MongoDB has added numerous built-in security features. However, it is the responsibility of the database administrator to take advantage of what MongoDB provides. Using these security features will greatly increase the likelihood that data is protected.
However, when we talk about security, MongoDB is very weak. Authentication and Encryption do not exist and are very weak when it is implemented. Security with data is the most essential part of any system, as there is a lot of user-related sensitive information stored in the databases, and this raises the concern of confidentiality and privacy of the data and security provided by these systems.
In this article, we learn about the security features of MongoDB, provide a brief overview of the database functionality, and discuss how these security flaws can be improved.
MongoDB
MongoDB is a schema-less database that is built in C++ programming language and is widely based on the concept of document-oriented databases. By document-like database, it means that it manages data (also called collections) in JSON-like documents.
The advantage of this is data can be stored in the same schema without having to traverse through varied tables as done in RDMBS or simply using fewer “JOIN” operations. Complex data can be stored in nested hierarchies and still be query-able and index-able. Every collection has Attributes pertaining to the requirement and user-specific.
Features of MongoDB
There are some features of MongoDB, which are as follows:
Data Model: A collection is equivalent to a table if we compare it to a traditional RDBMS(Relational Database Management System), and a collection stores sets of documents. Documents are equal to a group of fields. Every document can be attributed to a row in a collection.
Any document can store static string data or complex data structures like lists or other documents, making it faster to look up in case of extended design and embedded design. Every document has a system-generated „_id‟ and can be queried using that or any attribute within a document.
(Application programming interface) API: MongoDB uses a RESTful API, which means it uses ( Hypertext Transfer Protocol) HTTP requests to post, read, and delete data. A Mongo Query language retrieves specific documents from a database collection.
For example, query {name: {first: Alankrit, last: Chaturvedi}} to retrieve particular documents. It is understood that if we are querying like the above example, we have the fields „name,‟ „first,‟ and „last.‟
Architecture: A MongoDB cluster is made of one or more shards. By shards, it means a part that holds a portion of the total data. Sharding is managed automatically and is backed with a replica set that stores the data set. If the primary server goes down, it is backed up with a secondary server and thus provides consistency.
To dig deeper, all writes, and consistent reads go to the primary server, and all consistent reads are distributed among the secondary servers.
Attacks on MongoDB
Most organizations that use MongoDB as a service have reported the following attacks in high frequency.
Injection Attack: A potential attack was JavaScript injection attacks. It turns out organizations have been victims of these attacks. MongoDB API works with BSON (Binary JSON) calls, including a BSON query assembly tool. However, JavaScript expressions and un-serialized JSON are allowed in several query parameters, which has made it vulnerable.
DoS Attack: For any attacker to fetch data from MongoDB, if they get their hands on valid user credentials, they don't have to be an admin to carry out attacks since there is no authentication and authorization.
XSS Attacks: If attackers insert random JavaScript code, they have successfully attacked and stolen sensitive information. MongoDB allows scripting using JavaScript for the database layer and for the client to fetch data.
Best Practice for Securing MongoDB
The built-in MongoDB security features prevent popular database attacks: authentication, authorization, encryption, auditing, network exposure, and injection prevention. As noted below, not all of these features are completely effective; at the very least, many result in decreased database speed.
MongoDB security can be enhanced without switching to the Enterprise version. The below-mentioned steps are employed by most companies and work in reducing most of the attacks:-
Authentication
The authentication of a user is vital in any database implementation. Determining who the user is allows for authorization and other security measures to be applied appropriately.
MongoDB uses SCRAM-SHA-1(Salted Challenge Response Authentication Mechanism)- (Secure Hash Algorithm 1) as the default method for user authentication. The Internet Engineering Task Force (IETF) established SCRAM-SHA-1 to formally define how to implement a challenge-response mechanism that authenticates users with passwords securely.
However, it is important to understand that SHA-1 (Secure Hash Algorithm 1) is still vulnerable to attacks. However, it is not built-in. Choosing the best built-in MongoDB authentication method depends on the specific situation.
Investing in the MongoDB Enterprise edition is a reasonable option for large-scale organizational use of MongoDB. The enterprise edition of MongoDB unlocks more authentication methods, such as Kerberos Authentication and Lightweight Directory Access Protocol (LDAP) Proxy Authentication.
Authorization
Authentication is a prerequisite for authorization. Now that unique instances of users can be reliably identified, each user can be assigned predefined roles. Roles are used to grant users access to different MongoDB resources.
Roles can be defined in the admin database and describe all user's privileges over specific databases and collections. Roles can inherit rights from other roles to expand on legal user actions. Database administrators have the responsibility of creating new users and assigning them roles. Administrators have the power to use MongoDB built-in roles or can create roles for a specific purpose.
TLS/SSL encryption
MongoDB also supports transport encryption, such as TLS/SSL, to encrypt network traffic. The implementation of TLS/SSL uses OpenSSL libraries, only using SSL ciphers that use a key that is at least 128-bit in length. X. 509 certificates support SSL and TLS.
Clients can use the certificates to authenticate users instead of using usernames and passwords. While MongoDB can use a valid certificate from a trusted server, self-signed certificates are best not considered because they may lead to improper verification of the server identity and to avoid man-in-the-middle attacks.
Hardening the MongoDB database
Hardening means adding security layer by layer. There can be many hardening ways in MongoDB. The most essential is network hardening with firewalls and VPNs.
Enabling access control and using any of the authentication mechanisms mentioned. Each instance of the cluster should be individually configured.
Administrator users should always be created first. Additional users can be added as per usage.
All communications between mongos and mongod instances should be encrypted using TLS/SSL.
MongoDB should be run in a trusted network. The database should not be allowed to be routable to a public network, even if it is residing inside a private network. Interfaces should be limited to prevent a bad actor from moving the data.
Track data movement and changes using auditing.
Understanding roles and assigning correct privileges.
Creating a user specific to the use case of the application. For example – for a user to run an application, the user should be given the least privileges, and for a user to run analytics, a user with read-only access should be given. There is a clear isolation and separation of roles in this case.
Use IP filtering to provide better access to the people using the environment.
Frequently Asked Questions
What is DBMS?
A database management system (DBMS) is a system software used for creating and managing databases. A DBMS makes it possible for end users to create, read, update, and delete data in a database.
What is Hash-based Sharding?
Documents are uniformly distributed according to an MD5 hash of the shard key value. This approach guarantees a uniform distribution of writes across shards but is less optimal for range-based queries.
What is the TTL index?
Time to Live (TTL) indexes allow the user to specify a period of time after which the data will automatically be deleted from the database. A common use of TTL indexes is for applications that maintain a rolling window of history for user actions, such as clickstreams.
Conclusion
In this article, we learn about MongoDB, Features of MongoDB. We also know attacks on MongoDB and also best Practices for Securing MongoDB. We concluded the article by discussing the definition, features, and Best Practices for Securing MongoDB.