毕业论文

打赏
当前位置: 毕业论文 > 外文文献翻译 >

MongoDB数据库安全性英文文献和中文翻译

时间:2019-10-12 19:21来源:毕业论文
MongoDB Security[20] MongoDB provides a number of constructs to improve the security of your data. The security of your data in MongoDB is paramount - so it is important to leverage these constructs to reduce your surface area. Here are 10 t

MongoDB Security[20] MongoDB provides a number of constructs to improve the security of your data. The security of your data in MongoDB is paramount - so it is important to leverage these constructs to reduce your surface area. Here are 10 tips you can use to improve the security of your MongoDB servers on premise and in the cloud.39907
    1. Enable auth - Even if you have deployed your Mongodb servers in a trusted network it is good security practice to enable auth. It provides you "Defense in depth" if your network is compromised. Edit your mongod configuration file to enable auth.
 
    2. Don't expose your production db to the internet - Restricting physical access to your database is an important aspect of security. If it is not necessary do not expose your production database to the internet. In case of any compromise if an attacker cannot physically connect to your MongoDB server, your data is that much more secure. If you are on AWS you can place your db's in a VPC private subnet.
3. Use firewalls - Use firewalls to restrict which other entities are allowed to connect to your mongodb server. Best practice is to only allow your application servers access to the database. If you are hosted on AWS use 'Security groups' to restrict access. If you are hosted on a provider that does not support firewall constructs you can easily configure it yourself using 'iptables'.
4. Use key files to setup the replica set - Specify a shared key file to enable communication between your mongodb instances in a replica set. To enable this add the keyfile parameter to the config file as below. The contents of the file need to be the same on all the machines.
 
5. Disable HTTP status interface Mongodb by default provides a http interface running by default on port 28017 which provides the "home" status page. This interface is not recommended for production use and is best disabled. Use the "nohttpinterface" configuration setting to disable the http interface.
 
6. Disable the REST interface The monogdb REST interface is not recommended for production. It does not support any authentication. It is turned off by default. If you have turned it on using the "rest" configuration option you should turn it off for production systems.
 
7. Configure Bind_ip If your system has multiple network interfaces you can use the "bind_ip" option to restrict your mongodb server to listen only on the interfaces that are relevant. By default mongodb will bind to all the interfaces.
 
    8. Enable SSL - If you don't use SSL your data is traveling between your Mongo client and Mongo server unencrypted and is susceptible to eavesdropping, tampering and "man in the middle" attacks. This is especially important if you are connecting to your Mongodb server over unsecure networks like the internet.
9. Role based authorization - MongoDB supports role based authentication to give you fine grained control over the actions that can be performed by each user. Use role based constructs to restrict access instead of making all your users admins.
10. Enterprise MongoDB & Kerberos Enterprise mongodb integrates with Kerberos for authentication. Refer to the mongodb documentation for more details. Username/password systems are inherently insecure - use kerb based authentication if possible.
B.原文的翻译
MongoDB安全性
    MongoDB提供了大量的结构来提高数据的安全性。在MongoDB数据库下,数据的安全是至关重要的。那么MongoDB又是如何减少数据曝光面的呢?答案就是利用组件结构。这里有10个技术手段可以用来改善MongoDB服务器的安全性。
1.启用身份验证
即使是在信誉良好的网络环境中,对服务器进行部署,启用Auth--身份验证也是一个很好的实践。如果你的网络被破坏,它可以为你提供了“深层防御”。编辑你的Mongod配置文件来启用你的身份验证。论文网 MongoDB数据库安全性英文文献和中文翻译:http://www.751com.cn/fanyi/lunwen_40618.html
------分隔线----------------------------
推荐内容