shift in Databases By Indu Arora1 and Dr. Anu Gupta2, IJCSI, Vol. 9,
Issue 4, No 3, July 2012
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
2. Hibernating in the Cloud – Implementation
and Evaluation of Object-NoSQL -Mapping
Problem:
Object-relational impedance
mismatch
KTH
Applied
Information
Security
Lab
Vulnerability:
Not usable for other categories of
NoSQL databases.
Hibernate along with life cycle
management is re-implemented.
Solution:
Non-relational approach which
integrates NoSQL support in
hibernate (Key Value-RIAK)
Improvement:
Hibernate OGM
Usable for other NoSQL
categories.
Reference: Florian Wolf, Heiko Betz, Francis Gropengießer, and Kai-Uwe Sattler,” Hibernating in the Cloud –
Implementation and Evaluation of Object-NoSQL-Mapping”, 2011.
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
3. SOS (Save Our Systems): A uniform
programming interface for non-relational systems
KTH
Applied
Information
Security
Lab
Problem:
Heterogeneity of languages
and interfaces offered by
NoSQL systems
Solution:
Common interface and hides
all underlying details of every
NoSQL database
Vulnerability:
Not for Cloud
Allows put, delete and get
methods only.
Only for 3 NoSQL databases
Improvement:
Hibernate OGM
Cloud
Usable for other NoSQL
databases
Reference: Paolo Atzeni, Francesca Bugiotti, Luca Rossi , “SOS (Save Our Systems): A uniform programming interface for
non-relational systems”, EDBT Berlin Germany, March 2012.
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
4. ONDM: an ObjectNoSQL Datastore Mapper
KTH
Applied
Information
Security
Lab
Problem:
Heterogeneity of NoSQL
databases (Different data
models and API’s)
Solution:
ONDM- Layered architecture ,
uniform programming interface
and transparent access to
different NoSQL stores
Vulnerability:
Not for Cloud, Only for Apache
Cassandra, Couchebase,
MongoDB, Oracle NoSQL and
Redis, Implement separate
connector for every data store
Improvement:
Implement for Cloud, Hibernate
OGM ,
Usable for other NoSQL
databases (whole category)
Reference: Luca Cabibbo, “ONDM: an ObjectNoSQL Datastore Mapper”, 2013.
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
PROBLEM STATEMENT
KTH
Applied
Information
Security
Lab
•
Businesses and other organizations are increasingly
adopting DBaaS to handle large data set applications in
Cloud. However, there are numerous issues causing
hindrance in the successful adoption of DBaaS. These issues
are not holistically surveyed and there is a requisite need to
properly explore those issues.
•
Several NoSQL databases exist which are becoming
essential in the cloud infrastructure but they are prone to a
legitimate problem of heterogeneous languages and
interfaces offered to developers and users for accessing
database
services.
This
unfortunately
cause
interoperability issues .
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
MOTIVATION
Security
Module
Common
Interface
Generic
Modeling
Approach
KTH
Applied
Information
Security
Lab
Different interfaces (Data models & API’s)
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
PROPOSED SYSTEM ARCHITECTURE
APPLICATION
(OBJECT MODEL)
Interacts
with
Hibernate API
Query Engine
Handler
KTH
Applied
Information
Security
Lab
Handler
Handler
Handler
Object NoSQL
Mapping
NoSQL Data Store
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
CONTRIBUTION
KTH
Applied
Information
Security
Lab

Highlight all the potential issues and limitations and
suggest latest research, developments and R&D
solutions to benefit the computing community.

Address interoperability issue among cross-domain
Cloud DBaaS. To give proof of concept, we are aiming to
provide a secure solution for transparent access of
underlying heterogeneous NoSQL data stores
particularly related to column oriented family.
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
TOOLS & TECHNOLOGIES





KTH
Applied
Information
Security
Lab

Java (Eclipse)
Hibernate OGM
OR Mapping
NoSQL System
OpenStack/Amazon
Java Security Annotations
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
ROADMAP
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
REFERENCES
i.
ii.
iii.
iv.
v.
vi.
vii.
viii.
KTH
Applied
Information
Security
Lab
ix.
x.
xi.
http://www.dbta.com/Articles/Editorial/Trends-and-Applications/The-Rise-of-theCloud-Database-88941.aspx
http://www.itsabhik.com/cloud-database-advangates-and-disadvantages/
http://en.wikipedia.org/wiki/Cloud_database
http://www.itbusinessedge.com/slideshows/show.aspx?c=96438
http://searchitchannel.techtarget.com/tip/DBaaS-pros-and-cons-for-solutionproviders
http://blogs.vmware.com/vfabric/2012/08/why-dbaas-6-trends-pushing-database-asa-service.html
http://dbaas.wordpress.com/2008/05/14/what-exactly-is-database-as-a-service/
http://www.infoworld.com/d/cloud-computing/data-interoperability-challenge-cloudcomputing-259
http://www-db.ics.uci.edu/pages/research/das/
http://www.disasterresource.com/index.php?option=com_content&view=article&id=335%3Afacing-thechallenge-of-data-interoperability&catid=9%3Acrisis-response&Itemid=15
Yvette E. Gelogo1andSunguk Lee, Pohang, Gyeongbuk, Korea, “Database Management
System as a Cloud Service “, International Journal of Future Generation Communication
and Networking Vol. 5, No. 2, June 2012
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
REFERENCES (Cont..)
http://www.disaster
resource.com/index.php?option=com_content&view=article&id=335%3Afacing-thechallenge-of-data-interoperability&catid=9%3Acrisis-response&Itemid=15
xiii. http://docs.huihoo.com/oracle/enterprisemanager/12c/doc.121/e28814/cloud_db_overview.htm
xiv. vFabric Team ,”Why DBaaS? 5 Trends Pushing Database as a Service”, August 24, 2012,
Available: http://blogs.vmware.com/vfabric/2012/08/why-dbaas-6-trends-pushingdatabase-as-a-service.html
xv. David Linthicum | InfoWorld , “Interoperable Database”, January 12, 2010, Available:
http://dictionary.reference.com/browse/interoperable+database.
xvi. “The data interoperability challenge for Cloud computing “, Available:
http://www.infoworld.com/d/Cloud-computing/data-interoperability-challengeCloud-computing-259.
xvii. Bob Buda, http://www.budaconsulting.com/blog/bid/60156/Database-SecurityIssues-in-the-Cloud-Part-1, Mon, Mar 07, 2011
xviii. “Cloud Tweaks, “A Hitchhikers Guide to the Cloud – Database Challenges To Consider”,
September 13, 2012.
xix. CLOUD SECURITY ALLIANCE, “Top Ten Big Data Security and Privacy Challenges”,
November 2012
xii.
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
REFERENCES (Cont..)
xxi.
xxii.
xxiii.
xxiv.
xxv.
Zhizhong Zhang, Chuan Wu, David W.L. Cheung, “A Survey on Cloud Interoperability:
Taxonomies, Standards, and Practice”, Performance Evaluation Review, Vol. 40, No. 4,
March 2011, pp. 13-22
Elena Ferrari, “Database as a Service: Challenges and Solutions for Privacy and
Security”, IEEE Asia-Pacific Services Computing Conference (IEEE APSCC), 2009, pp. 4651
Imal Sakhi, “Databases Security in Cloud”, 2012
Carrenza, “DATABASE AS A SERVICE”, Available: http://carrenza.com/services/usecases/database-as-a-service/
Zhizhong Zhang, Chuan Wu, David W.L. Cheung, “A Survey on Cloud Interoperability:
Taxonomies, Standards, and Practice”, Performance Evaluation Review, Vol. 40, No. 4,
March 2011, pp. 13-22
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad
KTH
Applied
Information
Security
Lab
Department of Computing, School of Electrical
Engineering and Computer Sciences, NUST Islamabad